kuoruan / luci-app-v2ray Goto Github PK

View Code? Open in Web Editor NEW

1.2K 31.0 285.0 1.13 MB

LuCI support for V2Ray

Makefile 0.78% Lua 1.36% Shell 37.37% Perl 4.45% JavaScript 2.53% TypeScript 53.52%

v2ray luci

luci-app-v2ray's Introduction

luci-app-v2ray

Luci support for V2Ray

This branch is new LuCI for OpenWrt 19.07 and later.

For legacy version: Branch legacy

Install

Install via OPKG (recommend)

Add new opkg key:

wget -O kuoruan-public.key http://openwrt.kuoruan.net/packages/public.key
opkg-key add kuoruan-public.key

Add opkg repository from kuoruan:

echo "src/gz kuoruan_universal http://openwrt.kuoruan.net/packages/releases/all" \
  >> /etc/opkg/customfeeds.conf
opkg update

Install package:

opkg install luci-app-v2ray
opkg install luci-i18n-v2ray-zh-cn

We also support HTTPS protocol.

Upgrade package:

opkg update
opkg upgrade luci-app-v2ray
opkg upgrade luci-i18n-v2ray-zh-cn

Manual install

Download ipk files from release page
Upload files to your router
Install package with opkg:

opkg install luci-app-v2ray_*.ipk

Dependencies:

jshn
ip (ip-tiny or ip-full)
ipset
iptables
iptables-mod-tproxy
resolveip
dnsmasq-full (dnsmasq ipset is required)

For translations, please install luci-i18n-v2ray-*.

You may need to remove dnsmasq before installing this package.

Configure

Download V2Ray file from V2Ray release link or V2Ray ipk release link.
Upload V2Ray file to your router, or install the ipk file.
Config V2Ray file path in LuCI page.
Add your inbound and outbound rules.
Enable the service via LuCI.

Build

Package files is in branch luci2

Download with Git:

git clone -b luci2 https://github.com/kuoruan/luci-app-v2ray.git luci-app-v2ray

luci-app-v2ray's People

Contributors

Stargazers

Watchers

Forkers

q158073378252010 miroda zxlhhyccc ilikecola visnyin hozunomiya letssudormrf kamihao masssmith amibaworld rainbow10086 dotjh black-steel herts taskiller a80900 yukisummer dhksa netboylee ksong008 4server al00014 johnsonhit geriun cqcqwind strategist922 yuguorui newclear yang1245789 kkunn0 hrb451 pongpongcn abcdelf rizecao fr11dem0 liushichuan fannysilence han767 myoko aaaisan luwintao sdh1986 au1323 samuraiheart7 guanqiwei yesoce jn7163 snowind cjcjiang icephonix maerduo liuxiaochakan harris-logic ipconfig25 dwtguh weonbean betterluke maximus-zhao markxsq simonchanli wojiangxixing lucky168s antenna2008 elmerzhang hyeos ypwang314 wytfy u0225 janslon bingxuebage nanixu lxwithgod benyjuice wfsunwj mymail6 xcray zhiguangjian githubtyi crazysarah j3l11234 chenxinxing leepapa summitn gaohongliang jeffreychentaiwan icyice2009 cncqly dalenew aptx17 charlestea droiter i258559 lbs1990 linweijun henrycode wenfish ap0rpi7uq9 coolcollin cdlaimin bleuame

luci-app-v2ray's Issues

Use ss-rules from luci-app-shadowsocks to setup iptables rules

https://github.com/shadowsocks/luci-app-shadowsocks/wiki/Instruction-of-ss-rules
ss-rules is much more configurable and flexible

请大家帮一下忙，发一个可以用的v2ray路由配置

我的服务器是用websocket+tls组建的v2ray，在padavan路由上能用的v2ray配置，ip做了相应的更改，在luci上，无论如何就是无法使用。实在没办法了，求助好心大神！

开启transparent proxy并且填入extra proxy list后，无法解析dns

开启transparent proxy并且填入extra proxy list后，无法解析dns。
在extra proxy list填入blogspot.com后，无法解析dns，无法上网，log如下，已经把域名替换为xxxxx.xxx

[Warning] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://xxxxx.xxx/ray): > dial tcp: lookup xxxxx.xxx on 127.0.0.1:53: read udp 127.0.0.1:42711->127.0.0.1:53: read: connection refused v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://xxxxx.xxx/ray): > dial tcp: lookup xxxxx.xxx on 127.0.0.1:53: read udp 127.0.0.1:49203->127.0.0.1:53: read: connection refused v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://xxxxx.xxx/ray): > dial tcp: lookup xxxxx.xxx on 127.0.0.1:53: read udp 127.0.0.1:58375->127.0.0.1:53: read: connection refused v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://xxxxx.xxx/ray): > dial tcp: lookup xxxxx.xxx on 127.0.0.1:53: read udp 127.0.0.1:51333->127.0.0.1:53: read: connection refused v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://xxxxx.xxx/ray): > dial tcp: lookup xxxxx.xxx on 127.0.0.1:53: read udp 127.0.0.1:46210->127.0.0.1:53: read: connection refused] > v2ray.com/core/common/retry: all retry attempts failed

有关透明代理路由器自身网络

透明代理路由器自身网络，在v2ray官网的白话文教程里面有。那个说的虽然不专门针对路由器，但是原理是一样的。网址：https://guide.v2fly.org/app/transparent_proxy.html
我自己也是根据这篇教程，做了一个树莓派的透明代理网关。并移植集成了V2ray.Fun的web控制界面。项目地址：
https://github.com/MassSmith/smgate

关键点在于在v2ray的config.json的每个出口中配置
"sockopt": {
"mark": 255
}
这是config.json的模板：https://raw.githubusercontent.com/MassSmith/smgate/master/config/tcp-config/%E6%A0%91%E8%8E%93%E6%B4%BE%E7%BD%91%E5%85%B3v2ray%E7%9A%84config.json%E6%A8%A1%E6%9D%BF/tcp-config.json

并且用iptable设置，命令如下：
iptables -t nat -A V2RAY -p tcp -j RETURN -m mark --mark 0xff

我用的全部命令是：https://raw.githubusercontent.com/MassSmith/smgate/master/v2rayiptable.sh

路由器的设置应该相似。

DNS hosts not working for Transparent proxy?

