Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
ss-libev + v2ray-plugin + tls

ss-libev 插件 v2ray-plugin 的安装使用

请确保已经正确安装好了 ss-libev

购买域名 / 或申请免费域名

配置 Cloudflare

  1. cloudflare -> DNS 添加一条 A 记录;name=域名,value=vpsIP, ttl=automatic, status=onlyDns(灰色) 配置完成后再设置成橙色代理模式
  2. cloudflare -> SSL = Full (strict) 总是开启 HTTPS ( 自签名证书选 Full )

本文用的是 acme 脚本申请的证书,证书是由 Let's EncryptLet's 公司颁发具有 ca 认证的证书,不是自签证书,所以我选择 Full (strict) 或者 Full 都行。又因为使用的是免费版套餐, cloudflare 的服务器在国外,我甚至选择 Flexible 也行;不管是 Flexible 、Full 还是 Full-strict 都是在 cloudflare 的小云朵设置成橙色时才有意义。

安装 golang

方式1: yum 安装 golang

方式2: 安装 golang 可执行文件的二进制文件

查看 Go 的最新版本 ,我当前最新为1.12.5 (建议使用最新版本)

  • 下载安装 (root 下安装)
cd ~ && curl -O https://dl.google.com/go/go1.12.5.linux-amd64.tar.gz
  • 解压
tar -C /usr/local -xzf go1.12.5.linux-amd64.tar.gz
  • 添加到环境变量
vim ~/.bash_profile
  • 添加以下两行内容到文末:
export GOPATH=$HOME/work
export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin
  • 使环境变量生效
source ~/.bash_profile
  • 检查版本
go version

安装 v2ray-plugin

  • 方式1
git clone https://github.com/shadowsocks/v2ray-plugin.git
cd v2ray-plugin
go mod download
go build
cp v2ray-plugin /usr/bin/v2ray-plugin
cd ..
  • 方式2 到 github release 页面直接下载对应 v2ray-plugin 执行文件,然后把该文件移动到 /usr/bin/ 目录下
cp v2ray-plugin /usr/bin/v2ray-plugin

申请 Let's Encrypt 颁发的具有 ca 认证的证书

  • 和官方文档一样使用 acme 脚本自动申请免费证书 (免费证书有效期一般是 3 个月,该脚本会每隔 60 天自动更新一次证书有效期)
  • 准备 cloudflare 的注册邮箱 (cloudflare 的信息仅用来验证服务器和域名所有者的真实性,注意这里证书并不是 cloudflare 颁发的证书,而是 Let's Encrypt 颁发)
  • 准备 cloudflare api key ( 点击头像,然后点击 My Profile ,在个人信息页面下拉到最后有个 API KEYs -> Global API KEY)
  • 申请证书 (申请证书之前确保你的域名已经解析到你的服务器地址 )
export CF_Email="cloudflare 邮箱"
export CF_Key="cloudflare api key"
curl https://get.acme.sh | sh
~/.acme.sh/acme.sh --issue --dns dns_cf -d 你的域名

执行完上面命令,acme 脚本就会自动帮你申请好了证书,证书存放的目录在 root/.acme.sh/你的域名/ 。里面包含了 fullchain.cer 和 .key 等文件。如果你有网站之类的,请把证书移动到具有更安全权限的目录下去使用。

v2ray-plugin 会自动识别并且引用 acme 申请的证书文件;当然你也可以用 ln 命令把证书链接放到指定的具体目录下。

ln -s ~/.acme.sh/xxxx.com /etc/ssl/xxxx.com

https ( websocket + tls )

  • ss 配置文件
{
    "server": "0.0.0.0",
    "nameserver": "8.8.8.8",
    "server_port": 443,
    "password": "你的密码",
    "method": "chacha20-ietf-poly1305",
    "timeout": 400
    "no_delay": true,
    "mode": "tcp_and_udp",
    "plugin": "v2ray-plugin",
    "plugin_opts": "server;tls;fast-open;host=xxxxxxxxx.com;cert=/证书目录/fullchain.cer;key=/证书目录/xxxxxxxxx.com.key;loglevel=none"
}
  • service 配置
[Unit]
Description=Shadowsocks Server
After=network.target
[Service]
ExecStart=/usr/bin/ss-server -c /etc/shadowsocks-libev/config.json
Restart=on-abort
[Install]
WantedBy=multi-user.target

上面的配置需要注意 5 点:

  1. v2ray-plugin 和 ss-server 文件的路径要正确
  2. 开放 443 端口
  3. host=你的域名(不含 https 或 http)
  4. cert=证书存放的位置/fullchain.cer
  5. ket=证书存放的位置/xxxxxx.com.key
  • 检查
systemctl daemon-reload
systemctl restart ss
systemctl status ss -l
  • 将 cloudflare 小云朵设置为灰色(onlyDns) ,然后在本地电脑上 ping 域名, 确认和服务器的 ip 地址是否一致
  • 在浏览器上用 https 访问域名,是否返回显示 Bad Request, 同时查看 https 是否安全(点击小锁头)

quic

quic 核心是 udp,而大部分运营商对 udp 的支持不友好, udp 丢包严重,有时候不使用 quic 更好。(目前 v2ray-core 的 quic 还没有升级到最新的 http3 标准, 也就是说还没有支持 http3 的插件可以用,你可以通过 caddy2 启用 http3,但是本地没有支持 http3 的代理客户端可用)

  • ss 配置文件 ,需要关闭 ss 的 udp,让 quic 模块去处理 udp
{
    "mode": "tcp_only"
}
  • plugin-opts 中删掉 tls,然后添加 mode=quic
{
    "plugin_opts": "server;mode=quic;host=xxxxxxxxx.com;cert=/证书目录/fullchain.cer;key=/证书目录/xxxxxxxxx.com.key;loglevel=none"
}

由于 v2ray-plugin 中的 quic 默认强制启用了 tls,所以你不需要再在 plugin-opts 中再添加 tls 选项。修改完后记得在客户端插件选项添加 mode=quic,客户端同样不需要 tls 选项。

记得将 cloudflare -> Network 打开 Http/3 (如果使用 quic)

最后

  • 如果你看重的是隐蔽性,那么记得将 cloudflare -> DNS 的灰色云朵改为橙色,完成 cloudflare 中转代理

  • cloudflare 完全代理流量会导致更高的延迟,因为流量可能需要多绕一圈地球.

客户端

PC

  • 请先把 v2ray-plugin-win.exe 文件下载到本地 SS 目录下
  • 服务器地址: xxxxxxx.com
  • 端口: 443
  • 密码和加密看自己的配置文件
  • 插件程序:v2ray-plugin-win
  • 插件选项: tls;host=xxxxxx.com

Android

  • 和 PC 差不多,从 github 或 谷歌应用市场下载安装 v2ray-plugin-android.apk,
  • Trasport mode 选择: websocket-tls
  • Hostname:xxxxxxxx.com
  • 剩下默认即可
@aueu

This comment has been minimized.

Copy link

@aueu aueu commented May 19, 2019

cd 进源码目录后,go mod download 比直接 go build 好一些

@no-name2017

This comment has been minimized.

Copy link

@no-name2017 no-name2017 commented Aug 11, 2019

你好,可以请教一些问题吗?我搭建的是v2ray+ws+tls,用的是let's encrypt证书,而ss也是写在v2ray配置上的,这种情况如何给ss启用ss v2ray-plugin?谢谢

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Aug 13, 2019

@no-name2017 在下面的命令中替换相应的 cert 和 key 试试

ExecStart=/usr/local/bin/ss-server -c /etc/shadowsocks-libev/config.json -p 443 --plugin /usr/bin/v2ray-plugin --plugin-opts "server;tls;fast-open;host=你的域名;cert=/etc/shadowsocks-libev/你的域名/fullchain.cer;key=/etc/shadowsocks-libev/你的域名/你的域名.key;loglevel=none"

替换成类似这样,具体看你的证书文件格式和存放的路径,certbot 申请的则是 pem 格式, acme 申请的则是 cer 和 key 格式

cert=/fullchain.pem
key=/privkey.pem
@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Sep 13, 2019

@DearTanker

This comment has been minimized.

Copy link

@DearTanker DearTanker commented Sep 25, 2019

你好,用systemctl stop ss的时候会卡住是什么原因会知道吗?

首次start没有问题,查看status显示active没有毛病。

如果stop就会卡住。

● ss.service - Shadowsocks Manager Server
   Loaded: loaded (/etc/systemd/system/ss.service; disabled; vendor preset: disabled)
   Active: failed (Result: timeout) since Wed 2019-09-25 23:52:15 CST; 2s ago
  Process: 2073 ExecStop=/usr/local/bin/ss-manager --manager-address /var/run/shadowsocks-manager.sock -c /etc/shadowsocks-libev/config.json stop (code=exited, status=0/SUCCESS)
  Process: 2046 ExecStart=/usr/local/bin/ss-manager --manager-address /var/run/shadowsocks-manager.sock -c /etc/shadowsocks-libev/config.json start (code=exited, status=0/SUCCESS)
 Main PID: 2046 (code=exited, status=0/SUCCESS)

Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 ERROR: Could not bind
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 ERROR: port is not available, please check.
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 INFO: try to bind interface: 0.0.0.0, port: 29001
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 ERROR: bind: Address already in use
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 ERROR: Could not bind
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 ERROR: port is not available, please check.
Sep 25 23:52:15 do-1v-2g-2t-sfo2-01 systemd[1]: ss.service stopping timed out. Terminating.
Sep 25 23:52:15 do-1v-2g-2t-sfo2-01 systemd[1]: Stopped Shadowsocks Manager Server.
Sep 25 23:52:15 do-1v-2g-2t-sfo2-01 systemd[1]: Unit ss.service entered failed state.
Sep 25 23:52:15 do-1v-2g-2t-sfo2-01 systemd[1]: ss.service failed.

再次start还是会卡住:

● ss.service - Shadowsocks Manager Server
   Loaded: loaded (/etc/systemd/system/ss.service; disabled; vendor preset: disabled)
   Active: deactivating (stop) since Wed 2019-09-25 23:50:45 CST; 44s ago
 Main PID: 2046 (ss-manager);         : 2073 (ss-manager)
   CGroup: /system.slice/ss.service
           ├─2046 /usr/local/bin/ss-manager --manager-address /var/run/shadowsocks-manager.sock -c /etc/shadowsocks-libev/config.json start
           └─control
             └─2073 /usr/local/bin/ss-manager --manager-address /var/run/shadowsocks-manager.sock -c /etc/shadowsocks-libev/config.json stop

Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 INFO: running from root user
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 INFO: working directory points to /root/.shadowsocks
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 INFO: try to bind interface: 0.0.0.0, port: 29000
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 ERROR: bind: Address already in use
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 ERROR: Could not bind
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 ERROR: port is not available, please check.
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 INFO: try to bind interface: 0.0.0.0, port: 29001
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 ERROR: bind: Address already in use
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 ERROR: Could not bind
Sep 25 23:50:45 do-1v-2g-2t-sfo2-01 ss-manager[2073]: 2019-09-25 23:50:45 ERROR: port is not available, please check.
@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Sep 28, 2019

@DearTanker 请尝试用以下命令查看地址和端口占用情况; 看那个程序占用了 0.0.0.0 : 29000

netstat -tulpn
@wallena3

This comment has been minimized.

Copy link

@wallena3 wallena3 commented Dec 29, 2019

确认下 一切配置完毕后 应该再把cloudflare的dnsonly 改为 proxied

@IvoHu

This comment has been minimized.

Copy link

@IvoHu IvoHu commented Jan 27, 2020

mac怎么连?

@IvoHu

This comment has been minimized.

Copy link

@IvoHu IvoHu commented Jan 27, 2020

用的surge

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Feb 3, 2020

@NeikuiColacat

This comment has been minimized.

Copy link

@NeikuiColacat NeikuiColacat commented Feb 9, 2020

你好,请问别的教程中还多了caddy或nginx反代,多加这个有什么区别吗?还有就是为什么要开启no delay?

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Feb 12, 2020

@NeikuiColacat

This comment has been minimized.

Copy link

@NeikuiColacat NeikuiColacat commented Feb 13, 2020

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Feb 13, 2020

@NeikuiColacat

This comment has been minimized.

Copy link

@NeikuiColacat NeikuiColacat commented Feb 15, 2020

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 11, 2020

你好,年初的时候按你这个教程可以安装使用,但是现在安装的时候出现错误”build github.com/shadowsocks/v2ray-plugin: cannot load crypto/ed25519: cannot find module providing package crypto/ed25519”,能帮忙看下是什么地方出问题吗?

[root@hwsrv-668832 ~]# git clone https://github.com/shadowsocks/v2ray-plugin.git
Cloning into 'v2ray-plugin'...
remote: Enumerating objects: 7, done.
remote: Counting objects: 100% (7/7), done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 340 (delta 1), reused 3 (delta 1), pack-reused 333
Receiving objects: 100% (340/340), 89.12 KiB | 0 bytes/s, done.
Resolving deltas: 100% (189/189), done.
[root@hwsrv-668832 ~]# cd v2ray-plugin
[root@hwsrv-668832 v2ray-plugin]# go mod download
go: finding github.com/google/go-cmp v0.3.0
go: finding github.com/golang/protobuf v1.3.2
go: finding github.com/v2ray/v2ray-core v4.23.2+incompatible
go: finding github.com/golang/mock v1.3.1
go: finding github.com/miekg/dns v1.1.14
go: finding golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b
go: finding golang.org/x/sys v0.0.0-20190619223125-e40ef342dc56
go: finding golang.org/x/crypto v0.0.0-20190618222545-ea8f1a30c443
go: finding golang.org/x/text v0.3.2
go: finding google.golang.org/genproto v0.0.0-20190611190212-a7e196e89fd3
go: finding golang.org/x/tools v0.0.0-20190425150028-36563e24a262
go: finding golang.org/x/net v0.0.0-20190311183353-d8887717615a
go: finding google.golang.org/genproto v0.0.0-20180831171423-11092d34479b
go: finding google.golang.org/grpc v1.24.0
go: finding go.starlark.net v0.0.0-20190919145610-979af19b165c
go: finding golang.org/x/sys v0.0.0-20190412213103-97732733099d
go: finding golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e
go: finding golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3
go: finding golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2
go: finding golang.org/x/text v0.3.0
go: finding h12.io/socks v1.0.0
go: finding golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be
go: finding github.com/gorilla/websocket v1.4.1
go: finding github.com/golang/mock v1.1.1
go: finding google.golang.org/appengine v1.1.0
go: finding github.com/miekg/dns v1.1.4
go: finding golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a
go: finding github.com/client9/misspell v0.3.4
go: finding golang.org/x/sync v0.0.0-20190423024810-112230192c58
go: finding golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3
go: finding github.com/golang/mock v1.2.0
go: finding golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135
go: finding honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc
go: finding github.com/google/go-cmp v0.2.0
go: finding google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8
go: finding github.com/refraction-networking/utls v0.0.0-20190909200633-43c36d3c 1f57
go: finding github.com/BurntSushi/toml v0.3.1
go: finding cloud.google.com/go v0.26.0
go: finding github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
go: finding golang.org/x/tools v0.0.0-20190311212946-11955173bddd
go: finding golang.org/x/tools v0.0.0-20190226205152-f727befe758c
go: finding github.com/golang/protobuf v1.3.1
go: finding golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961
go: finding google.golang.org/grpc v1.19.0
go: finding honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099
go: finding google.golang.org/appengine v1.4.0
go: finding golang.org/x/sync v0.0.0-20181108010431-42b317875d0f
go: finding golang.org/x/net v0.0.0-20190213061140-3a22650c66bd
go: finding golang.org/x/exp v0.0.0-20190121172915-509febef88a4
go: finding golang.org/x/net v0.0.0-20180724234803-3673e40ba225
go: finding github.com/golang/protobuf v1.2.0
go: finding golang.org/x/net v0.0.0-20180826012351-8a410e7b638d
go: finding golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3
go: finding golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f
go: finding golang.org/x/sys v0.0.0-20180830151530-49385e6e1522
go: finding golang.org/x/tools v0.0.0-20190114222345-bf090417da8b
[root@hwsrv-668832 v2ray-plugin]# go build
build github.com/shadowsocks/v2ray-plugin: cannot load crypto/ed25519: cannot fi nd module providing package crypto/ed25519

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 12, 2020

你好,年初的时候按你这个教程可以安装使用,但是现在安装的时候出现错误”build github.com/shadowsocks/v2ray-plugin: cannot load crypto/ed25519: cannot find module providing package crypto/ed25519”,能帮忙看下是什么地方出问题吗?

[root@hwsrv-668832 ~]# git clone https://github.com/shadowsocks/v2ray-plugin.git
Cloning into 'v2ray-plugin'...
remote: Enumerating objects: 7, done.
remote: Counting objects: 100% (7/7), done.
remote: Compressing objects: 100% (6/6), done.
remote: Total 340 (delta 1), reused 3 (delta 1), pack-reused 333
Receiving objects: 100% (340/340), 89.12 KiB | 0 bytes/s, done.
Resolving deltas: 100% (189/189), done.
[root@hwsrv-668832 ~]# cd v2ray-plugin
[root@hwsrv-668832 v2ray-plugin]# go mod download
go: finding github.com/google/go-cmp v0.3.0
go: finding github.com/golang/protobuf v1.3.2
go: finding github.com/v2ray/v2ray-core v4.23.2+incompatible
go: finding github.com/golang/mock v1.3.1
go: finding github.com/miekg/dns v1.1.14
go: finding golang.org/x/net v0.0.0-20190619014844-b5b0513f8c1b
go: finding golang.org/x/sys v0.0.0-20190619223125-e40ef342dc56
go: finding golang.org/x/crypto v0.0.0-20190618222545-ea8f1a30c443
go: finding golang.org/x/text v0.3.2
go: finding google.golang.org/genproto v0.0.0-20190611190212-a7e196e89fd3
go: finding golang.org/x/tools v0.0.0-20190425150028-36563e24a262
go: finding golang.org/x/net v0.0.0-20190311183353-d8887717615a
go: finding google.golang.org/genproto v0.0.0-20180831171423-11092d34479b
go: finding google.golang.org/grpc v1.24.0
go: finding go.starlark.net v0.0.0-20190919145610-979af19b165c
go: finding golang.org/x/sys v0.0.0-20190412213103-97732733099d
go: finding golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e
go: finding golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3
go: finding golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2
go: finding golang.org/x/text v0.3.0
go: finding h12.io/socks v1.0.0
go: finding golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be
go: finding github.com/gorilla/websocket v1.4.1
go: finding github.com/golang/mock v1.1.1
go: finding google.golang.org/appengine v1.1.0
go: finding github.com/miekg/dns v1.1.4
go: finding golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a
go: finding github.com/client9/misspell v0.3.4
go: finding golang.org/x/sync v0.0.0-20190423024810-112230192c58
go: finding golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3
go: finding github.com/golang/mock v1.2.0
go: finding golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135
go: finding honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc
go: finding github.com/google/go-cmp v0.2.0
go: finding google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8
go: finding github.com/refraction-networking/utls v0.0.0-20190909200633-43c36d3c 1f57
go: finding github.com/BurntSushi/toml v0.3.1
go: finding cloud.google.com/go v0.26.0
go: finding github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b
go: finding golang.org/x/tools v0.0.0-20190311212946-11955173bddd
go: finding golang.org/x/tools v0.0.0-20190226205152-f727befe758c
go: finding github.com/golang/protobuf v1.3.1
go: finding golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961
go: finding google.golang.org/grpc v1.19.0
go: finding honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099
go: finding google.golang.org/appengine v1.4.0
go: finding golang.org/x/sync v0.0.0-20181108010431-42b317875d0f
go: finding golang.org/x/net v0.0.0-20190213061140-3a22650c66bd
go: finding golang.org/x/exp v0.0.0-20190121172915-509febef88a4
go: finding golang.org/x/net v0.0.0-20180724234803-3673e40ba225
go: finding github.com/golang/protobuf v1.2.0
go: finding golang.org/x/net v0.0.0-20180826012351-8a410e7b638d
go: finding golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3
go: finding golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f
go: finding golang.org/x/sys v0.0.0-20180830151530-49385e6e1522
go: finding golang.org/x/tools v0.0.0-20190114222345-bf090417da8b
[root@hwsrv-668832 v2ray-plugin]# go build
build github.com/shadowsocks/v2ray-plugin: cannot load crypto/ed25519: cannot fi nd module providing package crypto/ed25519

请尝试更新 go 的版本

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 12, 2020

试过更新到新版本的go,但还是会出现新的问题。

请尝试更新 go 的版本

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 12, 2020

go 12 以下的版本出现上述问题,用13以上版本会出现另一个问题

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 12, 2020

go 12 以下的版本出现上述问题,用13以上版本会出现另一个问题

我这边用的最新 go 1.14.4 没问题

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 12, 2020

请问是用什么版本linux,我再重新试下?

go 12 以下的版本出现上述问题,用13以上版本会出现另一个问题

我这边用的最新 go 1.14.4 没问题

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 12, 2020

请问是用什么版本linux,我再重新试下?

go 12 以下的版本出现上述问题,用13以上版本会出现另一个问题

我这边用的最新 go 1.14.4 没问题

Debian 9 x64

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 12, 2020

请问是用什么版本linux,我再重新试下?

go 12 以下的版本出现上述问题,用13以上版本会出现另一个问题

我这边用的最新 go 1.14.4 没问题

Debian 9 x64

好的,谢谢!我现在试下

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 12, 2020

请问是用什么版本linux,我再重新试下?

go 12 以下的版本出现上述问题,用13以上版本会出现另一个问题

我这边用的最新 go 1.14.4 没问题

Debian 9 x64

你好,到这一步出现错误“root@hwsrv-668832:~/v2ray-plugin# go mod download

github.com/v2ray/v2ray-core@v4.23.2+incompatible: invalid version: +incompatible suffix not allowed: module contains a go.mod file, so semantic import versioning is required

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 12, 2020

github.com/v2ray/v2ray-core@v4.23.2+incompatible: invalid version: +incompatible suffix not allowed: module contains a go.mod file, so semantic import versioning is required

不用管它,下一步 go build 就行

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 12, 2020

go build也提示incompatible,可以继续吗?
root@hwsrv-668832:~/v2ray-plugin# go build
go: downloading github.com/v2ray/v2ray-core v4.23.2+incompatible

你看 v2ray-plugin 目录里面有 v2ray-plugin 这个文件就说明编译成功了

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 12, 2020

你看 v2ray-plugin 目录里面有 v2ray-plugin 这个文件就说明编译成功了

好的,谢谢!证书申请次数太多,申请不了证书了,等过几天再试试看

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 16, 2020

你好,安装完出错,错误信息如下,需要怎么处理呢?

root@hwsrv-668832:# systemctl daemon-reload
root@hwsrv-668832:
# systemctl restart ss
root@hwsrv-668832:~# systemctl status ss -l
● ss.service - Shadowsocks Server
Loaded: loaded (/etc/systemd/system/ss.service; disabled; vendor preset: enab
Active: failed (Result: exit-code) since Thu 2020-07-16 05:05:57 UTC; 9s ago
Process: 11406 ExecStart=/usr/bin/ss-server -c /etc/shadowsocks-libev/config.j
Main PID: 11406 (code=exited, status=203/EXEC)

Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: Started Shadowsocks Se
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[11406]: ss.service: Failed
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Main proce
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Unit enter
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Failed wit
lines 1-11/11 (END)...skipping...
● ss.service - Shadowsocks Server
Loaded: loaded (/etc/systemd/system/ss.service; disabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2020-07-16 05:05:57 UTC; 9s ago
Process: 11406 ExecStart=/usr/bin/ss-server -c /etc/shadowsocks-libev/config.json (code=exited, status=203/EXEC)
Main PID: 11406 (code=exited, status=203/EXEC)

Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: Started Shadowsocks Server.
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[11406]: ss.service: Failed at step EXEC spawning /usr/bin/ss-server: No such file or directory
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Main process exited, code=exited, status=203/EXEC
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Unit entered failed state.
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Failed with result 'exit-code'.

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 17, 2020

你好,安装完出错,错误信息如下,需要怎么处理呢?
root@hwsrv-668832:# systemctl daemon-reload root@hwsrv-668832:# systemctl restart ss
root@hwsrv-668832:~# systemctl status ss -l
● ss.service - Shadowsocks Server
Loaded: loaded (/etc/systemd/system/ss.service; disabled; vendor preset: enab
Active: failed (Result: exit-code) since Thu 2020-07-16 05:05:57 UTC; 9s ago
Process: 11406 ExecStart=/usr/bin/ss-server -c /etc/shadowsocks-libev/config.j
Main PID: 11406 (code=exited, status=203/EXEC)
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: Started Shadowsocks Se
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[11406]: ss.service: Failed
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Main proce
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Unit enter
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Failed wit
lines 1-11/11 (END)...skipping...
● ss.service - Shadowsocks Server
Loaded: loaded (/etc/systemd/system/ss.service; disabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Thu 2020-07-16 05:05:57 UTC; 9s ago
Process: 11406 ExecStart=/usr/bin/ss-server -c /etc/shadowsocks-libev/config.json (code=exited, status=203/EXEC)
Main PID: 11406 (code=exited, status=203/EXEC)
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: Started Shadowsocks Server.
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[11406]: ss.service: Failed at step EXEC spawning /usr/bin/ss-server: No such file or directory
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Main process exited, code=exited, status=203/EXEC
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Unit entered failed state.
Jul 16 05:05:57 hwsrv-668832.hostwindsdns.com systemd[1]: ss.service: Failed with result 'exit-code'.

/usr/bin/ss-server: No such file or directory : 没有找到ss-server 文件,确认 ss-server 文件是否在 /usr/bin/ 目录下

如果/usr/bin/ss-server没有ss-server文件,应该怎么办?前面的命令都是按步骤操作下来的

你安装 ss 了吗?这个教程没有写 ss 的安装。

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 19, 2020

改端口还是不行,会不会跟ss的版本太低有关?

看样子你好像用的是 ss-python 原版的,原版已经好几年前就停更了;
现在主流使用的是在更新的版本 ss-libev
编译安装 ss-libev 教程: 编译源码ss-libev

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 20, 2020

看样子你好像用的是 ss-python 原版的,原版已经好几年前就停更了;现在主流使用的是在更新的版本 ss-libev

编译安装 ss-libev 教程: 编译源码ss-libev

重新按照你发的ss-libev教程安装,然后v2ray-plugin可以用了,非常感谢!
另外有个问题,我安装了ss-libev和v2ray后,按照ss-libev教程页面下面的vultr里的bbr教程安装完bbr后,又不能上网了,这个是什么原因啊?

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 20, 2020

另外有个问题,我安装了ss-libev和v2ray后,按照ss-libev教程页面下面的vultr里的bbr教程安装完bbr后,又不能上网了,这个是什么原因啊?

使用 uname -r 查看一下内核是否安装成功,然后按照教程重新检查 bbr 是否安装启用了。

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 20, 2020

使用 uname -r 查看一下内核是否安装成功,然后按照教程重新检查 bbr 是否安装启用了。

内核安装成功了,bbr也正常,但是这个“ tcp server listening at 127.0.0.1:33235”,为什么不是443呢?

