英文:
failed to dial to (wss://<ip>/subf1/40234): 502 Bad Gateway > websocket: bad handshake
问题
OK, 这个502错误与其他相关文章不同。
首先,我成功地在Ubuntu 22上设置了一个v2ray系统。
我有一个域名和一个Cloudflare账户来为我的域名设置DNS,并且一个名为'sub'的子域连接到我的服务器IP,一切都设置得很好。
使用Linux上的Certbot装备SSL证书和密钥,一切都正常,网站可以使用https正常访问。
在CF(CloudFlare)中启用了DNS代理和WebSocket检查。
此外,我使用了像著名教程中所说的反向DNS,所以我编辑了/etc/nginx/sites-available/sub.domain.com以使其变成这样:
server {
root /var/www/html;
index index.html index.htm index.nginx-debian.html;
server_name sub.domain.com;
location / {
try_files $uri $uri/ =404;
}
# 这里是v2ray的一些配置
}
同时,我在服务器上使用了X-UI v2ray面板,一切都设置得很好。这是一个我正常使用的vless连接的示例。
现在,问题是,自从我移除了X-UI面板并安装了另一个版本后,无论v2ray客户端提供什么信息,都无法建立连接,出现了一系列错误。
我尝试了以下一些方法来解决问题:
- 重新启动Nginx
- 重新启动服务器
- 重新安装X-UI面板(不同版本)
- 重建服务器
- 更改子域名
- 更改子域名并更改服务器获取不同的IP
SSL证书已经正常设置,并选择了CF SSL。
非常感谢任何形式的帮助和建议。
英文:
OK, this 502 error is from something different than the other related articles here.
first i managed to setup a v2ray system using ubuntu 22.
I have a domain and a cloudflare account to set DNS for my domain and a 'sub' subdomain connected to my server ip, all set as it should be.
equipped with SSL cert & key using certbot on linux and works ok, website comes up with https just fine.
dns proxy and websocket check are both enable in CF(CloudFlare).
also im using reverse DNS like the famous tutorials saying, so i've edited the /etc/nginx/sites-available/sub.domain.com to become like this:
server {
# SSL configuration
#
# listen 443 ssl default_server;
# listen [::]:443 ssl default_server;
#
# Note: You should disable gzip for SSL traffic.
# See: https://bugs.debian.org/773332
#
# Read up on ssl_ciphers to ensure a secure configuration.
# See: https://bugs.debian.org/765782
#
# Self signed certs generated by the ssl-cert package
# Don't use them in a production server!
#
# include snippets/snakeoil.conf;
root /var/www/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name sub.domain.com;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location /subf1 {
if ($http_upgrade != "websocket") {
return 404;
}
location ~ /subf1/\d\d\d\d\d$ {
if ($request_uri ~* "([^/]*$)" ) {
set $port $1;
}
proxy_redirect off;
proxy_pass http://127.0.0.1:$port/;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
return 404;
}
# pass PHP scripts to FastCGI server
#
#location ~ \.php$ {
# include snippets/fastcgi-php.conf;
#
# # With php-fpm (or other unix sockets):
# fastcgi_pass unix:/run/php/php7.4-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
#}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/sub.domain.com/fullchain.pem; # mana>
ssl_certificate_key /etc/letsencrypt/live/sub.domain.com/privkey.pem; # ma>
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = sub.domain.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name sub.domain.com;
return 404; # managed by Certbot
}
also, have the x-ui v2ray panel installed and everything is setup just right here is a sample vless connection which i used to create normally and worked fine till yesterday:
the 9988 port is defined from x-ui v2ray management panel on the server.
everything was fine until i removed the x-ui panel and installed another version.
since then i cannot make the connections work, no matter what the v2ray client gives this series of errors:
app/proxyman/outbound: failed to process outbound traffic > proxy/vless/outbound: failed to find an available destination > common/retry: [transport/internet/websocket: failed to dial WebSocket > transport/internet/websocket: failed to dial to (wss://<ip>/subf1/40234): 502 Bad Gateway > websocket: bad handshake] > common/retry: all retry attempts failed
proxy/http: failed to read response from 149.xx.xx.xx:80 > io: read/write on closed pipe
some things i did to resolve this are:
- restarting nginx
- rebooting the server
- re-installing the x-ui panel (various versions)
- rebuilding the server
- changing the subdomain
- changing the sub domain + changing the server and gettin a different ip
and SSL is being set just fine with CF SSL selected at Full.
any kind of help and suggestion is so appreciated.
答案1
得分: 0
Ok,这是连接入站中使用的 CDN IP 引起的问题。
英文:
Ok, that was a problem from CDN ip used in the connection inbound.
答案2
得分: 0
1: 关闭 SELinux
$ setenforce 0
vi /etc/selinux/config,将 SELINUX 设置为 "disabled"
2: 关闭防火墙
$ systemctl stop firewalld
$ systemctl disable firewalld
英文:
1: Close SELinux
$ setenforce 0
vi /etc/selinux/config and set SELINUX="disabled"
2: Close Firewall
$ systemctl stop firewalld
$ systemctl disable firewalld
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论