Shadowsocks-libev: ss-redir不能正常工作

Created on 27 Jun 2016  ·  4Comments  ·  Source: shadowsocks/shadowsocks-libev

我根据这里面的 https://hong.im/ 的配置,设置了ipset, 并且配置了dnsmasq, 使其生效,然后重定向到ss-redir监听的端口。

但是,我发现并ss-redir并没有打印收到任何请求的日志。所以, 我想知道如何调试ss-redir ?
只有如下日志:

2016-06-27 17:41:07 INFO: initializing ciphers... aes-256-cfb
 2016-06-27 17:41:07 INFO: tcp port reuse enabled
 2016-06-27 17:41:07 INFO: listening at 0.0.0.0:10800

主题思想是:仅将需要重定向到国外的请求,重定向到国外。国内的请求走默认的路由。

配置命令:
ipset -N setmefree iphash
iptables -t nat -A PREROUTING -p tcp -m set --match-set setmefree dst -j REDIRECT --to-port 1080

shadowsocks.json:

{
    "server": "xx.xx.xxx",
    "server_port": 443,
    "local_port": 1080,
    "password": "-------",
    "timeout": 60,
    "method": "aes-256-cfb"
}

添加conf-dir=/etc/dnsmasq.d
建立/etc/dnsmasq.d目录并添加测试文件test.conf

server=/.google.com/208.67.222.222#443
server=/.google.com.hk/208.67.222.222#443
server=/.gstatic.com/208.67.222.222#443
server=/.google.com/208.67.222.222#443
server=/.google.com.hk/208.67.222.222#443
server=/.gstatic.com/208.67.222.222#443
server=/.ggpht.com/208.67.222.222#443
server=/.googleusercontent.com/208.67.222.222#443
server=/.appspot.com/208.67.222.222#443
server=/.googlecode.com/208.67.222.222#443
server=/.googleapis.com/208.67.222.222#443
server=/.gmail.com/208.67.222.222#443
server=/.google-analytics.com/208.67.222.222#443
server=/.youtube.com/208.67.222.222#443
server=/.googlevideo.com/208.67.222.222#443
server=/.youtube-nocookie.com/208.67.222.222#443
server=/.ytimg.com/208.67.222.222#443
server=/.blogspot.com/208.67.222.222#443
server=/.blogger.com/208.67.222.222#443
server=/.google.co.jp/208.67.222.222#443
server=/.google.co.uk/208.67.222.222#443


ipset=/.google.com/setmefree
ipset=/.google.com.hk/setmefree
ipset=/.gstatic.com/setmefree
ipset=/.ggpht.com/setmefree
ipset=/.googleusercontent.com/setmefree
ipset=/.appspot.com/setmefree
ipset=/.googlecode.com/setmefree
ipset=/.googleapis.com/setmefree
ipset=/.gmail.com/setmefree
ipset=/.google-analytics.com/setmefree
ipset=/.youtube.com/setmefree
ipset=/.googlevideo.com/setmefree
ipset=/.youtube-nocookie.com/setmefree
ipset=/.ytimg.com/setmefree
ipset=/.blogspot.com/setmefree
ipset=/.blogger.com/setmefree
ipset=/.google.co.jp/setmefree
ipset=/.google.co.uk/setmefree

经过以上配置后,ss-redir并没有将请求重定向到外网的服务器。

cannot reproduce
Source
picture qianguozheng

Most helpful comment

路由器启动ss-redir时 -b 0.0.0.0

picture wongsyrone on 27 Jun 2016
👍3

All 4 comments

iptables -t nat -A PREROUTING -p tcp -m set --match-set setmefree dst -j REDIRECT --to-port 10800

wongsyrone picture wongsyrone on 27 Jun 2016

@wongsyrone 这个重定向的命令有什么问题吗?

如果你的意思是修改端口,这个我测试过,没有效果。

qianguozheng picture qianguozheng on 27 Jun 2016

Try this: https://github.com/shadowsocks/openwrt-shadowsocks

madeye picture madeye on 27 Jun 2016

路由器启动ss-redir时 -b 0.0.0.0

wongsyrone picture wongsyrone on 27 Jun 2016
👍3
Was this page helpful?
0 / 5 - 0 ratings

Related issues

zent00 picture zent00  ·  3Comments
msdurex picture msdurex  ·  3Comments
blackgear picture blackgear  ·  3Comments
alfal picture alfal  ·  3Comments
jzp820927 picture jzp820927  ·  3Comments