Coder Social home page Coder Social logo

Comments (29)

YuejunChen avatar YuejunChen commented on May 29, 2024 1

from simple-vpn-demo.

oliverhu avatar oliverhu commented on May 29, 2024

google cloud也可以,只有aliyun不行

from simple-vpn-demo.

oliverhu avatar oliverhu commented on May 29, 2024

发现是因为那台机器已经部署了shadowsocks导致tunnel没法读取了,另外起了一个instance就好了

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

tunnel

老哥我也遇到这个情况,怎么排查呢

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

阿里云没有开启ip forward
国内的几家云厂商早就想到这点了,从一开始就给你屏蔽了。

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

嗯嗯,腾讯云应该也一样,这个可以怎么解决吗?

无解吧。
这套代码依赖的关键点就是IP Forward,如果国产云无法“真实”的开启IP Forward.....你无论怎么折腾也没有用啊。

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

我是mac电脑,用mac搞个docker镜像来跑这个程序,行得通吗

mac上没必要套在docker里跑iptable啊.....直接用pf加ip forwarding
不过mac本体在墙内的话....也没意义....

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

嗯嗯,是的,我并不是想实现VPN功能,而是想利用networkextension拦截数据包实现iOS的弱网模拟而已,这个您有什么好的建议吗

https://stackoverflow.com/questions/12528986/using-the-network-link-conditioner-on-ios-devices

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

谢谢,这个我清楚,目前是想做成这种的工具https://apps.apple.com/cn/app/id1541108317可以提供非开发人员使用,您觉得我可以把数据转发在ios本机上实现吗

我初略推断,企鹅这个app是必须要连接服务器才能用的是吧?
如果是的,这app的原理跟此github的代码是一样的。iOS一旦开启ip layer的network-extension,就等于是用pf把ios全局流量转到新创建的utun上了,此后这些流量不送到外部服务器去做ip forwarding,就全废了。
省事的话,你本地找一个linux机器就搞定了啊。一定要docker应该也可以,google docker ip forward就有很多说法。

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

他的服务器是192开头的,我理解是否是通过NE在隧道拦截流量然后通过socket转发到目的服务器,您觉得可以吗

192是内网地址,意思是使用他这款app需要自己配置一个局域网内的server?
其实原理很简单,

  1. iOS创建一个新的utun
  2. iOS把网络流量nat到utun
  3. iOS network-extension读取utun获得所有流量
  4. 将所有流量通过socket送到服务器
  5. 服务器做IP Forwarding
    ........

所谓模拟弱网,无外乎就是在第3和第4步骤之间人为的丢弃一些数据包。

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

您好,再请教一个问题,如果程序是跑在虚拟机上的话是不是会被占有tun通道呢

读了几遍没太懂你具体的意思,我假设一下你的情况说说我的见解。
你有一台iPhone,和一台Mac。
iPhone上跑network-extension的代码,Mac上通过虚拟机装linux,跑服务器的代码。
以上,如果每个环节都确保正确运行,那就完全满足你的要求了。
唯一担心的只有虚拟机配置linux的ip forwarding可能要去google下文档。

关于tun相关,也不复杂。此github的代码原理就是分别在iPhone和linux上各建一个tun,然后对称的操作。具体可以参考
https://backreference.org/2010/03/26/tuntap-interface-tutorial/

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

您好,想再咨询一个问题,如果想做成可以支持多个客户端连接的,服务端代码修改有什么好的思路吗

服务器端创建tun的地方改成一次性创建n个tun就行了,为每一个客户端分配一个tun。

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

你好,创建多个tun和分配tun是通过多线程去处理对吗

创建tun不用多线程,一个函数就能创建n个tun。
处理多client也不用多线程,一般fork或者select。

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

你好,想再问下,udp_fd这个描述符可以复用吗?还是也要一次性新建n个?

UDP不用创建多个socket fd。server端创建一个UDP socket并且监听,就能收到任何发送到该server的udp数据。

from simple-vpn-demo.

YuejunChen avatar YuejunChen commented on May 29, 2024

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

如何给每个客户端分配tun这个有什么好的建议嘛?

https://android.googlesource.com/kernel/msm/+/android-msm-bullhead-3.10-marshmallow-dr/Documentation/networking/tuntap.txt

from simple-vpn-demo.

yingyangios avatar yingyangios commented on May 29, 2024

如何给每个客户端分配tun这个有什么好的建议嘛?

https://android.googlesource.com/kernel/msm/+/android-msm-bullhead-3.10-marshmallow-dr/Documentation/networking/tuntap.txt

您好,我这边创建多个tun通道,但是发现只有第一个tun通道有数据可读,是因为iptable配置的问题吗

from simple-vpn-demo.

FanLemon avatar FanLemon commented on May 29, 2024

如何给每个客户端分配tun这个有什么好的建议嘛?

https://android.googlesource.com/kernel/msm/+/android-msm-bullhead-3.10-marshmallow-dr/Documentation/networking/tuntap.txt

您好,我这边创建多个tun通道,但是发现只有第一个tun通道有数据可读,是因为iptable配置的问题吗

每个tun需要配置不同的ip地址,iptable确实也要检查看看是否规则适合你设定的ip地址。

from simple-vpn-demo.

Related Issues (13)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.