Transparent proxy - Enabled
Transparent proxy - UDP traffic

DNS section:

Hosts: abcdetest.com|52.206.55.67

test in LAN client

abcdetest.com’s server IP address could not be found.

GFWList Proxy doesn't work in Transparent Proxy tab

Switching proxy mode to GFWList Proxy in transparent proxy doesn't work. meanwhile, updating CHRRoute and GFWList always failed.

更新openwrt luci后应用设置界面错误

运行环境：Raspi3 B+
LuCI openwrt-19.07 branch (git-19.317.29528-bd1e6d6) / OpenWrt 19.07-SNAPSHOT r10194+491-c53f62b111
更新到最新版的luci源码后，无法调用设置界面。
错误提示：

Failed to execute cbi dispatcher target for entry '/admin/services/v2ray/global'.
The called action terminated with an exception:
/usr/lib/lua/luci/dispatcher.lua:938: module 'luci.cbi' not found:
	no field package.preload['luci.cbi']
	no file './luci/cbi.lua'
	no file '/usr/share/lua/luci/cbi.lua'
	no file '/usr/share/lua/luci/cbi/init.lua'
	no file '/usr/lib/lua/luci/cbi.lua'
	no file '/usr/lib/lua/luci/cbi/init.lua'
	no file './luci/cbi.so'
	no file '/usr/lib/lua/luci/cbi.so'
	no file '/usr/lib/lua/loadall.so'
	no file './luci.so'
	no file '/usr/lib/lua/luci.so'
	no file '/usr/lib/lua/loadall.so'
stack traceback:
	[C]: in function 'require'
	/usr/lib/lua/luci/dispatcher.lua:938: in function </usr/lib/lua/luci/dispatcher.lua:937>

outbound排序导致数据丢失

移动自己添加的出站连接后保存并应用会导致luci报错，并且自己添加的这个出站连接配置丢失，然后移到原来顺序上数据再次保存并应用又会回来。
luci报错：

/usr/lib/lua/luci/dispatcher.lua:509: Failed to execute arcombine dispatcher target for entry '/admin/services/v2ray/outbounds'.
The called action terminated with an exception:
invalid key to 'next'
stack traceback:
[C]: in function 'assert'
/usr/lib/lua/luci/dispatcher.lua:509: in function 'dispatch'
/usr/lib/lua/luci/dispatcher.lua:127: in function </usr/lib/lua/luci/dispatcher.lua:126>

已经装好了，请问怎样才能翻出去啊？

3个IPK文件都已经装好了，服务也显示正在运行，现在就是翻不出去。

请问在界面中要勾选那些才能翻出去呢？

是勾选出站连接的哪个，还是启用路由里的哪个？才能以大陆白名单翻出去呢？

请帮帮小白！

Transparent proxy iptable

clean install of everything, Transparent proxy enabled

problem

router can access through v2ray, LAN client can not

why

root@OpenWrt:~# iptables -t nat -L -v -n --line-numbers
Chain PREROUTING (policy ACCEPT 259 packets, 66554 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1      277 68149 prerouting_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom prerouting rule chain */
2      236 59757 zone_lan_prerouting  all  --  br-lan *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */
3       41  8392 zone_wan_prerouting  all  --  eth0.2 *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */

Chain INPUT (policy ACCEPT 14 packets, 781 bytes)
num   pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 65 packets, 4738 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1        0     0 V2RAY      tcp  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain POSTROUTING (policy ACCEPT 18 packets, 1512 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1      172 18121 postrouting_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom postrouting rule chain */
2        2   376 zone_lan_postrouting  all  --  *      br-lan  0.0.0.0/0            0.0.0.0/0            /* !fw3 */
3      151 16405 zone_wan_postrouting  all  --  *      eth0.2  0.0.0.0/0            0.0.0.0/0            /* !fw3 */

Chain V2RAY (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1        0     0 RETURN     all  --  *      *       0.0.0.0/0            XXX.XXX.XXX.XXX
2        0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/8
3        0     0 RETURN     all  --  *      *       0.0.0.0/0            10.0.0.0/8
4        0     0 RETURN     all  --  *      *       0.0.0.0/0            127.0.0.0/8
5        0     0 RETURN     all  --  *      *       0.0.0.0/0            169.254.0.0/16
6        0     0 RETURN     all  --  *      *       0.0.0.0/0            172.16.0.0/12
7        0     0 RETURN     all  --  *      *       0.0.0.0/0            192.168.0.0/16
8        0     0 RETURN     all  --  *      *       0.0.0.0/0            224.0.0.0/4
9        0     0 RETURN     all  --  *      *       0.0.0.0/0            240.0.0.0/4
10       0     0 REDIRECT   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            redir ports 12345

Chain postrouting_lan_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain postrouting_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain postrouting_wan_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain prerouting_lan_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain prerouting_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain prerouting_wan_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain zone_lan_postrouting (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1        2   376 postrouting_lan_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom lan postrouting rule chain */

Chain zone_lan_prerouting (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1      236 59757 prerouting_lan_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom lan prerouting rule chain */

Chain zone_wan_postrouting (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1      151 16405 postrouting_wan_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom wan postrouting rule chain */
2      151 16405 MASQUERADE  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */

Chain zone_wan_prerouting (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1       41  8392 prerouting_wan_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom wan prerouting rule chain */

fix by running this to put this line in the first of PREROUTING

iptables -t nat -I PREROUTING 1 -p tcp -j V2RAY

请教下透明代理的问题

我在恩山论坛发现你（估计是）发的贴子如下：

支持透明代理，但不支持透明代理路由器自身的网络，原因是如果开启路由器自身网络透明代理，再开启国内网址直连的话，会形成回环。如果有朋友有能力解决的话，可以提交 PR

能否解释下“不支持透明代理路由器自身的网络”到底是啥意思，有什么影响。谢谢。

能否给一个json配置样板

已经装好了，还不太会使用，作者能否给点json样板以供参考？

display problem for "/" in "Stream settings"

when write path in Stream settings

"path": "/ws/"

save, it shows

"path": "\/ws\/"

vmess如何配置

界面保存之后，配置文件 /var/etc/v2ray/v2ray.main.json 内容如下
启动之后，访问不出去啊，请问还需要配什么吗

{
	"log": {
		"loglevel": "warning",
		"access": "\/var\/log\/v2ray-access.log",
		"error": "\/var\/log\/v2ray-error.log"
	},
	"routing": {
		"domainStrategy": "IPOnDemand",
		"rules": [
			{
				"type": "field",
				"ip": [
					"geoip:private",
					"geoip:cn"
				],
				"outboundTag": "direct"
			},
			{
				"type": "field",
				"domain": [
					"geosite:cn"
				],
				"outboundTag": "direct"
			}
		]
	},
	"policy": {
		"system": {
			"statsInboundUplink": false,
			"statsInboundDownlink": false
		}
	},
	"inbounds": [
		{
			"listen": "0.0.0.0",
			"port": 8080,
			"protocol": "socks",
			"sniffing": {
				"enabled": true,
				"destOverride": [
					"http",
					"tls"
				]
			},
			"settings": {
				"udp": true,
				"ip": "127.0.0.1",
				"auth": "noauth"
			}
		},
		{
			"listen": "0.0.0.0",
			"port": 1060,
			"protocol": "dokodemo-door",
			"tag": "transparent_proxy",
			"sniffing": {
				"enabled": true,
				"destOverride": [
					"http",
					"tls"
				]
			},
			"settings": {
				"network": "tcp",
				"timeout": 30,
				"followRedirect": true
			}
		}
	],
	"outbounds": [
		{
			"sendThrough": "0.0.0.0",
			"protocol": "vmess",
			"mux": {
				"enabled": false,
				"concurrency": 8
			},
			"settings": {
				"vnext": [
					{
						"port": 443,
						"users": [
							{
								"id": "MY-ID-STRING",
								"level": 1,
								"alterId": 64
							}
						],
						"address": "myv2ray.domain.name"
					}
				]
			}
		},
		{
			"sendThrough": "0.0.0.0",
			"protocol": "freedom",
			"tag": "direct",
			"mux": {
				"enabled": false,
				"concurrency": 8
			}
		}
	]
}

不是很明白要怎么用这个界面，以及设置outbound时遇到的问题

我使用websocks连接，每当我在outbound标签下输入
"path": "/PATH"
就会自动变成
"path": "\/PATH"

另外期待能给出一个模板，luci界面有点令人摸不着头脑。

Problem with latest luci-app-v2ray 1.4

Hello!

I have a problem running latest luci-app-v2ray. When I configure it same way as 1.3 everything stops working.
I have perfectly working similar router setup with latest 1.3 - no issues at all.

I'm running Edgerouter-X. I tried 18.06.5 and now on master - same behavior. DNS not working at all.

{
	"log": {
		"loglevel": "debug",
		"access": "/var/log/v2ray-access.log",
		"error": "/var/log/v2ray-error.log"
	},
	"dns": {
		"hosts": {
			"example.com": "127.0.0.1"
		},
		"servers": [
			"8.8.8.8",
			{
				"address": "208.67.222.222",
				"port": 5353
			},
			{
				"address": "114.114.114.114",
				"port": 53,
				"domains": [
					"geosite:cn"
				]
			}
		]
	},
	"routing": {
		"domainStrategy": "IPOnDemand",
		"rules": [
			{
				"type": "field",
				"ip": [
					"geoip:private",
					"geoip:cn"
				],
				"outboundTag": "direct"
			},
			{
				"type": "field",
				"domain": [
					"geosite:cn"
				],
				"outboundTag": "direct"
			}
		]
	},
	"inbounds": [
		{
			"listen": "192.168.1.1",
			"port": 1080,
			"protocol": "socks",
			"sniffing": {
				"enabled": true,
				"destOverride": [
					"http",
					"tls"
				]
			},
			"settings": {
				"udp": true,
				"auth": "noauth",
				"ip": "127.0.0.1"
			}
		},
		{
			"listen": "192.168.1.1",
			"port": 1081,
			"protocol": "dokodemo-door",
			"tag": "dokodemo_door",
			"sniffing": {
				"enabled": true,
				"destOverride": [
					"http",
					"tls"
				]
			},
			"settings": {
				"followRedirect": true,
				"network": "tcp,udp"
			}
		}
	],
	"outbounds": [
		{
			"sendThrough": "0.0.0.0",
			"protocol": "vmess",
			"mux": {
				"enabled": true,
				"concurrency": 4
			},
			"settings": {
				"vnext": [
					{
						"address": "v2ray.hostname.tld",
						"port": 443,
						"users": [
							{
								"id": "uuid",
								"alterId": 64,
								"email": "[email protected]",
								"security": "auto"
							}
						]
					}
				],
				"servers": null,
				"response": null
			},
			"streamSettings": {
				"network": "ws",
				"security": "tls",
				"tlsSettings": {
					"allowInsecure": false,
					"serverName": "v2ray.hostname.tld"
				},
				"tcpSettings": null,
				"kcpSettings": null,
				"wsSettings": {
					"connectionReuse": true,
					"path": "/ray",
					"headers": {
						"Host": "v2ray.hostname.tld"
					}
				},
				"httpSettings": null,
				"quicSettings": null,
				"sockopt": {
					"mark": 255
				}
			}
		},
		{
			"sendThrough": "0.0.0.0",
			"protocol": "freedom",
			"tag": "direct",
			"streamSettings": {
				"sockopt": {
					"mark": 255
				}
			}
		},
		{
			"sendThrough": "0.0.0.0",
			"protocol": "blackhole",
			"tag": "block",
			"streamSettings": {
				"sockopt": {
					"mark": 255
				}
			}
		},
		{
			"sendThrough": "0.0.0.0",
			"protocol": "dns",
			"tag": "dns_out",
			"streamSettings": {
				"sockopt": {
					"mark": 255
				}
			}
		}
	]
}

This is my config from 1.4
For me it looks like a problem with iptables. Could you help me to fix it?

期待大师能给出各个配置界面的截图，方便小白们照猫画虎。

vps、pc和手机上都设置好了，能顺利使用，但是搞不定这个路由器设置啊！vps、pc、手机上的配置文件也就一两个，各种设置参数都在这一两个文件里。现在这个luci有这么多的配置框，都不知哪个参数要填在哪个框里？

WebSocket+TLS+Web 无法正常走代理

更新到最新的1.30版后，无法正常代理上网，只能正常访问国内，
换回1.2.3版后则能正常代理，
我使用的是WebSocket+TLS+Web方式，
以下是部分调试日志：
2019/10/15 16:30:27 [Info] [886902391] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:mydomain..:443
2019/10/15 16:30:27 [Info] [961627686] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: connection ends > v2ray.com/core/proxy/vmess/outbound: failed to read header > v2ray.com/core/proxy/vmess/encoding: unexpected response header. Expecting 62 but actually 80
2019/10/15 16:30:27 [Info] [961627686] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/dokodemo: connection ends > v2ray.com/core/proxy/dokodemo: failed to transport response > io: read/write on closed pipe
2019/10/15 16:30:27 [Debug] [113739468] v2ray.com/core/proxy/dokodemo: processing connection from: 192.168.1.240:11643
2019/10/15 16:30:27 [Info] [113739468] v2ray.com/core/app/dispatcher: sniffed domain: clients1.google.com
2019/10/15 16:30:27 [Info] [113739468] v2ray.com/core/app/dispatcher: taking detour [v2ray] for [tcp:clients1.google.com:443]
2019/10/15 16:30:27 [Info] [113739468] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:mydomain..:443
2019/10/15 16:30:27 [Info] [886902391] v2ray.com/core/proxy/vmess/outbound: tunneling request to tcp:play.google.com:443 via tcp:mydomain..:443
2019/10/15 16:30:27 [Info] [1247215546] v2ray.com/core/proxy/vmess/outbound: tunneling request to tcp:play.google.com:443 via tcp:mydomain..:443
2019/10/15 16:30:27 [Info] [113739468] v2ray.com/core/proxy/vmess/outbound: tunneling request to tcp:clients1.google.com:443 via tcp:mydomain..:443
2019/10/15 16:30:27 [Info] [1247215546] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: connection ends > v2ray.com/core/proxy/vmess/outbound: failed to read header > v2ray.com/core/proxy/vmess/encoding: unexpected response header. Expecting 20 but actually 108
2019/10/15 16:30:27 [Info] [886902391] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: connection ends > v2ray.com/core/proxy/vmess/outbound: failed to read header > v2ray.com/core/proxy/vmess/encoding: unexpected response header. Expecting 78 but actually 44
2019/10/15 16:30:27 [Info] [886902391] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/dokodemo: connection ends > v2ray.com/core/proxy/dokodemo: failed to transport response > io: read/write on closed pipe
2019/10/15 16:30:27 [Info] [1247215546] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/dokodemo: connection ends > v2ray.com/core/proxy/dokodemo: failed to transport response > io: read/write on closed pipe
2019/10/15 16:30:27 [Info] [113739468] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: connection ends > v2ray.com/core/proxy/vmess/outbound: failed to read header > v2ray.com/core/proxy/vmess/encoding: unexpected response header. Expecting 189 but actually 217
2019/10/15 16:30:27 [Info] [113739468] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/dokodemo: connection ends > v2ray.com/core/proxy/dokodemo: failed to transport response > io: read/write on closed pipe
2019/10/15 16:30:27 [Debug] [2292789070] v2ray.com/core/proxy/dokodemo: processing connection from: 192.168.1.240:11644
2019/10/15 16:30:27 [Info] [2292789070] v2ray.com/core/app/dispatcher: sniffed domain: clients1.google.com
2019/10/15 16:30:27 [Info] [2292789070] v2ray.com/core/app/dispatcher: taking detour [v2ray] for [tcp:clients1.google.com:443]
2019/10/15 16:30:27 [Info] [2292789070] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:mydomain..:443
2019/10/15 16:30:27 [Info] [2292789070] v2ray.com/core/proxy/vmess/outbound: tunneling request to tcp:clients1.google.com:443 via tcp:mydomain..:443
2019/10/15 16:30:27 [Debug] [2162470646] v2ray.com/core/proxy/dokodemo: processing connection from: 192.168.1.240:11645
2019/10/15 16:30:27 [Info] [2162470646] v2ray.com/core/app/dispatcher: sniffed domain: play.google.com
2019/10/15 16:30:27 [Info] [2162470646] v2ray.com/core/app/dispatcher: taking detour [v2ray] for [tcp:play.google.com:443]
2019/10/15 16:30:27 [Info] [2162470646] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:mydomain..:443
2019/10/15 16:30:28 [Info] [2292789070] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: connection ends > v2ray.com/core/proxy/vmess/outbound: failed to read header > v2ray.com/core/proxy/vmess/encoding: unexpected response header. Expecting 54 but actually 247
2019/10/15 16:30:28 [Info] [2292789070] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/dokodemo: connection ends > v2ray.com/core/proxy/dokodemo: failed to transport response > io: read/write on closed pipe

大大，这个支持tproxy吗？

可否写个简单的说明

比如routing部分是否支持文件，各个参数需要怎样的输入格式等等
谢谢

公网访问局域网的服务器出错

公网访问群晖做的端口转发。

在重新启动路由器之后，通过公网IP访问内部网络服务器会出现无法连接的情况。

PS C:\Windows\system32> curl https://113.206.171.12:5001/
curl : 基础连接已经关闭: 发送时发生错误。
所在位置 行:1 字符: 1
+ curl https://113.206.171.12:5001/
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-WebRequest]，WebExce
    ption
    + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeWebRequestCommand

