Traffic dont go through Proxy
Recoba86 opened this issue · 10 comments
Hi
i installed your plugin and started the service and everythings seems to working but none my lans device use shadowsocks, all device connect directly to internet even ss-merlin are started!
here is ip tables:
`Chain PREROUTING (policy ACCEPT)
target prot opt source destination
SS_PREROUTING all -- anywhere anywhere
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
SS_OUTPUT all -- anywhere anywhere
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
Chain SHADOWSOCKS_TCP (2 references)
target prot opt source destination
RETURN tcp -- anywhere anywhere match-set localips dst
RETURN tcp -- anywhere anywhere match-set whitelist dst
RETURN tcp -- anywhere anywhere match-set userwhitelist dst
REDIRECT tcp -- 192.168.4.0/24 anywhere redir ports 1080
REDIRECT tcp -- 192.168.4.0/24 anywhere match-set usergfwlist dst redir ports 1080
Chain SS_OUTPUT (1 references)
target prot opt source destination
SHADOWSOCKS_TCP tcp -- anywhere anywhere
Chain SS_PREROUTING (1 references)
target prot opt source destination
SHADOWSOCKS_TCP tcp -- 192.168.4.0/24 anywhere `
i use global mode
and lan ips are default for all lans devices!
and here is shadowsocks config json file info
{ "server": "us-buf.wbnet.cf", "server_port": 35938, "local_address": "0.0.0.0", "local_port": 1080, "password": "XXXXXXXXXX", "timeout": 600, "method": "aes-256-gcm", "mode": "tcp_only", "plugin": "v2ray-plugin", "plugin_opts": "tls;host=cloudfront.net;path=/v2ray" }
Make sure your server enabled v2ray-plugin and plugin option is correct.
i use surfsharks server and they are v2ray plugin enabled!
but how should i know plugin option?
i use v2rat app on mac and it just work with ss-server url just fine
If you don't know how to configure v2ray-plugin, try to disable it on your router.
can you paste the command to disable it on router?!
ok I just removed plugin line from config.json and its working now and all traffic goes through proxy!
can I remove dns china line? because I don't live in china and just take too long to load and start?!
and is it possible that every time router starts , ss-merlin start too?
and is it anyway to decrease CPU need power? I have AC5300 ASUS router but I can just near 55 Mbit download and 70 Mbit upload through router shadow socks
but if I use shadow socks on pc or mac, I can get near 220 Mbit download and 120 Mbit upload
is it any plugin that increase router throughput bandwidth?
another Question:
how in lan_ips
i should just remove one device from the list?
for example all local devices go through proxy only 192.168.1.4 and 192.168.1.5 pass the proxy!
Hi,
- If you want to disable plugin, just remove
pluginandplugin_optsin config.json. - Ignore
china_dns_ipif you don't visit websites host in China. - ss-merlin will auto-start if it is running before your router reboot.
- AC5300's CPU is lower performance than x86 architecture. If you want to get the better speed you need to have an x86 based router.
- By default
lan_ipsis 0.0.0.0/0, which means all of your LAN devices will pass the proxy. You can assign a LAN IP like 192.168.1.4 means only this device can pass the proxy.
i think you just didn't understand my question!
i just want all my device go through proxy!(pass the proxy) but only two devices (192.168.2.182 and 192.168.2.110) BYPASS proxy and go straight to Wan!(get isp Ip)
is it possible by lan-ips? any exclude rules
Cannot set exclude rules currently.