-
Notifications
You must be signed in to change notification settings - Fork 4.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
DomainStrategy Setting Has no Effect in Freedom Outbound while Using jsonv5 Format #2448
Comments
While I am using v5.4.1 and had tried every methods to resolve IP for every requests before sending them to outbound (that's the purpose what "domainStrategy": "UseIP" phrase designed for), none of them works. I also tested same configuration under xray environment with success. That's should be some bugs cause the issue and needed to be fixed, to bring this key feature works again. |
After switch back to v5.2.1, the UseIP stragegy worked normally, which resolve IP for routed request first, then initiate new request using resolved IP to the outbound chain. |
This is because in #2334 I only added config support for jsonv4, and forgot to add it for jsonv5 (because I am still sticking to jsonv4). Jsonv5 support is missing in: v2ray-core/infra/conf/v5cfg/outbound.go Lines 14 to 23 in acbb5e6
I will add a PR to bring it to jsonv5.
Yes, it is missing and I also wonder the reason. Since we have |
Are you using jsonv4 or jsonv5? For jsonv4 I've just tested that both way mentioned in this issue will work. Could you share you config here? |
Thanks for your reply. Because I had switch to xray and the config file might had been modified to compatible to xray's syntax, the following config may not be exact the same with mentioned one in my previous reply: `{
}` |
@bayard I've discovered the root cause of your issue. It is indeed a regression bug introduced after #2334. There are two reasons for your failure:
I'll figure out a way to resolve this issue. Btw, are your using |
This also raises a question not discussed in #2334: By using
Should it be 1 (current behavior), or 2 (so it behaves like freedom outbound, maybe what @bayard's |
From the traced log output, the v2ray's behavior was like what you explained: What I expected was the DNS requests(hijacked by But the log revealed that hijacked DNS routed and IP resolved correctly, and parallelly a request using original domain name also dialed to outbound socks proxy and failed because the proxy unable to handle requests using domain name. It seemed that
YES. The outbound |
So this proves that for |
Shouldn't it be flagged as a bug instead of an enhancement? The JSONv5 configuration format removed the "domanStrategy" configuration option from the "freedom" outbound. This causes DNS queries to be leaked to unencrypted system DNS.
@Vigilans I've checked the list of pull requests and can't find a pull request to fix this. I made a pull request for you. |
This issue is stale because it has been open 120 days with no activity. Remove stale label or comment or this will be closed in 5 days |
What version of V2Ray are you using?
Tested both 5.4.1 and 5.3.0
What's your scenario of using V2Ray?
On the server side, process v2ray uses custom dns setting from
config.json
to resolve domain name instead of operate system setting in /etc/resolv.confWhat problems have you encountered?
version 5.3.0
On version 5.3.0, when I tried to add
"domainStrategy":"UseIP"
in freedom settings, likeit failed to start and here's the output
Then I tried to insepct the source code, and figured that
DomainStrategy
is not inproxy/freedom/config.proto, line 29, message SimplifiedConfig{}
while it is shown inline 23,message Config{}
.And also
DomainStrategy
is not inproxy/freedom/config.pb.go, line 191, type SimplifiedConfig struct{}
while it is shown inline 123, type Config struct{}
.I wonder if some changes are needed in those files.
version 5.4.1
After that, I tried to switch to version 5.4.1 because I found pull request #2334 , in which added
DomainStrategy
for all outbound.Based on the useage in pull request #2334, I changed the outbound setting like
And the v2ray started successfully this time. When I created connection through v2ray by curl, the resloving packages captured by tcpdump were sending to
1.1.1.1
which is the setting in/etc/resolv.conf
, while they were supposed to send to8.8.8.8
which is the setting inconfig.json
. Here's the logSince I am not good at golang, I can't figure out why
domainStrategy
next toprotocol
has no effect.Then I changed the outbound setting like
And it failed to start just like version 5.3.0
The problem seems to be the same as version 5.3.0 this time.
Currently, I changed the function
useIP()
in source fileproxy/freedom/config.go
to force theUseIP
strategy and rebuild the v2ray.It might cause some bug, but it's fine so far.
What's your expectation?
With format
jsonv5
, the process will use internal dns settings to resolve domain name when outbound setting is eitheror
I don't use v4 json format because 'bindToDevice' is not supported in it.
Please attach your configuration here
Server configuration:
Process failed to start with this configuration:
"domainStrategy": "UseIP"
has no effect with this configurationClient configuration:
Using command curl
The text was updated successfully, but these errors were encountered: