Use Python with Shadowrocket to enable true dynamic ports for V2ray!

foreword

In my daily use, I found that the mobile network operator or GFW will interfere with the connection to a certain fixed overseas IP port for a long time, and in serious cases, the port with V2ray service enabled cannot be accessed directly. So how to deal with it?

analyze

First, let me briefly introduce my equipment and network environment. My mobile device is an iPhone with Shadowrocket installed on it. When I use a certain node for a long time, I will intermittently fail to connect. This process will last for several hours and then And suddenly recovered.

My V2ray node is deployed in the Korean node by myself, and the encryption method used is Websocket+TLS. Although the speed itself is not particularly fast, it will never be stuck like this. Every time I get stuck, I manually change the port. It can return to normal immediately, so it should be GFW who is in the way.

Solutions & Solutions

Let me briefly talk about my solution. I spent some time studying the dynamic port function that comes with V2ray. Although it can solve my needs, it still needs a main port for communication. In this case, the main port is interfered. If so, it will not work.

Dynamic port-V2ray :

It is unrealistic to automatically change the port on the server regularly, because my mobile device does not know what the latest port is. So how can the mobile device know the current port number after the server changes the port?

Python pseudocode

The following is a small script I wrote, which uses the Python Flask framework. The following code is mainly for writing ideas and cannot be used directly. Its function is that a request comes, discards the previously used port, randomizes a new port number, and forwards this port to the local port 443. Finally, generate a new vmess subscription link with the new port number.

 with open('port_nums', 'r', encoding='utf-8') as f:
 old_port = f.read()
 del_cmd = f'''sudo iptables -t nat -D PREROUTING -p tcp --dport {old_port} -j REDIRECT --to-port 443'''
 os.system(del_cmd)
 new_port = random.randint(40000, 50000)
 add_cmd = f'''sudo iptables -t nat -A PREROUTING -p tcp --dport {new_port} -j REDIRECT --to-port 443'''
 os.system(add_cmd)
 with open('port_nums', 'w', encoding='utf-8') as k:
 k.write(str(new_port))
 r1 = f'auto:[email protected]:{new_port}'
 r2 = str(base64.b64encode(r1.encode("utf-8"))).replace("b'","").replace("'","")
 r3=f'''vmess://{r2}?emarks=baidu.com&obfsParam=baidu.com&path=/v2ray&obfs=websocket&tls=1&tfo=1&mux=1&alterId=0'''
 r4 = base64.b64encode(r3.encode("utf-8"))
 return r4

Shadowrocket Subscription Features

Finally, I use the subscription function of Shadowrocket to regularly obtain the latest port number from the server. After the server receives the subscription update request, it closes the previous communication port, randomly enables a port number, and then adds the new port to the subscription link and returns it to Mobile end device.

In this way, the mobile device can use the latest port to connect to the server by updating the subscription.

Since my mobile device is an iPhone, I use shortcuts as a matter of course! If you are also an iPhone, and you have installed shortcuts and Shadowrocket, you can click this link to get this shortcut, just like its name, it has only one function: update subscription

Once this is added to the shortcut, now comes the fun part, we can set up an automation for the iPhone to automatically ask the server for a new port every 2 hours. According to my test after using it for about a week, almost no perceivable interference occurred.

postscript

I have been very busy at work recently, and I have no time to study and improve myself. It is quite interesting to take time out to solve a small problem that has troubled me for a long time. If anyone needs this little script, please comment and let me know.