点击“重载服务”按钮后正常，关闭v2正常，关闭后再打开也恢复正常。

下面是日志，虽然只是info级别的……

2019/11/04 10:54:56 [Info] [3787175534] v2ray.com/core/app/dispatcher: taking detour [direct] for [tcp:113.206.171.12:5001]
2019/11/04 10:54:56 [Info] [2949025408] v2ray.com/core/app/dispatcher: taking detour [direct] for [tcp:113.206.171.12:5001]
2019/11/04 10:54:56 [Info] [3787175534] v2ray.com/core/proxy/freedom: opening connection to tcp:113.206.171.12:5001
2019/11/04 10:54:56 [Info] [2949025408] v2ray.com/core/proxy/freedom: opening connection to tcp:113.206.171.12:5001
2019/11/04 10:54:56 [Info] [2949025408] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:113.206.171.12:5001
2019/11/04 10:54:56 [Info] [3787175534] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:113.206.171.12:5001
2019/11/04 10:54:56 [Info] [3787175534] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:113.206.171.12:5001
2019/11/04 10:54:56 [Info] [2949025408] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:113.206.171.12:5001
2019/11/04 10:54:56 [Info] [2949025408] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:113.206.171.12:5001
2019/11/04 10:54:56 [Info] [3787175534] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:113.206.171.12:5001
2019/11/04 10:54:56 [Info] [3787175534] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:113.206.171.12:5001
2019/11/04 10:54:56 [Info] [2949025408] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:113.206.171.12:5001
2019/11/04 10:54:56 [Info] [2949025408] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:113.206.171.12:5001
2019/11/04 10:54:56 [Info] [3787175534] v2ray.com/core/transport/internet/tcp: dialing TCP to tcp:113.206.171.12:5001
2019/11/04 10:54:57 [Info] [3787175534] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/freedom: failed to open connection to tcp:113.206.171.12:5001 > v2ray.com/core/common/retry: [dial tcp 113.206.171.12:5001: connect: connection refused] > v2ray.com/core/common/retry: all retry attempts failed
2019/11/04 10:54:57 [Info] [3787175534] v2ray.com/core/app/proxyman/inbound: connection ends > v2ray.com/core/proxy/dokodemo: connection ends > v2ray.com/core/proxy/dokodemo: failed to transport response > io: read/write on closed pipe

配置如下：(vmess的具体配置已经删除)

{
	"log": {
		"loglevel": "info",
		"access": "\/var\/log\/v2ray-access.log",
		"error": "\/var\/log\/v2ray-error.log"
	},
	"dns": {
		"hosts": {
			"example.com": "127.0.0.1"
		},
		"servers": [
			"8.8.8.8",
			{
				"address": "208.67.222.222",
				"port": 5353
			},
			{
				"address": "114.114.114.114",
				"port": 53,
				"domains": [
					"geosite:cn"
				]
			}
		]
	},
	"routing": {
		"domainStrategy": "IPOnDemand",
		"rules": [
			{
				"type": "field",
				"domain": [
					"drives.amd.com"
				],
				"outboundTag": "proxy"
			},
			{
				"type": "field",
				"ip": [
					"geoip:private",
					"geoip:cn"
				],
				"outboundTag": "direct"
			},
			{
				"type": "field",
				"domain": [
					"geosite:cn"
				],
				"outboundTag": "direct"
			},
			{
				"type": "field",
				"domain": [
					"geosite:speedtest"
				],
				"outboundTag": "direct"
			},
			{
				"type": "field",
				"domain": [
					"geosite:category-ads-all"
				],
				"outboundTag": "block"
			},
			{
				"type": "field",
				"port": "53",
				"network": "udp",
				"inboundTag": [
					"transparent_proxy"
				],
				"outboundTag": "dns_out"
			}
		],
		"balancers": [
			{
				"tag": "proxy",
				"selector": [
					"sakura",
					"bwg"
				]
			}
		]
	},
	"inbounds": [
		{
			"listen": "0.0.0.0",
			"port": 1081,
			"protocol": "dokodemo-door",
			"tag": "transparent_proxy",
			"sniffing": {
				"enabled": true,
				"destOverride": [
					"http",
					"tls"
				]
			},
			"settings": {
				"network": "tcp",
				"timeout": 300,
				"followRedirect": true
			}
		}
	],
	"outbounds": [
		{
			"sendThrough": "0.0.0.0",
			"protocol": "vmess",
			"tag": "aaa",
			"mux": {
				"enabled": true,
				"concurrency": 8
			},
			"settings": {
				"vnext": [
				]
			},
			"streamSettings": {
			}
		},
		{
			"sendThrough": "0.0.0.0",
			"protocol": "vmess",
			"tag": "bbb",
			"mux": {
				"enabled": true,
				"concurrency": 8
			},
			"settings": {
				"vnext": [
				]
			},
			"streamSettings": {
			}
		},
		{
			"sendThrough": "0.0.0.0",
			"protocol": "freedom",
			"tag": "direct",
			"streamSettings": {
				"sockopt": {
					"mark": 255
				}
			}
		},
		{
			"sendThrough": "0.0.0.0",
			"protocol": "blackhole",
			"tag": "block",
			"streamSettings": {
				"sockopt": {
					"mark": 255
				}
			}
		}
	]
}

插件自带的v2ray更新的时候没有更新域名文件。

geoip.dat 和 geosite.dat没有更新。。

导致如果配置文件里面有用新的域名key .会报错不能启动~

很难受。我真的是不知道怎么填。。。我照着原本的文本改也无法连接

安装之后openwrt里面可以看见v2ray，但是V2Ray 文件 /usr/bin/v2ray 无法获取 V2Ray 版本信息

v2ray文件路径

若是安装ipk版本v2ray 则文件路径为
/usr/bin/v2ray/v2ray

小白装好了，谢谢作者

我是小白，刚装好，配置问题，我还要研究下，谢谢作者，非常牛

How does proxy_list_dns and direct_list_dns work in transparent_proxy?

While I do DNS queries, it still follows the rule of dns out.

2019/11/24 01:24:06 [Info] v2ray.com/core/app/dns: querying domain test1.xxx.jd.com at udp:223.5.5.5:53
2019/11/24 01:24:06 [Debug] v2ray.com/core/app/dns: querying DNS for: test1.xxx.jd.com.
2019/11/24 01:24:06 [Debug] v2ray.com/core/app/dns: updating IP records for domain:test1.xxx.jd.com.
2019/11/24 01:24:06 [Info] v2ray.com/core/app/dns: querying domain test1.xxx.jd.com at udp:223.5.5.5:53
2019/11/24 01:24:06 [Debug] v2ray.com/core/app/dns: querying DNS for: test1.xxx.jd.com.
2019/11/24 01:24:07 [Debug] v2ray.com/core/app/dns: updating IP records for domain:test1.xxx.jd.com.
2019/11/24 01:24:19 [Debug] v2ray.com/core/app/dns: querying DNS for: test1.xxx.google.com.
2019/11/24 01:24:19 [Debug] v2ray.com/core/app/dns: updating IP records for domain:test1.xxx.google.com.
2019/11/24 01:24:19 [Info] v2ray.com/core/app/dns: failed to lookup ip for domain test1.xxx.google.com at server udp:8.8.8.8:53 > rcode: 3
2019/11/24 01:24:19 [Debug] v2ray.com/core/app/dns: querying DNS for: test1.xxx.google.com.
2019/11/24 01:24:19 [Debug] v2ray.com/core/app/dns: updating IP records for domain:test1.xxx.google.com.
2019/11/24 01:24:19 [Info] v2ray.com/core/app/dns: failed to lookup ip for domain test1.xxx.google.com at server udp:8.8.8.8:53 > rcode: 3

config transparent_proxy 'main_transparent_proxy'
	option apnic_delegated_mirror 'apnic'
	option gfwlist_mirror 'github'
	option redirect_port '1081'
	option dns_proxy_enabled '1'
	option proxy_mode 'gfwlist_proxy'
	option proxy_list_dns '1.1.1.1#53'
	option direct_list_dns '114.114.114.114#53'

日志中出现 possible DNS-rebind attack

daemon.warn dnsmasq[13457]: possible DNS-rebind attack detected: www.google.com

反复出现

modify Settings may not trigger a restart of service

V2Ray - Edit Outbound

modify Settings

save & apply

it prompt:

There are no changes to apply.

not sure v2ray is restarted or not.

是否支持订阅

我收到的配置是一个订阅地址，列表也是vmess协议格式的，不知道怎么用在这个上面。

v2ray作为内网网关时，公网访问局域网的服务器出错

网络结构
公网<->NAT路由器<->v2ray内网网关<->内部服务器
类似问题 #37
不同点：v2ray没有公网ip
以下是iptables NAT

$ iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
V2RAY      tcp  --  anywhere             anywhere

Chain INPUT (policy ACCEPT)
target     prot opt source               destination

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
V2RAY      tcp  --  anywhere             anywhere

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination

Chain V2RAY (2 references)
target     prot opt source               destination
RETURN     tcp  --  anywhere             anywhere             mark match 0xff
RETURN     tcp  --  anywhere             x.x.x.x.16clouds.com
RETURN     tcp  --  anywhere             0.0.0.0/8
RETURN     tcp  --  anywhere             10.0.0.0/8
RETURN     tcp  --  anywhere             100.64.0.0/10
RETURN     tcp  --  anywhere             127.0.0.0/8
RETURN     tcp  --  anywhere             169.254.0.0/16
RETURN     tcp  --  anywhere             172.16.0.0/12
RETURN     tcp  --  anywhere             192.0.0.0/24
RETURN     tcp  --  anywhere             192.0.2.0/24
RETURN     tcp  --  anywhere             192.88.99.0/24
RETURN     tcp  --  anywhere             192.168.0.0/16
RETURN     tcp  --  anywhere             198.18.0.0/15
RETURN     tcp  --  anywhere             198.51.100.0/24
RETURN     tcp  --  anywhere             203.0.113.0/24
RETURN     tcp  --  anywhere             base-address.mcast.net/4
RETURN     tcp  --  anywhere             240.0.0.0/4
RETURN     tcp  --  anywhere             255.255.255.255
REDIRECT   tcp  --  anywhere             anywhere             redir ports 1081

iptable output rule missing

v1.1.1-1 with transparent proxy

not working

root@OpenWrt:/tmp# iptables -t nat -L -v -n --line-numbers
Chain PREROUTING (policy ACCEPT 9 packets, 4892 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1      961  347K prerouting_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom prerouting rule chain */
2      902  336K zone_lan_prerouting  all  --  br-lan *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */
3       59 10637 zone_wan_prerouting  all  --  eth0.2 *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */
4        7   364 V2RAY      tcp  --  *      *       0.0.0.0/0            0.0.0.0/0

Chain INPUT (policy ACCEPT 7 packets, 364 bytes)
num   pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 8 packets, 762 bytes)
num   pkts bytes target     prot opt in     out     source               destination

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1      581 42793 postrouting_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom postrouting rule chain */
2        2   376 zone_lan_postrouting  all  --  *      br-lan  0.0.0.0/0            0.0.0.0/0            /* !fw3 */
3      569 41784 zone_wan_postrouting  all  --  *      eth0.2  0.0.0.0/0            0.0.0.0/0            /* !fw3 */

Chain V2RAY (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1        0     0 RETURN     all  --  *      *       0.0.0.0/0            xx.xx.xx.xx
2        0     0 RETURN     all  --  *      *       0.0.0.0/0            0.0.0.0/8
3        0     0 RETURN     all  --  *      *       0.0.0.0/0            10.0.0.0/8
4        0     0 RETURN     all  --  *      *       0.0.0.0/0            127.0.0.0/8
5        0     0 RETURN     all  --  *      *       0.0.0.0/0            169.254.0.0/16
6        0     0 RETURN     all  --  *      *       0.0.0.0/0            172.16.0.0/12
7        2   104 RETURN     all  --  *      *       0.0.0.0/0            192.168.0.0/16
8        0     0 RETURN     all  --  *      *       0.0.0.0/0            224.0.0.0/4
9        0     0 RETURN     all  --  *      *       0.0.0.0/0            240.0.0.0/4
10       5   260 REDIRECT   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            redir ports 1081

Chain postrouting_lan_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain postrouting_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain postrouting_wan_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain prerouting_lan_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain prerouting_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain prerouting_wan_rule (1 references)
num   pkts bytes target     prot opt in     out     source               destination

Chain zone_lan_postrouting (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1        2   376 postrouting_lan_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom lan postrouting rule chain */

Chain zone_lan_prerouting (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1      902  336K prerouting_lan_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom lan prerouting rule chain */

Chain zone_wan_postrouting (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1      569 41784 postrouting_wan_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom wan postrouting rule chain */
2      569 41784 MASQUERADE  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */

Chain zone_wan_prerouting (1 references)
num   pkts bytes target     prot opt in     out     source               destination
1       59 10637 prerouting_wan_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom wan prerouting rule chain */

fixed by running

iptables -t nat -A OUTPUT -p tcp -j V2RAY

openwrt master 最新版的kernel不符合依赖

root@OpenWrt:~# opkg install luci-app-v2ray_1.4.1-2_all.ipk 
Installing luci-app-v2ray (1.4.1-2) to root...
Collected errors:
 * satisfy_dependencies_for: Cannot satisfy the following dependencies for luci-app-v2ray:
 * 	kernel (= 4.19.84-1-aacfa5dd5dd2b7542fae5a410acf5865)
 * opkg_install_cmd: Cannot install package luci-app-v2ray.