[root@hwsrv-668832 ~]# uname -r
5.7.9-1.el7.elrepo.x86_64
[root@hwsrv-668832 ~]# sudo sysctl -p
net.core.default_qdisc = fq
net.ipv4.tcp_congestion_control = bbr
[root@hwsrv-668832 ~]# sudo sysctl net.ipv4.tcp_available_congestion_control
net.ipv4.tcp_available_congestion_control = reno cubic bbr
[root@hwsrv-668832 ~]# sudo sysctl -n net.ipv4.tcp_congestion_control
bbr
[root@hwsrv-668832 ~]# lsmod | grep bbr
tcp_bbr 20480 2
[root@hwsrv-668832 ~]# systemctl status ss.service
● ss.service - Shadowsocks Server
Loaded: loaded (/etc/systemd/system/ss.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2020-07-20 05:19:53 UTC; 34min ago
Main PID: 1448 (ss-server)
CGroup: /system.slice/ss.service
├─1448 /usr/local/bin/ss-server -c /etc/shadowsocks-libev/config.json
└─1449 v2ray-plugin

Jul 20 05:19:53 hwsrv-668832.hostwindsdns.com systemd[1]: Started Shadowsocks Server.
Jul 20 05:19:53 hwsrv-668832.hostwindsdns.com ss-server[1448]: 2020-07-20 05:19:53 INFO: plugin "v2ray-plugin" enabled
Jul 20 05:19:53 hwsrv-668832.hostwindsdns.com ss-server[1448]: 2020-07-20 05:19:53 INFO: enable TCP no-delay
Jul 20 05:19:53 hwsrv-668832.hostwindsdns.com ss-server[1448]: 2020-07-20 05:19:53 INFO: initializing ciphers... chacha20-ietf-poly1305
Jul 20 05:19:53 hwsrv-668832.hostwindsdns.com ss-server[1448]: 2020-07-20 05:19:53 INFO: using nameserver: 8.8.8.8
Jul 20 05:19:53 hwsrv-668832.hostwindsdns.com ss-server[1448]: 2020-07-20 05:19:53 INFO: tcp server listening at 127.0.0.1:33235
Jul 20 05:19:53 hwsrv-668832.hostwindsdns.com ss-server[1448]: 2020-07-20 05:19:53 INFO: running from root user
Jul 20 05:19:53 hwsrv-668832.hostwindsdns.com ss-server[1448]: 2020/07/20 05:19:53 V2Ray 4.23.2 (V2Fly, a community-driven edition of V2Ray.) Custom (go1.14.4 linux/amd64)
Jul 20 05:19:53 hwsrv-668832.hostwindsdns.com ss-server[1448]: 2020/07/20 05:19:53 A unified platform for anti-censorship.

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 20, 2020

内核安装成功了,bbr也正常,但是这个“ tcp server listening at 127.0.0.1:33235”,为什么不是443呢?

33235 只是 ss-server 本地监听端口,不是你的客户端连接端口,客户端应该使用 443 端口来连接

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 20, 2020

33235 只是 ss-server 本地监听端口,不是你的客户端连接端口,客户端应该使用 443 端口来连接

好的,现在用不了有可能是什么原因呢?

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 20, 2020

好的,现在用不了有可能是什么原因呢?

能否发一下服务端和客户端的配置(记得模糊掉域名密码等信息)

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 20, 2020

能否发一下服务端和客户端的配置(记得模糊掉域名密码等信息)

具体配置信息如下:
服务端:
[root@hwsrv-668832 ~]# vim /etc/shadowsocks-libev/config.json
{
"server": "0.0.0.0",
"nameserver": "8.8.8.8",
"server_port": 443,
"password": "123456",
"method": "chacha20-ietf-poly1305",
"timeout": 600,
"no_delay": true,
"mode": "tcp_only",
"plugin": "v2ray-plugin",
"plugin_opts": "server;mode=quic;host=wodeyuming.com;cert=/etc/ssl/wodeyuming.com/fullchain.cer;key=/etc/ssl/wodeyuming.com/wodeyuming.com.key;loglevel=none"
}

[root@hwsrv-668832 ~]# vim /etc/systemd/system/ss.service
[Unit]
Description=Shadowsocks Server
After=network.target
[Service]
ExecStart=/usr/local/bin/ss-server -c /etc/shadowsocks-libev/config.json
Restart=on-abort
[Install]
WantedBy=multi-user.target

客户端:
image

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 20, 2020

具体配置信息如下:
服务端:
[root@hwsrv-668832 ~]# vim /etc/shadowsocks-libev/config.json
{
"server": "0.0.0.0",
"nameserver": "8.8.8.8",
"server_port": 443,
"password": "123456",
"method": "chacha20-ietf-poly1305",
"timeout": 600,
"no_delay": true,
"mode": "tcp_only",
"plugin": "v2ray-plugin",
"plugin_opts": "server;mode=quic;host=wodeyuming.com;cert=/etc/ssl/wodeyuming.com/fullchain.cer;key=/etc/ssl/wodeyuming.com/wodeyuming.com.key;loglevel=none"
}

[root@hwsrv-668832 ~]# vim /etc/systemd/system/ss.service
[Unit]
Description=Shadowsocks Server
After=network.target
[Service]
ExecStart=/usr/local/bin/ss-server -c /etc/shadowsocks-libev/config.json
Restart=on-abort
[Install]
WantedBy=multi-user.target

客户端:
image

你的服务器启用的了mode=quic , 那么在客户端的插件选项也要去掉 tls, 然后写上 mode=quic 。

@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 20, 2020

你的服务器启用的了mode=quic , 那么在客户端的插件选项也要去掉 tls, 然后写上 mode=quic 。

去掉tls,然后写上mode=quic后还是不行,刚刚安装完ss和v2ray的时候是可以用的,然后安装bbr后就不行了。如果我先安装bbr在安装ss和v2ray,会有不同吗?

