命令行或者系统网络代理完全正常使用
➜ ✗ http_proxy="172.16.22.33:3128" curl -I http://google.com
HTTP/1.1 301 Moved Permanently
...
surge config, 用个 CORP_IFACE group 来捕获变动的 utun 或者 无VPN 直接用 en0, 可以成功, 配置 corp_http 会返回 403, 尝试过 underlying-proxy, interface 参数
[Proxy]
corp_en0 = direct, interface=en0, test-url=http://172.16.22.33:3128/
corp_utun4 = direct, interface=utun4, test-url=http://172.16.22.33:3128/
corp_utun5 = direct, interface=utun5, test-url=http://172.16.22.33:3128/
corp_utun6 = direct, interface=utun6, test-url=http://172.16.22.33:3128/
corp_http = http, 172.16.22.33, 3128, test-url=http://google.com, underlying-proxy=CORP_IFACE
# ,interface=en0, allow-other-interface=true, test-url=http://172.16.22.33:3128/
[Proxy Group]
CORP_IFACE = fallback, corp_en0, corp_utun4, corp_utun5, corp_utun6, no-alert=1, interval=600, timeout=3s, hidden=0
surge test policy log
2024-09-28 12:35:48.768182 <VERBOSE> [SGProxyTest-59] <start (SGProxyTestManager.m:86)> Start to test policy: corp_http
2024-09-28 12:35:48.768247 <VERBOSE> [SGProxyTest-59] <continueTesting (SGProxyTestManager.m:106)> continueTesting
2024-09-28 12:35:48.768337 <VERBOSE> [SGHTTPProxyConnector-23] <createSocketWithCompletionHandler: (SGConnector.m:511)> underlyingPolicy: CORP_IFACE
2024-09-28 12:35:48.768361 <VERBOSE> [SGOutgoingSelector] <finalPolicyForUnderlyingPolicy:mustEvaluateBeforeUse:completionHandler: (SGOutgoingSelector+PolicyGroup.m:981)> underlyingPolicy is a group
2024-09-28 12:35:48.768399 <VERBOSE> [SGOutgoingSelector] <finalPolicyForPolicyName:targetHostname:userAgent:dnsResult:mustEvaluateBeforeUse:logger:completionHandler: (SGOutgoingSelector+PolicyGroup.m:83)> finalPolicyForPolicyName: CORP_IFACE
2024-09-28 12:35:48.768453 <VERBOSE> [SGOutgoingSelector] <finalPolicyForPolicyName:targetHostname:userAgent:dnsResult:mustEvaluateBeforeUse:logger:completionHandler: (SGOutgoingSelector+PolicyGroup.m:238)> Policy decision path: CORP_IFACE -> corp_utun5
2024-09-28 12:35:48.768468 <VERBOSE> [SGOutgoingSelector] <finalPolicyForPolicyName:targetHostname:userAgent:dnsResult:mustEvaluateBeforeUse:logger:completionHandler: (SGOutgoingSelector+PolicyGroup.m:279)> Final node: corp_utun5
2024-09-28 12:35:48.768587 <VERBOSE> [SGProxyTest-59] <continueTesting (SGProxyTestManager.m:188)> Start test policy: corp_http, connector: SGHTTPProxyConnector-23, host: google.com
2024-09-28 12:35:48.768639 <VERBOSE> [SGHTTPProxyConnector-23] <createSocketWithCompletionHandler: (SGConnector.m:480)> Socket created: SGDirectConnector-414
2024-09-28 12:35:48.768651 <INFO> [SGHTTPProxyConnector-23] Start connection to proxy server: SGHTTPProxyConnector-23 -> 172.16.22.33:3128
2024-09-28 12:35:48.768686 <VERBOSE> [SGDirectConnector-414] <createSocketWithCompletionHandler: (SGConnector.m:480)> Socket created: SGSocket-3992
2024-09-28 12:35:48.768693 <INFO> [SGDirectConnector-414] Start direct connection to: 172.16.22.33:3128
2024-09-28 12:35:48.768703 <VERBOSE> [SGSocket-3992] <connectToHost:onPort:withTimeout:error: (SGSocket.m:236)> Dispatching DNS lookup…
2024-09-28 12:35:48.768712 <VERBOSE> [SGDNSClient] <lookupDomain:logger:completionHandler: (SGDNSClient.m:287)> Lookup domain: 172.16.22.33
2024-09-28 12:35:48.768734 <VERBOSE> [SGDNSClient] <lookupDomain:logger:completionHandler: (SGDNSClient.m:293)> Lookup with IPv4 address: 172.16.22.33
2024-09-28 12:35:48.768756 <VERBOSE> [SGSocket-3992] <setupConnectingJobs (SGSocket.m:293)>
2024-09-28 12:35:48.768818 <VERBOSE> [SGFileDescriptor-7706] <initSocketFDWithDomain:type:protocol:nonblocking: (SGFileDescriptor.m:81)> Open socket file descriptor: 13
2024-09-28 12:35:48.768831 <VERBOSE> [SGSocket-3992] <connectWithDNSRecord:port:error: (SGSocket.m:412)> Connect to address: 172.16.22.33:3128
2024-09-28 12:35:48.768842 <VERBOSE> [SGSocket-3992] <connectWithDNSRecord:port:error: (SGSocket.m:422)> self.desiredInterfaceName: utun5
2024-09-28 12:35:48.768881 <VERBOSE> [SGSocket-3992] <connectWithDNSRecord:port:error: (SGSocket.m:442)> Use specified interface: utun5 21
2024-09-28 12:35:48.768966 <VERBOSE> [SGSocket-3992] <connectWithDNSRecord:port:error: (SGSocket.m:552)> connectx() result: -1, errno: 36
2024-09-28 12:35:48.768980 <VERBOSE> [SGSocket-3992] <setupConnectingJobs (SGSocket.m:328)> Use record: 172.16.22.33, SGSocketConnectJob-917
2024-09-28 12:35:48.806442 <VERBOSE> [SGSocket-3992] <checkConnectingJob: (SGSocket.m:595)> checkConnectingJob: SGSocketConnectJob-917
2024-09-28 12:35:48.806467 <VERBOSE> [SGSocket-3992] <checkConnectingJob: (SGSocket.m:598)> TCP handshake time: 172.16.22.33 172.16.22.33 0.0ms
2024-09-28 12:35:48.806483 <VERBOSE> [SGSocket-3992] <checkConnectingJob: (SGSocket.m:619)> connectx() complete
2024-09-28 12:35:48.806539 <INFO> [SGDirectConnector-414] Connection established
2024-09-28 12:35:48.806548 <VERBOSE> [SGDirectConnector-414] <_reportDelegateConnectorIsNowReady (SGConnector.m:740)>
2024-09-28 12:35:48.806556 <INFO> [SGHTTPProxyConnector-23] Connection established
2024-09-28 12:35:48.806682 <VERBOSE> [SGHTTPProxyConnector-23] Write CONNECT header: CONNECT google.com:80 HTTP/1.1
Host: google.com:80
User-Agent: Surge macOS/2929
Connection: keep-alive
Proxy-Connection: keep-alive
2024-09-28 12:35:48.846871 <VERBOSE> [SGHTTPProxyConnector-23] <socket:didReadData:withTag: (SGHTTPProxyConnector.m:42)> Response: HTTP/1.1 403 Forbidden
Server: squid/3.5.27
Mime-Version: 1.0
Date: Sat, 28 Sep 2024 04:35:51 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3536
X-Squid-Error: ERR_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from SquidProxy
X-Cache-Lookup: NONE from SquidProxy:3128
Via: 1.1 SquidProxy (squid/3.5.27)
Connection: keep-alive
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!--
/*
* Copyright (C) 1996-2017 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
* Please see the COPYING and CONTRIBUTORS files for details.
*/
/*
Stylesheet for Squid Error pages
Adapted from design by Free CSS Templates
http://www.freecsstemplates.org
Released for free under a Creative Commons Attribution 2.5 License
*/
/* Page basics */
* {
font-
2024-09-28 12:35:48.847157 <WARNING> [SGHTTPProxyConnector-23] Proxy server return a unexpected status code 403 for host: google.com, full response:
HTTP/1.1 403 Forbidden
Server: squid/3.5.27
Mime-Version: 1.0
Date: Sat, 28 Sep 2024 04:35:51 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 3536
X-Squid-Error: ERR_ACCESS_DENIED 0
Vary: Accept-Language
Content-Language: en
X-Cache: MISS from SquidProxy
X-Cache-Lookup: NONE from SquidProxy:3128
Via: 1.1 SquidProxy (squid/3.5.27)
Connection: keep-alive
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html><head>
<meta type="copyright" content="Copyright (C) 1996-2017 The Squid Software Foundation and contributors">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<title>ERROR: The requested URL could not be retrieved</title>
<style type="text/css"><!--
/*
* Copyright (C) 1996-2017 The Squid Software Foundation and contributors
*
* Squid software is distributed under GPLv2+ license and includes
* contributions from numerous individuals and organizations.