root@OpenWrt:~# uname -a
Linux OpenWrt 4.19.82 #0 SMP Sun Nov 17 17:13:28 2019 x86_64 GNU/Linux

ipv6的问题

前天编译的版本用 6 还是不行，看到更新不知道行不行，马上再试试看看

透明代理页面，htm列表无法显示

固件版本 18.06.5，还需要安装什么才能正常显示？

depends error

root@OpenWrt:/tmp# uname -r
4.9.184
root@OpenWrt:/tmp# opkg install luci-app-v2ray.ipk
Installing luci-app-v2ray (1.1.0-1) to root...
Collected errors:
 * satisfy_dependencies_for: Cannot satisfy the following dependencies for luci-app-v2ray:
 *      kernel (= 4.9.184-1-2dda2a2d0ee2eba71176fe2e0f6d5dff)
 * opkg_install_cmd: Cannot install package luci-app-v2ray.

fix by using

root@OpenWrt:/tmp# opkg install luci-app-v2ray.ipk --force-depends

使用刚发布的最新版后出现国内网无法访问，路由器管理页面间歇性卡死

以下为部分错误日志
疑为Transparent proxy router's own network导致
2019/10/15 08:22:06 [Warning] v2ray.com/core/transport/internet/tcp: failed to accepted raw connections > accept tcp [::]:1081: accept4: too many open files 2019/10/15 08:22:06 [Warning] v2ray.com/core/transport/internet/tcp: failed to accepted raw connections > accept tcp [::]:1081: accept4: too many open files 2019/10/15 08:22:07 [Warning] v2ray.com/core/transport/internet/tcp: failed to accepted raw connections > accept tcp [::]:1081: accept4: too many open files 2019/10/15 08:22:07 [Warning] v2ray.com/core/transport/internet/tcp: failed to accepted raw connections > accept tcp [::]:1081: accept4: too many open files 2019/10/15 08:22:08 [Warning] v2ray.com/core/transport/internet/tcp: failed to accepted raw connections > accept tcp [::]:1081: accept4: too many open files 2019/10/15 08:22:08 [Warning] v2ray.com/core/transport/internet/tcp: failed to accepted raw connections > accept tcp [::]:1081: accept4: too many open files 2019/10/15 08:22:09 [Warning] v2ray.com/core/transport/internet/tcp: failed to accepted raw connections > accept tcp [::]:1081: accept4: too many open files 2019/10/15 08:22:09 [Warning] v2ray.com/core/transport/internet/tcp: failed to accepted raw connections > accept tcp [::]:1081: accept4: too many open files 2019/10/15 08:22:10 [Warning] v2ray.com/core/transport/internet/tcp: failed to accepted raw connections > accept tcp [::]:1081: accept4: too many open files 2019/10/15 08:22:10 [Warning] v2ray.com/core/transport/internet/tcp: failed to accepted raw connections > accept tcp [::]:1081: accept4: too many open files 2019/10/15 08:22:11 [Warning] [2106317230] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [dial tcp 35.201.187.166:12595: socket: too many open files dial tcp 35.201.187.166:51279: socket: too many open files dial tcp 35.201.187.166:12595: socket: too many open files] > v2ray.com/core/common/retry: all retry attempts failed

iptables的转发读取额外的配置文件

目前使用环境：软路由作为透明代理，使用节点A作为代理。
个人在使用的时候有可能需要使用节点B，这个时候按照我的理解：
访问请求->电脑V2RAY->软路由->V2RAY->节点A->节点B->网站。

我在Openwrt中防火墙自定义规则中配置了：
iptables -t nat -N V2RAYDIRECT
iptables -t nat -A V2RAYDIRECT -d $(dig +short 节点B地址) -j RETURN
iptables -t nat -A PREROUTING -j V2RAYDIRECT

但是每次添加节点地址重启防火墙时会造成luci-app-v2ray配置的规则丢失，因此我想把这个加入到luci-app-v2ray中。手工修改服务启动文件的方法我也看到了，如果能有一个GUI中有额外配置或者读取配置的方法会更好一些。

Loadbalance无法生效

应在编辑路由规则中增加balancerTag项来让v2ray走lb

期待能出个使用说明

K大的luci-app-frp luci-app-v2ray，功能都很强大，自由度高，但对小白来说，有点不知道怎么使用。看那位大神能帮写个说明。谢谢

can not build on the master branch

Hope this project and its v2ray-core sister one have been fully ported and validated on both the latest official release (v18.06.4) and certainly the master branch. But obviously this is not the case so far:

./scripts/feeds install -a
WARNING: Makefile 'package/luci-app-v2ray/Makefile' has a dependency on 'luci-lib-jsonc', which does not exist
WARNING: Makefile 'package/luci-app-v2ray/Makefile' has a build dependency on 'luci-base/host', which does not exist
WARNING: Makefile 'package/luci-app-v2ray/Makefile' has a build dependency on 'csstidy/host', which does not exist
...
WARNING: Makefile 'package/v2ray-core/Makefile' has a build dependency on 'golang/host', which does not exist

请问，怎么批量导入ip规则和域名规则呢？

请问，怎么批量导入ip规则和域名规则呢？ip与ip、域名与域名间空格、我都试过了。在/etc/v2ray下也没有看见关于路由的json文件。

what is proper procedure/ in-negligible steps to update luci-app-v2ray to new version

what is proper procedure or in-negligible step to update luci-app-v2ray from a running old version seamlessly to new version？Because I met some update issues during direct update, it seems I need remove old version first and manually clean some dependencies and files, am I right?

