Code Monkey home page Code Monkey logo

Comments (16)

yinqiwen avatar yinqiwen commented on July 27, 2024

sniproxy只能作用在443端口的TLS协议上(https,secure websocket)。配置则是在Channel下的SNIProxy中设置。

from gsnova.

szh7379 avatar szh7379 commented on July 27, 2024

paas Channel里我这样配置的"SNIProxy" : "sni_proxy",
按道理说应该跟TSLDirect一样会走sni_proxy的,但是同样是youtube,hosts.json里注释掉*.googlevideo.com":["google_https"]过后,走paas速度完全跟直连一样了,感觉是hosts.json里不做映射就不会走sni_proxy了。

from gsnova.

szh7379 avatar szh7379 commented on July 27, 2024

我看了*.googlevideo.com是https的,还有一点我的herokuapp只能用https,用wss会报错是为什么

from gsnova.

yinqiwen avatar yinqiwen commented on July 27, 2024

SNIProxy是作用在Channel上的,和实际代理的流量无直接关系。若想要*.googlevideo.com走SNIProxy,那么需要配置代理走direct类型Channel;paas里的SNIProxy设置代表gsnova到paas端之间通信通过sniproxy中转。

heroku的websocket也是443端口的,配置中server地址只需要改成wss://xyz.herokuapp.com 即可;

from gsnova.

yinqiwen avatar yinqiwen commented on July 27, 2024

另外,默认48100端口的设置里是有内置的自定义PAC规则的,猜测你遇到的现象和这个有关,这个很难简单解释清楚,了解代码的话可以直接看下相关代码。

from gsnova.

szh7379 avatar szh7379 commented on July 27, 2024

大概理解那个意思了,应该是genova到paas已经走了sni_proxy,但是pass到_.googlevideo.com影响了速度,所以效果不如TSLDirect的sni_proxy到_.googlevideo.com。我以为走了sni_proxy速度就应该都很快了。
"Rule":["InHosts"],"Remote":"TLSDirect"
你说的PAC规则是这个吧,这个我倒是搞懂了,是hosts.json里映射吧。
尝试过几次自学编程,但是有些东西还是需要有人指导,所以最后不了了之……只能看懂一些浅显的代码……我遇到问题还去仓库里各个go文件试着看呢,但是一头雾水……丢人啊

from gsnova.

szh7379 avatar szh7379 commented on July 27, 2024

2016/10/11 15:17:38 ws.go:103: Websocket read error:read tcp 192.168.1.103:14218->120.198.243.115:443: i/o timeout
2016/10/11 15:17:38 channel.go:330: Failed to read channel for reason:read tcp 192.168.1.103:14218->120.198.243.115:443: i/o timeout
2016/10/11 15:17:38 paas.go:74: [PAAS]Connect 183.207.229.19:443
2016/10/11 15:17:38 ws.go:69: dial websocket error:x509: certificate signed by unknown authority

用wss://xyz.herokuapp.com,老会出现这一段日志,用https ://xyz.herokuapp.com 不会,但是会有cannot write data这一类的,虽然正常使用,但是好像也是有什么错误的吧

from gsnova.

yinqiwen avatar yinqiwen commented on July 27, 2024

x509: certificate signed by unknown authority 这个错误看起来似乎是某个sni proxy试图用伪造证书

from gsnova.

szh7379 avatar szh7379 commented on July 27, 2024

sni proxy这些ip也是在goproxy和这个仓库的issues里收集的,也不会自己找,没办法了,https不报错,是不是用https就没事了呢

from gsnova.

jzp820927 avatar jzp820927 commented on July 27, 2024

2016/10/11 15:17:38 paas.go:74: [PAAS]Connect 183.207.229.19:443
2016/10/11 15:17:38 ws.go:69: dial websocket error:x509: certificate signed by unknown authority

183.207.229.19 这个 IP,不是 SNI,是绑定了证书的,所以会报证书错误。把这个 IP 去掉。

from gsnova.

szh7379 avatar szh7379 commented on July 27, 2024

原来如此,也不记得怎么收集的这些IP了  ̄□ ̄||
多谢两位的耐心解答

from gsnova.

jzp820927 avatar jzp820927 commented on July 27, 2024

183.207.229.19 这个 IP 是 D 大以前在这个 issues 里面分享的,以前确实是 sni,不过现在被绑定了证书,就不是 sni 了。

IP 和服务器都是随时变化的。很多IP 可能今天是 SNI,明天就变成其他用途了。
据我观察,很多国内的 sni 的服务器,都是用于苹果的 iTunes 服务器在国内的反代加速,用于加速国内用户连接苹果服务器的。所以国内的 sni 有可能随时被用于其它用途,而失去 sni 的作用。所以 sni 也是需要经常更新维护的。

from gsnova.

szh7379 avatar szh7379 commented on July 27, 2024

好吧,不会找还真是麻烦啊,感觉这条路又不通了

from gsnova.

jzp820927 avatar jzp820927 commented on July 27, 2024

通过观察日志,其实就可以简单判定了,就像上面那个 IP,日志里面报错
2016/10/11 15:17:38 paas.go:74: [PAAS]Connect 183.207.229.19:443
2016/10/11 15:17:38 ws.go:69: dial websocket error:x509: certificate signed by unknown authority
就说明,这个IP肯定是有问题了。

from gsnova.

szh7379 avatar szh7379 commented on July 27, 2024

这些知识不怎么理解……也不知道是哪一步的证书出现问题……

from gsnova.

jzp820927 avatar jzp820927 commented on July 27, 2024

那就只有遇到问题就在 issues 提出来了,等高手来解决。

from gsnova.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.