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Jul 20, 2020

去掉tls,然后写上mode=quic后还是不行,刚刚安装完ss和v2ray的时候是可以用的,然后安装bbr后就不行了。如果我先安装bbr在安装ss和v2ray,会有不同吗?

@esee2020 不会, 但 bbr 是针对 tcp 加速的,quic 主要是 udp; 具体什么原因我也不确定,你也可以先删除掉 bbr 试试,我只能告诉你大致检查的方向:

  1. 检查本地 windows 的 ss 客户端的目录,确保 v2ray-plugin 文件和客户端填写名字的一致。
  2. 先不要使用 quic , 客户端和服务端都先去掉 mode=quic, 改成 tls , 然后在访问试试。
  3. 不走 cloudflare 代理,使用具体 ip 直接连接,看能否正常连接。
  4. 上面都不行的话,不使用 v2ray-plugin 插件测试连接,主要检查 ss 本身连接是否正常
@esee2020

This comment has been minimized.

Copy link

@esee2020 esee2020 commented Jul 20, 2020

去掉tls,然后写上mode=quic后还是不行,刚刚安装完ss和v2ray的时候是可以用的,然后安装bbr后就不行了。如果我先安装bbr在安装ss和v2ray,会有不同吗?

@esee2020 不会, 但 bbr 是针对 tcp 加速的,quic 主要是 udp; 具体什么原因我也不确定,你也可以先删除掉 bbr 试试,我只能告诉你大致检查的方向:

1. 检查本地 windows 的 ss 客户端的目录,确保 v2ray-plugin 文件和客户端填写名字的一致。

2. 先不要使用 quic , 客户端和服务端都先去掉 mode=quic, 改成 tls , 然后在访问试试。

3. 不走 cloudflare 代理,使用具体 ip 直接连接,看能否正常连接。

4. 上面都不行的话,不使用 v2ray-plugin 插件测试连接,主要检查 ss 本身连接是否正常

好的,我按你说的方向试下看,多谢!

@jiaokang

This comment has been minimized.

Copy link

@jiaokang jiaokang commented Aug 5, 2020

你好,配置完成之后,能正常使用,但是日志有很多

http: TLS handshake error from abc.asd.sad.sad : EOF

知道这是因为什么吗?google过了,没找到解决办法。
还有,日志有一堆

tcp 1.1.1.23:61647 accepted tcp:127.0.0.1 

这个在哪儿设置?

@liker5092

This comment has been minimized.

Copy link

@liker5092 liker5092 commented Aug 6, 2020

你好,配置完成之后,能正常使用,但是日志有很多

http: TLS handshake error from abc.asd.sad.sad : EOF

知道这是因为什么吗?google过了,没找到解决办法。
还有,日志有一堆

tcp 1.1.1.23:61647 accepted tcp:127.0.0.1 

这个在哪儿设置?

我也出现一堆的 http: TLS handshake error from 12.36.54.89 : EOF
查各种坛子,说是 SSL证书的问题。现在还无解,我不是使用的443端口。

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Aug 6, 2020

@jiaokang @liker5092 尽量在配置中使用 cert 和 key 指向到具体的证书路径

@jiaokang

This comment has been minimized.

Copy link

@jiaokang jiaokang commented Aug 7, 2020

@jiaokang @liker5092 尽量在配置中使用 cert 和 key 指向到具体的证书路径

已经指定了,偶尔还是会出现问题。
另外cert指定的是生成的fullchain.cert,key指定的是.key文件,这个对吧?
因为生成的还有一个域名对应的.cer文件

@shuanghua

This comment has been minimized.

Copy link
Owner Author

@shuanghua shuanghua commented Aug 11, 2020

@jiaokang @liker5092 尽量在配置中使用 cert 和 key 指向到具体的证书路径

已经指定了,偶尔还是会出现问题。
另外cert指定的是生成的fullchain.cert,key指定的是.key文件,这个对吧?
因为生成的还有一个域名对应的.cer文件

可能是证书的兼容性问题,由于使用了 CF 代理,会有两种证书,一种是在服务器的免费证书(三个月),一种是在 CF 上的证书(1年),我不确定是那一种证书的问题,建议更新一下 came 脚本,或者把橙色的云朵改成灰色后再看看会不会再出现 tls handshake error,如果没有出现那就是CF证书的兼容性问题,证书的兼容性在不同的浏览器和系统上会有不同的效果。

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.