入站连接中transparent_proxy无法自定义timeout

由于入站透明代理setting中timeout默认值为30，导致安卓设备gms服务长连接频繁断开重连，耗电严重，遂尝试取消自动透明代理手动写入配置{ "network": "tcp", "timeout": 999, "followRedirect": true }

结果却无法正常透明代理，求助。

外网端口转发重新拨号后导致防火墙规则乱序

问题描述：
先看正常时的防火墙规则，V2RAY链是插在nat表的PREROUTING链的最后：

Chain PREROUTING (policy ACCEPT 148 packets, 15985 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1    94723 7030K prerouting_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom prerouting rule chain */
2    48415 4437K zone_lan_prerouting  all  --  br-lan *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */
3    46308 2594K zone_wan_prerouting  all  --  pppoe-wan *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */
4        0     0 zone_wan_prerouting  all  --  eth1.2 *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */
5      343 18023 V2RAY      tcp  --  *      *       0.0.0.0/0            0.0.0.0/0

zone_wan_prerouting链包含了系统设定的一些端口转发规则。因此当存在匹配的端口转发时，zone_wan_prerouting链能比V2RAY链优先DNAT掉，然后就是正常的直接通信。

但是当本机外网IP租期到重新拨号时，系统重新设定了防火墙规则，导致V2RAY链移动到PREROUTING链的顶端:

Chain PREROUTING (policy ACCEPT 148 packets, 15985 bytes)
num   pkts bytes target     prot opt in     out     source               destination
1      343 18023 V2RAY      tcp  --  *      *       0.0.0.0/0            0.0.0.0/0
2    94723 7030K prerouting_rule  all  --  *      *       0.0.0.0/0            0.0.0.0/0            /* !fw3: Custom prerouting rule chain */
3    48415 4437K zone_lan_prerouting  all  --  br-lan *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */
4    46308 2594K zone_wan_prerouting  all  --  pppoe-wan *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */
5        0     0 zone_wan_prerouting  all  --  eth1.2 *       0.0.0.0/0            0.0.0.0/0            /* !fw3 */

但V2RAY链没有设定本机外网IP网段直接返回规则：

Chain V2RAY (2 references)
num   pkts bytes target     prot opt in     out     source               destination
1    32245 1935K RETURN     tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            mark match 0xff
2        0     0 RETURN     tcp  --  *      *       0.0.0.0/0            0.0.0.0/8
3        0     0 RETURN     tcp  --  *      *       0.0.0.0/0            10.0.0.0/8
4        0     0 RETURN     tcp  --  *      *       0.0.0.0/0            100.64.0.0/10
5        0     0 RETURN     tcp  --  *      *       0.0.0.0/0            127.0.0.0/8
6        0     0 RETURN     tcp  --  *      *       0.0.0.0/0            169.254.0.0/16
7        0     0 RETURN     tcp  --  *      *       0.0.0.0/0            172.16.0.0/12
8        0     0 RETURN     tcp  --  *      *       0.0.0.0/0            192.0.0.0/24
9        0     0 RETURN     tcp  --  *      *       0.0.0.0/0            192.0.2.0/24
10       0     0 RETURN     tcp  --  *      *       0.0.0.0/0            192.88.99.0/24
11   45895 2752K RETURN     tcp  --  *      *       0.0.0.0/0            192.168.0.0/16
12       0     0 RETURN     tcp  --  *      *       0.0.0.0/0            198.18.0.0/15
13       0     0 RETURN     tcp  --  *      *       0.0.0.0/0            198.51.100.0/24
14       0     0 RETURN     tcp  --  *      *       0.0.0.0/0            203.0.113.0/24
15       0     0 RETURN     tcp  --  *      *       0.0.0.0/0            224.0.0.0/4
16       0     0 RETURN     tcp  --  *      *       0.0.0.0/0            240.0.0.0/4
17       0     0 RETURN     tcp  --  *      *       0.0.0.0/0            255.255.255.255
18   42172 2211K REDIRECT   tcp  --  *      *       0.0.0.0/0            0.0.0.0/0            redir ports 1081

所以任何访问本机外网IP的tcp连接都被REDIRECT到本机1081端口的V2RAY。例如本机外网IP的3000端口转发到某内网IP的2000端口。当V2RAY路由到直接访问时，尝试访问本机外网IP的源端口3000时，由于请求已经不会过nat表了，所以不会找到对应的目标端口2000转发，直接访问了路由器的3000端口。而如果路由器该端口没开服务，那么V2RAY就返回客户端结束tcp连接了。

解决方法：
目前想到3个解决方法：

在V2RAY链最后一条REDIRECT规则前添加一条本机外网IP网段直接返回的规则。
在系统重新拨号后重新载入V2RAY的防火墙规则。
让系统插PREROUTING链时从前面开始插

列表更新失败

谢谢作者。刚用上，很好用。
两个小问题。
1，在透明代理配置页面上，试图更新gfwlist和chnroute，总是显示“列表更新失败”。
2，现在更新只能靠重新安装ipk吧？
有没有考虑建一个openwrt的软件源(feed)？当然，那有点麻烦。

启用透明代理，telegram登录不上？

启用透明代理，telegram登录不上？该怎么配置才能使用telegram呢？

无法正确添加路由规则

尝试将v2ray白话文教程中提供的gfw域名文件添加进v2ray-core的ipk中，并在luci路由页面下新建规则，规则创建完毕后无法正常向域名一栏中写入ext:h2y.dat:gfw，具体表现为点击保存时该栏会被直接清空并顺利保存，且预设规则中点击+号也无法新增文本框以填写规则。
使用的SDK：openwrt-sdk-x86-generic_gcc-7.4.0_musl.Linux-x86_64.tar.xz 发布于 Fri Jul 5 23:29:55 2019

请问怎么配置才能支持CDN

已经配置好了v2ray+ws+cdn，地址为wss://aaa.sample.com/ray。luci-app-v2ray中的socks_proxy已经可以正常使用，但是透明代理transparent_proxy会报错：
2019/10/26 01:03:48 [Warning] v2ray.com/core/app/proxyman/outbound: failed to process outbound traffic > v2ray.com/core/proxy/vmess/outbound: failed to find an available destination > v2ray.com/core/common/retry: [v2ray.com/core/transport/internet/websocket: failed to dial WebSocket > v2ray.com/core/transport/internet/websocket: failed to dial to (wss://aaa.sample.com/ray): > dial tcp: operation was canceled] > v2ray.com/core/common/retry: all retry attempts failed

因为socks_proxy可以正常使用，所以upstream_vmess应该是正确的。具体配置如果有需要再贴上来。
补充，如果不用ws+cdn是可以正常使用透明代理的。

怀疑是iptables的问题，之前是用的IP地址。现在加CDN必须使用域名，然后ping aaa.sample.com把得到的IP地址手动添加到V2RAY的NAT中。命令如下
iptables -t nat -A V2RAY -p tcp -d 104.27.130.111 -j RETURN
这个已经添加成功，但透明代理还是无法使用，不能访问pornhub^^

编辑路由规则不支持 balancerTag?

好像只有outboundTag没有balancerTag?
以至于无法给某个规则设置balancerTag出站。