Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

shadow socks V2Ray not working from Iran. #69

Open
singingtransparency opened this issue Oct 30, 2022 · 4 comments
Open

shadow socks V2Ray not working from Iran. #69

singingtransparency opened this issue Oct 30, 2022 · 4 comments

Comments

@singingtransparency
Copy link

I deployed a server on Vultr and used the shadow socks v2ray instructions. I can verify my config works, using devices outside of Iran. However when friends in Iran use the config they cannot connect. I followed the instructions and have verified my settings match that on the guide (I assume that this would be some config error with Arvancloud), and everything seems to be correct (see attached image).
Screen Shot 2022-10-30 at 16 11 05

Any idea on how to start troubleshooting this or what might be the cause of this malfunction?
@ziXet
Copy link
Contributor

ziXet commented Oct 30, 2022

take a look at container logs.
docker-compose logs ss-server
docker-compose logs nginx

@singingtransparency
Copy link
Author

singingtransparency commented Oct 31, 2022
edited
Loading

Cheers, maybe you can help me find what to look for - here are some parts of the log:
ss-server_1 | 2022-10-27 07:19:33 INFO: enable TCP no-delay ss-server_1 | 2022-10-27 07:19:33 INFO: plugin "v2ray-plugin" enabled ss-server_1 | 2022-10-27 07:19:33 INFO: UDP relay enabled ss-server_1 | 2022-10-27 07:19:33 INFO: enable TCP no-delay ss-server_1 | 2022-10-27 07:19:33 INFO: initializing ciphers... aes-256-gcm ss-server_1 | 2022-10-27 07:19:33 INFO: using nameserver: 1.1.1.1,1.0.0.1,2606:4700:4700::1111,2606:4700:4700::1001 ss-server_1 | 2022-10-27 07:19:33 INFO: tcp server listening at 127.0.0.1:51517 ss-server_1 | 2022-10-27 07:19:33 INFO: tcp port reuse enabled ss-server_1 | 2022-10-27 07:19:33 INFO: udp server listening at 0.0.0.0:8080 ss-server_1 | 2022-10-27 07:19:33 INFO: udp port reuse enabled ss-server_1 | 2022/10/27 07:19:33 V2Ray 4.44.0 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.17.9 linux/amd64) ss-server_1 | 2022/10/27 07:19:33 A unified platform for anti-censorship. ss-server_1 | 2022/10/27 07:19:33 [Warning] V2Ray 4.44.0 started ss-server_1 | 2022/10/27 07:39:23 tcp:49.186.38.18:0 accepted tcp:127.0.0.1:0

there are several repeats of the following:

ss-server_1 | 2022-10-27 21:18:11 ERROR: remote recv: Connection reset by peer

and

ss-server_1 | 2022-10-27 21:21:41 ERROR: unable to resolve appsupport.abc-prod.net.au

ss-server_1 | 2022-10-27 21:23:56 ERROR: getpeername: Socket not connected ss-server_1 | 2022/10/27 21:23:57 tcp:172.18.0.4:43092 accepted tcp:127.0.0.1:0

ss-server_1 | 2022/10/27 22:17:12 [Warning] transport/internet/websocket: failed to serve http for WebSocket > accept tcp [::]:8080: use of closed network connection

For nginx I get many repeats of the following

ss-nginx-frontend | Waiting for certificate /etc/nginx/cert/limooamani.online.cer before starting nginx... ss-nginx-frontend | /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration ss-nginx-frontend | /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh ss-nginx-frontend | 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf ss-nginx-frontend | 10-listen-on-ipv6-by-default.sh: info: Enabled listen on IPv6 in /etc/nginx/conf.d/default.conf ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh ss-nginx-frontend | 20-envsubst-on-templates.sh: Running envsubst on /etc/nginx/templates/default.conf.template to /etc/nginx/conf.d/default.conf ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh ss-nginx-frontend | /docker-entrypoint.sh: Configuration complete; ready for start up ss-nginx-frontend | 2022/10/27 07:19:43 [emerg] 1#1: cannot load certificate "/etc/nginx/cert/limooamani.online.cer": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) ss-nginx-frontend | nginx: [emerg] cannot load certificate "/etc/nginx/cert/limooamani.online.cer": PEM_read_bio_X509_AUX() failed (SSL: error:0909006C:PEM routines:get_name:no start line:Expecting: TRUSTED CERTIFICATE) ss-nginx-frontend | /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration ss-nginx-frontend | /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/ ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh ss-nginx-frontend | 10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf ss-nginx-frontend | 10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf differs from the packaged version ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh ss-nginx-frontend | 20-envsubst-on-templates.sh: Running envsubst on /etc/nginx/templates/default.conf.template to /etc/nginx/conf.d/default.conf ss-nginx-frontend | /docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh ss-nginx-frontend | /docker-entrypoint.sh: Configuration complete; ready for start up

Then a lot like this:

2022/10/27 07:26:42 [notice] 1#1: using the "epoll" event method
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: nginx/1.23.1
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: built by gcc 10.2.1 20210110 (Debian 10.2.1-6) 
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: OS: Linux 5.15.0-52-generic
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 65535:65535
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: start worker processes
ss-nginx-frontend | 2022/10/27 07:26:42 [notice] 1#1: start worker process 35
ss-nginx-frontend | ***.187.187.59 - - [27/Oct/2022:07:37:19 +0000] "GET / HTTP/1.1" 404 0 "-" "python-requests/2.25.1" "***.45.90.36"

and then
ss-nginx-frontend | 2022/10/31 06:03:09 [crit] 35#35: *3165 SSL_do_handshake() failed (SSL: error:14201044:SSL routines:tls_choose_sigalg:internal error) while SSL handshaking, client: ***.241.218.246, server: 0.0.0.0:443

As I mentioned, I can connect to the server from outside of Iran, but no-one inside can use it. Any help or advice would be appreciated.

Cheers

@cursedwraith
Copy link

Arvancloud is not reliable method anymore. They found out and are throttling to extreme extent.

@MikePython42
Copy link

What is a reliable way?

@bdroz12 bdroz12 mentioned this issue Aug 28, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ziXet @cursedwraith @singingtransparency @MikePython42