* Please see the COPYING and CONTRIBUTORS files for details.
*/
/*
Stylesheet for Squid Error pages
Adapted from design by Free CSS Templates
http://www.freecsstemplates.org
Released for free under a Creative Commons Attribution 2.5 License
*/
/* Page basics */
* {
font-
2024-09-28 12:35:48.847181 <VERBOSE> [SGHTTPProxyConnector-23] <_reportConnectorCompletedWithError: (SGConnector.m:812)> No data was received
2024-09-28 12:35:48.847196 <VERBOSE> [SGHTTPProxyConnector-23] <_reportConnectorCompletedWithError: (SGConnector.m:820)> Recorded as policy failure, target hostname: google.com
2024-09-28 12:35:48.847226 <VERBOSE> [SGHTTPProxyConnector-23] <_reportDelegateAbortedWithError: (SGConnector.m:758)> _reportDelegateAbortedWithError: Error Domain=SGErrorDomain Code=0 "Proxy server return a unexpected status code: 403" UserInfo={NSLocalizedDescription=Proxy server return a unexpected status code: 403}
2024-09-28 12:35:48.847237 <INFO> [SGProxyTest-59] Test connector (corp_http) setup failed: Proxy server return a unexpected status code: 403
2024-09-28 12:35:48.847274 <VERBOSE> [SGHTTPProxyConnector-23] <disconnectWithError: (SGConnector.m:397)> disconnectWithError: Error Domain=SGErrorDomain Code=30 "Closed by client" UserInfo={NSLocalizedDescription=Closed by client}
2024-09-28 12:35:48.847285 <VERBOSE> [SGHTTPProxyConnector-23] <disconnectWithError: (SGConnector.m:411)> disconnectAfterWritingHoldRef
2024-09-28 12:35:48.847297 <VERBOSE> [SGDirectConnector-414] <disconnectWithError: (SGConnector.m:397)> disconnectWithError: Error Domain=SGErrorDomain Code=30 "Closed by client" UserInfo={NSLocalizedDescription=Closed by client}
2024-09-28 12:35:48.847306 <VERBOSE> [SGDirectConnector-414] <disconnectWithError: (SGConnector.m:411)> disconnectAfterWritingHoldRef
2024-09-28 12:35:48.847322 <VERBOSE> [SGDirectConnector-414] <_reportDelegateAbortedWithError: (SGConnector.m:758)> _reportDelegateAbortedWithError: Error Domain=SGErrorDomain Code=30 "Closed by client" UserInfo={NSLocalizedDescription=Closed by client}
2024-09-28 12:35:48.847334 <VERBOSE> [SGHTTPProxyConnector-23] <_reportDelegateAbortedWithError: (SGConnector.m:758)> _reportDelegateAbortedWithError: Error Domain=SGErrorDomain Code=30 "Closed by client" UserInfo={NSLocalizedDescription=Closed by client}
2024-09-28 12:35:48.847346 <VERBOSE> [SGMMain] <sendNotificationWithTitle:subtitle:body:identifier:autoDismissAfter:userInfo:attachment:sound:scriptOptions: (SGMain.m:713)> send notification: E0BC3931-17EB-44EF-9177-91EBDD536242
2024-09-28 12:35:48.847370 <VERBOSE> [SGProxyTest-59] <testFinish (SGProxyTestManager.m:296)> Test result: {
"POLICY::ddfe0beb2c872ed80fc0a22cd846b4bf" = {
error = "Proxy server return a unexpected status code: 403";
tcp = 37;
};
}
squid 服务端我无法控制, 怀疑限制了 user-agent, curl 特意加上 surge user-agen, 也能访问
➜ ✗ http_proxy="172.16.22.33:3128" curl -v -I -H "User-Agent: Surge macOS/2929" -H "Connectioin: keep-alive" -H "Host: google.com:80" http://google.com
* Uses proxy env variable http_proxy == '172.16.22.33:3128'
* Trying 172.16.22.33:3128...
* Connected to 172.16.22.33 (172.16.22.33) port 3128
> HEAD http://google.com/ HTTP/1.1
> Host: google.com:80
> Accept: */*
> Proxy-Connection: Keep-Alive
> User-Agent: Surge macOS/2929
> Connectioin: keep-alive
>
* Request completely sent off
< HTTP/1.1 301 Moved Permanently
HTTP/1.1 301 Moved Permanently
...
