Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Need config sample using the unsafe stream prefix feature #21

Closed
wang20150419 opened this issue Oct 24, 2022 · 7 comments
Closed

Need config sample using the unsafe stream prefix feature #21

wang20150419 opened this issue Oct 24, 2022 · 7 comments

Comments

@wang20150419
Copy link

wang20150419 commented Oct 24, 2022
edited
Loading

shadowsocks/shadowsocks-org#204 (comment)

Based on the configuration above, it does not work.

Full config example file would be appreciated.

thanks.
@database64128
Copy link
Owner

Based on the configuration above, it does not work.

Post your full config so I can take a look.

@wang20150419
Copy link
Author

wang20150419 commented Oct 24, 2022
edited by database64128
Loading

Based on the configuration above, it does not work.

Post your full config so I can take a look.

server_config.json:

{
    "servers": [
        {
            "name": "ss-2022",
            "listen": ":20220",
            "protocol": "2022-blake3-aes-128-gcm",
            "enableTCP": true,
            "listenerTFO": true,
            "enableUDP": true,
            "mtu": 1500,
            "psk": "FSr6Pkyq3VrDOelPrByuUA==",
            "uPSKs": [
                "AXRWODoYoAky8MJOwKMvGA=="
            ]
        }
    ],
    "unsafeRequestStreamPrefix": "ANcavAp07MaQdYi/a9uvdA8ud89zCr1xs3C5ZndlG2M=",
    "unsafeResponseStreamPrefix": "b1kj7gqC0mY1P7v0BsPFlaQUgrtiaatemUF80pdgErY=",
    "udpPreferIPv6": true
}

client_config.json:

{
    "servers": [
        {
            "name": "socks5",
            "listen": ":1080",
            "protocol": "socks5",
            "enableTCP": true,
            "listenerTFO": true,
            "enableUDP": true,
            "mtu": 1500
        }
    ],
    "clients": [
        {
            "name": "ss-2022",
            "endpoint": "xxx.xxx.xxx.xxx:20220",
            "protocol": "2022-blake3-aes-128-gcm",
            "enableTCP": true,
            "dialerTFO": true,
            "enableUDP": true,
            "mtu": 1500,
            "psk": "FSr6Pkyq3VrDOelPrByuUA==",
            "iPSKs": [
                "AXRWODoYoAky8MJOwKMvGA=="
            ]
        },
        {
            "name": "direct",
            "protocol": "direct",
            "enableTCP": true,
            "dialerTFO": true,
            "enableUDP": true,
            "mtu": 1500
        }
    ],
    "dns": [
        {
            "name": "cf-v6",
            "addrPort": "8.8.8.8:53",
            "tcpClientName": "ss-2022",
            "udpClientName": "ss-2022"
        }
    ],
    "unsafeRequestStreamPrefix": "ANcavAp07MaQdYi/a9uvdA8ud89zCr1xs3C5ZndlG2M=",
    "unsafeResponseStreamPrefix": "b1kj7gqC0mY1P7v0BsPFlaQUgrtiaatemUF80pdgErY=",
    "udpPreferIPv6": true
}

When the shadowsocks-go service is started, the client test has a response using "tcping xxx.xxx.xxx.xxx 20220".

@database64128
Copy link
Owner

You put these fields in the wrong place. The unsafeRequestStreamPrefix and unsafeResponseStreamPrefix fields are supposed to be in the client and server blocks, not in the root structure.

@wang20150419
Copy link
Author

wang20150419 commented Oct 24, 2022
edited by database64128
Loading

Now I changed the position of the unsafeRequestStreamPrefix and unsafeResponseStreamPrefix fields, but it still doesn't work.

server_config.json:

{
  "servers": [
    {
      "name": "ss-2022",
      "listen": ":20220",
      "protocol": "2022-blake3-aes-128-gcm",
      "enableTCP": true,
      "listenerTFO": true,
      "enableUDP": true,
      "mtu": 1500,
      "unsafeRequestStreamPrefix": "ANcavAp07MaQdYi/a9uvdA8ud89zCr1xs3C5ZndlG2M=",
      "unsafeResponseStreamPrefix": "b1kj7gqC0mY1P7v0BsPFlaQUgrtiaatemUF80pdgErY=",
      "psk": "FSr6Pkyq3VrDOelPrByuUA==",
      "uPSKs": [
         "AXRWODoYoAky8MJOwKMvGA=="
      ]
    }
  ],
  "udpPreferIPv6": true
}

client_config.json:

{
  "servers": [
    {
      "name": "socks5",
      "listen": ":1080",
      "protocol": "socks5",
      "enableTCP": true,
      "listenerTFO": true,
      "enableUDP": true,
      "mtu": 1500
    }
  ],
  "clients": [
    {
      "name": "ss-2022",
      "endpoint": "xxx.xxx.xxx.xxx:20220",
      "protocol": "2022-blake3-aes-128-gcm",
      "enableTCP": true,
      "dialerTFO": true,
      "enableUDP": true,
      "mtu": 1500,
      "unsafeRequestStreamPrefix": "ANcavAp07MaQdYi/a9uvdA8ud89zCr1xs3C5ZndlG2M=",
      "unsafeResponseStreamPrefix": "b1kj7gqC0mY1P7v0BsPFlaQUgrtiaatemUF80pdgErY=",
      "psk": "FSr6Pkyq3VrDOelPrByuUA==",
      "iPSKs": [
         "AXRWODoYoAky8MJOwKMvGA=="
      ]
    },
    {
      "name": "direct",
      "protocol": "direct",
      "enableTCP": true,
      "dialerTFO": true,
      "enableUDP": true,
      "mtu": 1500
    }
  ],
  "dns": [
    {
      "name": "cf-v6",
      "addrPort": "8.8.8.8:53",
      "tcpClientName": "ss-2022",
      "udpClientName": "ss-2022"
    }
  ],
  "udpPreferIPv6": true
}

@database64128
Copy link
Owner

What's the version of your shadowsocks-go? Did both the server and client print the warning message "Unsafe stream prefix taints the server/client" on startup?

In your client config, you have 2 clients configured, but there is no router configuration. If you don't want to use the router feature, you need to remove the direct client, so the router can automatically pick the only client. The dns configuration is also unnecessary when you don't have IP rules.

@wang20150419
Copy link
Author

wang20150419 commented Oct 24, 2022
edited by database64128
Loading

Now, I modified the client config. I am using the latest version (shadowsocks-go-v1.4.0-linux-x86-64-v3) .
the message "Unsafe stream prefix taints the server/client {"name": "ss-2022"}" is displayed when both the client and the server are started. but it still doesn't work.

my new client config file:

{
   "servers": [
      {
         "name": "socks5",
         "listen": ":1080",
         "protocol": "socks5",
         "enableTCP": true,
         "listenerTFO": true,
         "enableUDP": true,
         "mtu": 1500
      }
   ],
   "clients": [
      {
         "name": "ss-2022",
         "endpoint": "xxx.xxx.xxx.xxx:20220",
         "protocol": "2022-blake3-aes-128-gcm",
         "enableTCP": true,
         "dialerTFO": true,
         "enableUDP": true,
         "mtu": 1500,
         "unsafeRequestStreamPrefix": "ANcavAp07MaQdYi/a9uvdA8ud89zCr1xs3C5ZndlG2M=",
         "unsafeResponseStreamPrefix": "b1kj7gqC0mY1P7v0BsPFlaQUgrtiaatemUF80pdgErY=",
         "psk": "FSr6Pkyq3VrDOelPrByuUA==",
         "iPSKs": [
            "AXRWODoYoAky8MJOwKMvGA=="
         ]
      }
   ],
   "udpPreferIPv6": true
}

@database64128
Copy link
Owner

database64128 commented Oct 24, 2022
edited
Loading

In your server config, FSr6Pkyq3VrDOelPrByuUA== was configured as the iPSK. But in your client config it was configured as the uPSK. You are making the same mistake as #20.

If you don't need multiple uPSKs, you can just drop the iPSKs and uPSKs fields and use the same PSK in the psk field.

Next time please post the logs, and remember to enclose your configuration in ```json and ```, so it's formatted and readable.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wang20150419 @database64128