[Feature] 支持 HOST IP 作为出站代理 #1661
Comments
|
画个网络拓看看流量走向,感觉很有趣 |
没学过这个 XD 大致是将请求发给反代服务器,反代服务器抹除/伪造 SNI 后交给目的 IP,然后目的 IP 根据 Header 中的 Host 进行响应 因为防火墙识别不到 SNI,所以针对 SNI 的封锁会失效 在这个视频里有介绍:https://www.youtube.com/watch?v=kbpxGOKVBSA 类似实现的项目: |
|
你这设置direct再加host有点多此一举了,直接手动创建一个http节点,地址和端口写本地反代的,再把steam出站设置成这个节点就行了 |
试了一下这样似乎访问不了 报错日志:[TCP] dial 🎮 Steam 商店 (match DomainSuffix/steampowered.com) 127.0.0.1:8334(chrome.exe) --> store.steampowered.com:443 error: can not connect remote err code: 302 |
哦你这个好像是不行,你这个是反代,不是正向代理,你可以试试看Accesser |
验证步骤
描述
通过反向代理服务器可以绕过防火墙访问 Steam、Pixiv、Twitch 等网站,原理为隐藏 SNI
示例:
基于浏览器:https://www.youtube.com/watch?v=kbpxGOKVBSA
基于反向代理服务器:
Caddyfile
{ local_certs ocsp_stapling off pki { ca { # only available after caddy v2.6.3 intermediate_lifetime 1800d } } } (sign) { tls { issuer internal { lifetime 360d } # on_demand } } (rev) { lb_policy round_robin transport http { tls tls_insecure_skip_verify } } # Steam Start https://steamcommunity.com, https://www.steamcommunity.com, https://cdn.steamcommunity.com, https://store.steampowered.com, https://api.steampowered.com, https://checkout.steampowered.com { import sign reverse_proxy * https://steamuserimages-a.akamaihd.net.edgesuite.net https://steamstore-a.akamaihd.net.edgesuite.net https://eaassets-a.akamaihd.net.edgesuite.net https://steamcommunity-a.akamaihd.net.edgesuite.net { import rev fail_duration 10s health_timeout 30s } } # Steam End # Github Start https://docs.github.com, https://github.io, https://*.github.io, https://githubusercontent.com, https://*.githubusercontent.com { import sign reverse_proxy * https://github.map.fastly.net { import rev } } https://gist.github.com, https://github.com { import sign reverse_proxy * https://140.82.113.3 https://140.82.113.4 https://20.205.243.166 https://20.27.177.113 { import rev } } https://*.github.com { import sign reverse_proxy * https://140.82.114.5 https://140.82.114.6 https://20.205.243.168 https://20.207.73.85 { import rev } } https://github { import sign reverse_proxy * https://140.82.113.3 https://140.82.113.4 https://20.205.243.166 https://20.27.177.113 { import rev header_up Host github.com } } # Github End # Common Start :80 { redir https://{host}{uri} temporary } # Common End使用此 Caddy 配置文件可开启本地反代服务器,在 hosts 中将对应域名指向 127.0.0.1 即可成功访问
此方法可使用本机 IP 访问目标网站,有以下优点:
但此方法与代理软件配合起来并不方便,以 Steam 举例,正常使用流程:
127.0.0.1DIRECT由于此方法速度较慢且不太稳定,当我们希望快速访问 Steam 时,则需要手动移除 hosts 中的 Steam 域名,域名较多时切换起来比较麻烦
而如果 Mihomo 支持将 HOST IP 设为出站代理,则可以简化为:
A,指向127.0.0.1(也可以是其它局域网 IP,比如将反代服务器运行到软路由上)DIRECT/A/选择节点后续切换只需要在 GUI 中选择即可,无需修改配置文件与 hosts 文件
The text was updated successfully, but these errors were encountered: