Xray-core icon indicating copy to clipboard operation
Xray-core copied to clipboard
verified publisher icon XTLS

outbound走的ssh socks代理到公司的内网,当DNS走代理时,即8.8.8.8走socks到公司内网去请求时,日志显示连接失败

Open QDFish opened this issue 2 years ago • 2 comments

2024/01/31 09:29:21 [Info] [950947282] transport/internet/tcp: dialing TCP to tcp:127.0.0.1:xxxxx 2024/01/31 09:29:21 27.148.64.158:2244 accepted tcp:adservice.google.com.hk:443 [in_company >> proxy] 2024/01/31 09:29:21 [Info] app/dns: failed to lookup ip for domain www.google.com at server UDP:1.1.1.1:53 > context deadline exceeded

config { "log": { "loglevel": "info" }, "inbounds":[ { "tag": "transparent", "port":xxxxx, "protocol":"dokodemo-door", "settings":{ "network":"tcp,udp", "followRedirect":true }, "sniffing":{ "enabled":true, "destOverride":[ "http", "tls" ] }, "streamSettings":{ "sockopt":{ "tproxy":"tproxy", "mark":255 } } }, { "port":xxxxx, "protocol":"shadowsocks", "settings":{ "method":"aes-256-gcm", "password":"Zzg18344986.", "networks":"tcp,udp", "ota":true }, "sniffing": { "enable": true, "destOverride": ["http", "tls"] }, "tag":"in_company" } ], "outbounds":[ { "tag":"proxy", "protocol":"socks", "settings":{ "servers":[ { "address":"127.0.0.1", "port":xxxxx } ] }, "streamSettings":{ "sockopt":{ "mark":255 } } }, { "tag":"direct", "protocol":"freedom", "settings":{ "domainStrategy":"UseIP" }, "streamSettings":{ "sockopt":{ "mark":255 } } }, { "tag":"block", "protocol":"blackhole", "settings":{ "response":{ "type":"http" } } }, { "tag":"dns-out", "protocol":"dns", "streamSettings":{ "sockopt":{ "mark":255 } } } ], "dns":{ "servers":[ { "address":"223.5.5.5", "port":53, "domains":[ "geosite:cn" ] }, { "address":"8.8.8.8", "port":53, "domains":[ "geosite:geolocation-!cn" ] }, { "address":"1.1.1.1", "port":53, "domains":[ "geosite:geolocation-!cn" ] } ] }, "routing":{ "domainStrategy":"IPOnDemand", "rules":[ { "type":"field", "inboundTag":[ "transparent" ], "port":53, "network":"udp", "outboundTag":"dns-out" }, { "type":"field", "inboundTag":[ "transparent" ], "port":123, "network":"udp", "outboundTag":"direct" }, { "type":"field", "ip":[ "223.5.5.5" ], "outboundTag":"direct" }, { "type":"field", "ip":[ "8.8.8.8", "1.1.1.1" ], "outboundTag":"proxy" }, { "type":"field", "domain":[ "geosite:category-ads-all" ], "outboundTag":"block" }, { "type":"field", "protocol":[ "bittorrent" ], "outboundTag":"direct" }, { "type":"field", "ip":[ "geoip:private", "geoip:cn" ], "outboundTag":"direct" }, { "type":"field", "domain":[ "geosite:cn" ], "outboundTag":"direct" } ] } }

nft 已经关闭透明代理,只走ssr 到s的路径,匹配使用1.1.1.1的dns服务,但是走proxy会失败,8.8.8.8也一样,最终只能走freedom的223.5.5.5

QDFish avatar Jan 31 '24 09:01 QDFish

公司内网的socks服务器地址是127.0.0.1?

slinar avatar Feb 01 '24 06:02 slinar

公司内网的socks服务器地址是127.0.0.1? 公司内网被我走了ssh tunnel ,不过没事了,我解决了,在布一个服务端的v2ray ,outbound走freedom就好了

QDFish avatar Feb 03 '24 10:02 QDFish

solved

yuhan6665 avatar Mar 07 '24 02:03 yuhan6665