V2ray-core: V2Ray服务端Invalid User错误(TLS+WebSocket,id/alterid/时间 均已自查无误)
1) 你正在使用哪个版本的 V2Ray?(如果服务器和客户端使用了不同版本,请注明)
4.18.0
2) 你的使用场景是什么?比如使用 Chrome 通过 Socks/VMess 代理观看 YouTube 视频。
使用 Chrome 通过 Socks/VMess 代理浏览网页和观看视频
3) 你看到的不正常的现象是什么?(请描述具体现象,比如访问超时,TLS 证书错误等)
客户端无法与服务端连接,在服务端error_log中有Invalid User日志
4) 你期待看到的正确表现是怎样的?
能正常通过代理上网。
5) 请附上你的配置(提交 Issue 前请隐藏服务器端IP地址)。
服务器端配置:
{
"log": {
"access": "/var/log/v2ray_access.log",
"error": "/var/log/v2ray_error.log",
"loglevel": "debug"
},
"api": {
"tag": "api",
"services": []
},
"dns": {
"hosts": {},
"servers": ["8.8.8.8", "8.8.4.4", "localhost"],
"tag": "dns_inbound"
},
"routing": {
"domainStrategy": "AsIs",
"rules": [
{
"type": "field",
"protocol": ["bittorrent"],
"outboundTag": "forbidden"
}
],
"balancers": []
},
"policy": {
"levels": {
"0": {
"handshake": 4,
"connIdle": 300,
"uplinkOnly": 2,
"downlinkOnly": 5,
"statsUserUplink": false,
"statsUserDownlink": false,
"bufferSize": 102400
}
},
"system": {
"statsInboundUplink": false,
"statsInboundDownlink": false
}
},
"reverse": {},
"inbounds": [
{
"port": 6000,
"listen": "0.0.0.0",
"protocol": "vmess",
"settings": {
"clients": [
{
"id": "918f4d1e-60ba-4820-ab3b-dc2fcb789f5e",
"level": 0,
"alterId": 16
}
]
},
"streamSettings": {
"wsSettings": {}
},
"tag": "vmess_in",
"sniffing": {
"enabled": false,
"destOverride": ["http", "tls"]
},
"allocate": {
"strategy": "always"
}
}
],
"outbounds": [
{
"sendThrough": "0.0.0.0",
"protocol": "Blackhole",
"settings": {},
"tag": "forbidden",
"streamSettings": {},
"mux": {}
},
{
"sendThrough": "0.0.0.0",
"protocol": "Freedom",
"settings": {
"domainStrategy": "AsIs",
"userLevel": 0
},
"tag": "freedom",
"streamSettings": {},
"mux": {}
}
],
"transport": {
"tcpSettings": {},
"kcpSettings": {},
"wsSettings": {
"path": "/download",
"headers": {
"Host": "baidu.com"
}
},
"httpSettings": {},
"dsSettings": {},
"quicSettings": {}
}
}
客户端配置:
客户端配置由V2RayW工具生成
{
"dns": {
"servers": [
"localhost"
]
},
"inbounds": [
{
"port": 1081,
"listen": "127.0.0.1",
"settings": {
"udp": true
},
"protocol": "socks"
},
{
"port": 8001,
"listen": "127.0.0.1",
"protocol": "http"
}
],
"log": {
"error": "C:\\Users\\fourstring\\Downloads\\V2RayW\\log\\error.log",
"access": "C:\\Users\\fourstring\\Downloads\\V2RayW\\log\\access.log",
"loglevel": "debug"
},
"outbounds": [
{
"sendThrough": "0.0.0.0",
"mux": {
"enabled": false,
"concurrency": 8
},
"protocol": "vmess",
"settings": {
"vnext": [
{
"address": "xxx.com",
"users": [
{
"id": "918f4d1e-60ba-4820-ab3b-dc2fcb789f5e",
"alterId": 16,
"security": "aes-128-gcm",
"level": 0
}
],
"port": 443
}
]
},
"tag": "vmess outbound",
"streamSettings": {
"wsSettings": {
"path": "/download",
"headers": {
"Host": "baidu.com"
}
},
"quicSettings": {
"key": "key",
"security": "none",
"header": {
"type": "none"
}
},
"tlsSettings": {
"allowInsecure": false,
"alpn": [
"http/1.1"
],
"serverName": "xxx.com",
"allowInsecureCiphers": false
},
"httpSettings": {
"host": [
""
],
"path": ""
},
"kcpSettings": {
"header": {
"type": "none"
},
"mtu": 1350,
"congestion": false,
"tti": 50,
"uplinkCapacity": 5,
"writeBufferSize": 2,
"readBufferSize": 2,
"downlinkCapacity": 20
},
"tcpSettings": {
"header": {
"type": "none"
}
},
"security": "tls",
"network": "ws",
"sockopt": {}
}
}
],
"routing": {
"name": "全部使用主服务器",
"domainStrategy": "AsIs",
"rules": [
{
"type": "field",
"port": "0-65535",
"outboundTag": "vmess outbound"
}
]
}
}
6) 请附上出错时软件输出的错误日志。在 Linux 中,日志通常在 /var/log/v2ray/error.log 文件中。
服务器端错误日志:
2019/03/03 04:45:59 [Info] [2008864076] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49088 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:59 [Info] [1382786507] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49090 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:00 [Info] [927063124] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49092 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:00 [Info] [1647945536] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49094 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:01 [Info] [990396942] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49096 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:02 [Info] [3549109221] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49098 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:02 [Info] [1096418142] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49100 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:03 [Info] [1972922788] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49102 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:04 [Info] [982388611] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49104 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:05 [Info] [2978680535] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49106 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:05 [Info] [603748192] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49108 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:06 [Info] [2164742343] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49110 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:06 [Info] [3431389640] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49112 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:07 [Info] [3914027589] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49114 > v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:07 [Info] [1937052758] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/vmess/inbound: invalid request from 172.18.0.3:49116 > v2ray.com/core/proxy/vmess/encoding: invalid user
客户端错误日志:
2019/03/03 12:45:57 [Info] [2765989532] v2ray.com/core/proxy/socks: TCP Connect request to tcp:www.youtube.com:443
2019/03/03 12:45:57 [Info] [2765989532] v2ray.com/core/app/dispatcher: taking detour [vmess outbound] for [tcp:www.youtube.com:443]
2019/03/03 12:45:57 [Info] [2765989532] v2ray.com/core/transport/internet/websocket: creating connection to tcp:xxx.com:443
2019/03/03 12:45:57 [Warning] [1182462542] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://xxx.com/download): 502 Bad Gateway > websocket: bad handshake] > v2ray.com/core/common/retry: all retry attempts failed
2019/03/03 12:45:57 [Info] [1182462542] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/socks: connection ends > v2ray.com/core/proxy/socks: failed to transport all TCP response > io: read/write on closed pipe
2019/03/03 12:45:57 [Info] [2765989532] v2ray.com/core/transport/internet/websocket: creating connection to tcp:xxx.com:443
2019/03/03 12:45:58 [Info] [2765989532] v2ray.com/core/transport/internet/websocket: creating connection to tcp:xxx.com:443
2019/03/03 12:45:59 [Info] [2765989532] v2ray.com/core/transport/internet/websocket: creating connection to tcp:xxx.com:443
2019/03/03 12:45:59 [Info] [2765989532] v2ray.com/core/transport/internet/websocket: creating connection to tcp:xxx.com:443
2019/03/03 12:46:01 [Warning] [2765989532] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://xxx.com/download): 502 Bad Gateway > websocket: bad handshake] > v2ray.com/core/common/retry: all retry attempts failed
7) 请附上访问日志。在 Linux 中,日志通常在 /var/log/v2ray/access.log 文件中。
2019/03/03 04:45:52 172.18.0.3:49054 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:53 172.18.0.3:49056 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:53 172.18.0.3:49058 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:53 172.18.0.3:49060 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:53 172.18.0.3:49062 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:54 172.18.0.3:49064 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:55 172.18.0.3:49066 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:56 172.18.0.3:49068 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:56 172.18.0.3:49070 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:56 172.18.0.3:49072 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:56 172.18.0.3:49074 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:56 172.18.0.3:49076 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:56 172.18.0.3:49078 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:57 172.18.0.3:49080 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:57 172.18.0.3:49082 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:58 172.18.0.3:49084 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:58 172.18.0.3:49086 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:59 172.18.0.3:49088 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:45:59 172.18.0.3:49090 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:00 172.18.0.3:49092 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:00 172.18.0.3:49094 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:01 172.18.0.3:49096 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:02 172.18.0.3:49098 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:02 172.18.0.3:49100 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:03 172.18.0.3:49102 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:04 172.18.0.3:49104 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:05 172.18.0.3:49106 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:05 172.18.0.3:49108 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:06 172.18.0.3:49110 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:06 172.18.0.3:49112 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:07 172.18.0.3:49114 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
2019/03/03 04:46:07 172.18.0.3:49116 rejected v2ray.com/core/proxy/vmess/encoding: invalid user
8) 其它相关的配置文件(如 Nginx)和相关日志。
Nginx配置文件:
server {
server_name xxx.com;
listen 80;
return 301 https://xxx.com$1;
}
server {
server_name xxx.com;
listen 443 ssl http2;
server_tokens off;
ssl_certificate /etc/letsencrypt/live/xxx.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/xxx.com/privkey.pem;
ssl_dhparam /etc/letsencrypt/dhparams.pem;
ssl_ciphers 'TLS_AES_128_GCM_SHA256:TLS_CHACHA20_POLY1305_SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384';
ssl_prefer_server_ciphers on;
ssl_ecdh_curve secp384r1;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 1d;
ssl_session_tickets on;
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8 8.8.4.4 valid=300s;
resolver_timeout 10s;
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';
location /download {
proxy_redirect off;
proxy_pass http://v2ray:6000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $http_host;
}
}
Nginx错误日志:
2019/03/03 04:46:03 [error] 6#6: *1973 upstream prematurely closed connection while reading response header from upstream, client: 59.78.14.89, server: xxx.com, request: "GET /download HTTP/1.1", upstream: "http://172.18.0.4:6000/download", host: "baidu.com"
2019/03/03 04:46:04 [error] 6#6: *1975 upstream prematurely closed connection while reading response header from upstream, client: 59.78.14.89, server: xxx.com, request: "GET /download HTTP/1.1", upstream: "http://172.18.0.4:6000/download", host: "baidu.com"
2019/03/03 04:46:05 [error] 6#6: *1977 upstream prematurely closed connection while reading response header from upstream, client: 59.78.14.89, server: xxx.com, request: "GET /download HTTP/1.1", upstream: "http://172.18.0.4:6000/download", host: "baidu.com"
2019/03/03 04:46:05 [error] 6#6: *1979 upstream prematurely closed connection while reading response header from upstream, client: 59.78.14.89, server: xxx.com, request: "GET /download HTTP/1.1", upstream: "http://172.18.0.4:6000/download", host: "baidu.com"
2019/03/03 04:46:06 [error] 6#6: *1981 upstream prematurely closed connection while reading response header from upstream, client: 59.78.14.89, server: xxx.com, request: "GET /download HTTP/1.1", upstream: "http://172.18.0.4:6000/download", host: "baidu.com"
2019/03/03 04:46:06 [error] 6#6: *1983 upstream prematurely closed connection while reading response header from upstream, client: 59.78.14.89, server: xxx.com, request: "GET /download HTTP/1.1", upstream: "http://172.18.0.4:6000/download", host: "baidu.com"
2019/03/03 04:46:07 [error] 6#6: *1985 upstream prematurely closed connection while reading response header from upstream, client: 59.78.14.89, server: xxx.com, request: "GET /download HTTP/1.1", upstream: "http://172.18.0.4:6000/download", host: "baidu.com"
2019/03/03 04:46:07 [error] 6#6: *1987 upstream prematurely closed connection while reading response header from upstream, client: 59.78.14.89, server: xxx.com, request: "GET /download HTTP/1.1", upstream: "http://172.18.0.4:6000/download", host: "baidu.com"
常见的导致Invalid user的情况都与我的问题不符。客户端和服务端的id相同,alterid设置也相同。客户端和服务端虽然时区不同,但UTC时间几乎没有差别。另外,虽然服务端nginx开启了TLS1.3,但也可以使用TLS1.2,而且既然能在由nginx反代的v2ray服务端中看到错误日志,说明客户端到nginx并不存在问题。
烦请大佬们检查一下我的配置或理解是否有误,非常感谢!
fourstring
All 6 comments
服务端 wsSettings 需要指定 path
icpz
on 3 Mar 2019
@lcdtyph inbound连接的streamSettings如果没有指定的话是继承全局的。而且加上以后也没有作用。
fourstring
on 3 Mar 2019
@fourstring
- 服务端缺少 "network": "ws"
- 服务端outbounds第一个是blackhole,所有未指定路由流量都会被block
icpz
on 3 Mar 2019
👍2
❤1
🎉1
😄1
配置文件错误很多,除了楼上说的,还有下面的
"headers": { "Host": "baidu.com" }要么为空,要么就填自己域名,baidu.com应该是错误设置
winds365
on 4 Mar 2019
❤1
🎉1
😄1
👍1
@lcdtyph @winds365 主要问题应该是inbound连接没有指定网络类型,非常感谢!
fourstring
on 4 Mar 2019
建议升级一下服务端版本,保存客户端和服务端的版本一致。我也遇到类似问题,升级服务端版本后解决
xd5520026
on 15 Jul 2019
Was this page helpful?
0 / 5 - 0 ratings
Related issues
nielspeen
·
4Comments
FTAndy
·
4Comments
cnperi
·
4Comments
limaofu
·
3Comments
supersndqd
·
3Comments
Most helpful comment
@fourstring