如何配置进站出站？ #482

3000wonder · 2023-10-14T13:00:32Z

我在VPS上搭建了v2ray服务器端，本地电脑上搭建了v2ray客户端，可以正常使用。现在想在无线路由器上搭建一个v2ray客户端，连接我VPS上面的服务器端。
VPS服务器端的设置：

cat /usr/local/etc/v2ray/config.json
    {
      "inbounds": [
      {
        "listen": "127.0.0.1",
        "port": 11055,
        "protocol": "vmess",
        "tag": "proxy",
        "settings": {
          "clients": [
            {"id": "xxxxxxxx", 
             "alterId": 0}]
        },
        "streamSettings": {
          "network": "ws",
          "wsSettings": {
            "path": "/tech"
          }
        }
      }
      ],

      "outbounds": [{
        "protocol": "freedom",
        "settings": {}
      }],

      "log": {
        "access": "/var/log/v2ray/access.log",
        "error": "/var/log/v2ray/error.log",
        "loglevel": "warning"
      }
    }

本地电脑上的V2RAY客户端设置：

cat /usr/local/etc/v2ray/config.json
    {
    "inbounds": [{
      "port": 10800,
      "listen": "127.0.0.1",
      "protocol": "socks",
      "sniffing": {
        "enabled": true,
        "destOverride": ["http", "tls"]
      },
      "settings": {
        "auth": "noauth",
        "udp": false
      }
    }],

    "inboundDetour": [
    {
      "port": 10801,
      "listen": "127.0.0.1",
      "protocol": "http",
      "settings": {
        "timeout": 0
      }
    }],

    "outbounds":
    [
      {
        "protocol": "vmess",
        "settings": {
         "network": "tcp,udp",
         "vnext": [{
            "address": "vps_ip",
            "port": 443,
            "users": [{
            "id": "xxxxxxxx", "level": 0, "alterId": 0, "security": "none"
            }]
          }]
        },
        "streamSettings": {
          "network": "ws",
          "security": "tls",
          "wsSettings": {
            "path": "/tech"
          },
          "tlsSettings": {
            "serverName": "",
            "allowInsecure": true
          }
        }
      },{
        "protocol": "freedom",
        "settings": {},
        "tag": "direct"
      }
    ],

    "routing": {
      "domainStrategy": "IPOnDemand",
      "rules": [{
        "type": "field",
        "outboundTag": "direct",
        "domain": ["geosite:cn"]
      },{
        "type": "field",
        "outboundTag": "direct",
        "ip": [
          "geoip:cn",
          "geoip:private"
          ]
        }
      ]
    },
    "log": {
      "access": "/var/log/v2ray-access.log",
      "error": "/var/log/v2ray-error.log",
      "loglevel": "warning"
    }
    }

我在本地电脑的 firefox上设置代理，使用10801后，可以正常使用。

下面是我在openwrt中的设置：


 cat    /var/etc/v2ray/v2ray.main.json
{
	"log": {
		"access": "/var/log/v2ray-access.log",
		"loglevel": "warning",
		"error": "/var/log/v2ray-error.log"
	},
	"dns": {
		"hosts": {
			"example.com": "127.0.0.1"
		},
		"servers": [
			"1.1.1.1",
			"8.8.8.8",
			{
				"address": "114.114.114.114",
				"port": 53,
				"domains": [
					"geosite:cn"
				]
			},
			{
				"address": "223.5.5.5",
				"port": 53,
				"domains": [
					"geosite:cn"
				]
			}
		]
	},
	"routing": {
		"domainStrategy": "IPOnDemand",
		"rules": [
			{
				"type": "field",
				"ip": [
					"geoip:private",
					"geoip:cn"
				],
				"outboundTag": "direct"
			},
			{
				"type": "field",
				"domain": [
					"geosite:cn"
				],
				"outboundTag": "direct"
			},
			{
				"type": "field",
				"protocol": [
					"bittorrent"
				],
				"outboundTag": "direct"
			},
			{
				"type": "field",
				"port": "53",
				"network": "udp",
				"inboundTag": [
					"transparent"
				],
				"outboundTag": "dns_out"
			},
			{
				"type": "field",
				"ip": [
					"114.114.114.114",
					"223.5.5.5"
				],
				"outboundTag": "direct"
			},
			{
				"type": "field",
				"ip": [
					"1.1.1.1",
					"8.8.8.8",
					"208.67.222.222"
				],
				"outboundTag": "proxy"
			},
			{
				"type": "field",
				"port": "123",
				"network": "udp",
				"outboundTag": "direct"
			}
		]
	},
	"inbounds": [
		{
			"listen": "0.0.0.0",
			"port": 10800,
			"protocol": "socks",
			"settings": {
				"auth": "noauth",
				"udp": true,
				"ip": "127.0.0.1"
			},
			"streamSettings": {
				"sockopt": {
					
				}
			},
			"tag": "proxy",
			"sniffing": {
				"enabled": true,
				"destOverride": [
					"http",
					"tls"
				]
			}
		},
		{
			"port": 1081,
			"protocol": "dokodemo-door",
			"settings": {
				"followRedirect": true,
				"network": "tcp"
			},
			"streamSettings": {
				"sockopt": {
					"tproxy": "redirect"
				}
			},
			"tag": "transparent",
			"sniffing": {
				"enabled": true,
				"destOverride": [
					"http",
					"tls"
				]
			}
		}
	],
	"outbounds": [
		{
			"protocol": "vmess",
			"settings": {
				"vnext": [
					{
						"address": "vps_ip",
						"port": 443,
						"users": [
							{
								"id": "xxxxxxxx",
								"alterId": 0
							}
						]
					}
				]
			},
			"streamSettings": {
				"sockopt": {
					"mark": 255
				}
			},
			"tag": "proxy",
			"proxySettings": {
				"tag": "proxy"
			}
		}
	]
}

为何这样设置，无法使用呢？
1。这个配置文建如何修改？
2。firefox上还需要设置代理吗？

The text was updated successfully, but these errors were encountered:

rp-hello · 2023-10-17T12:03:42Z

我理解你的需求，只需要服务端和openwrt端配置就可以了。不用firefox上设置代理。

然后看了下，openwrt上，v2ray已经以dokodemo-door协议监听了1081端口了，看起来是正常的。

然后你提到无法使用，具体表现是什么呢？

另外，猜测有可能出问题的地方是iptables将流量转发到dokodemo-door端口的时候出错了，看一下iptables-save -t mangle的输出，应该有规则才对。规则参考：
https://github.com/rp-hello/luci-app-v2ray/blob/b74647180c15c4f77b895c955b31a7bbb6c86adc/root/etc/init.d/luci_v2ray#L603-L653

3000wonder · 2023-10-21T11:28:54Z

问题是，我不使用iptables，使用ufw .

rp-hello · 2023-10-23T08:03:37Z

ufw是基于iptables的，所以你应该继续去看看iptables的规则，看下为什么会有问题。

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

如何配置进站出站？ #482

如何配置进站出站？ #482

3000wonder commented Oct 14, 2023

rp-hello commented Oct 17, 2023

3000wonder commented Oct 21, 2023

rp-hello commented Oct 23, 2023

如何配置进站出站？ #482

如何配置进站出站？ #482

Comments

3000wonder commented Oct 14, 2023

rp-hello commented Oct 17, 2023

3000wonder commented Oct 21, 2023

rp-hello commented Oct 23, 2023