By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement . We’ll occasionally send you account related emails.

Windows 10 as a client of SS. SS client version: 4.1.10.0
Linux CentOS as a server is shadowsocks-libev 3.2.0 from repo librehat-shadowsocks

cat /etc/shadowsocks-libev/config.json

part of the gui-config.json file on client:

Internet does not work (Firefox shows "PR_CONNECT_RESET_ERROR") when SS is enabled and as a web browser proxy i am using socks5 127.0.0.1:1082)

SS client log:

2020-04-16 : :* |WARN|Shadowsocks.Controller.TCPHandler|System.Net.Sockets.SocketException (0x80004005): Došlo k pokusu o přístup k soketu způsobem zakázaným jeho přístupovými oprávněními
v Shadowsocks.Util.Sockets.WrappedSocket.EndConnect(IAsyncResult asyncResult)
v Shadowsocks.Proxy.DirectConnect.EndConnectDest(IAsyncResult asyncResult)
v Shadowsocks.Controller.TCPHandler.ConnectCallback(IAsyncResult ar)

english version of the error is: "System.Net.Sockets.SocketException (0x80004005): An attempt was made to access a socket in a way forbidden by its access permissions"

but when i try to connect to different SS server which has identic server config.json file (except of course public IP), then the connection works.

-- what i tried: --
i checked my client firewall and it looks not to block port/app (not even ss_polipo.exe) nor IP.

On the "non working" SS server i ran:

$ netstat -tulnp|grep 8388
tcp 0 0 myserverpublicIP:8388 0.0.0.0:* LISTEN 28527/ss-server
udp 0 0 myserverpublicIP:8388 0.0.0.0:* 28527/ss-server

$ service iptables status|egrep -i "ss|8388|1082"
nothing, but full iptables output is here (p@$$w0rd: ss)

The log file of the SS should possibly be /var/log/messages, i am emptying this file every minute. The entries that appear during SS server restart:
/usr/bin/ss-server[30699]: UDP relay enabled
/usr/bin/ss-server[30699]: initializing ciphers... aes-256-cfb
/usr/bin/ss-server[30699]: tcp server listening at myserverpublicIP:8388
/usr/bin/ss-server[30699]: udp server listening at myserverpublicIP:8388
/usr/bin/ss-server[30699]: running from root user

What is that mentioned error 0x80004005 shown on the client and what can be its causes? How to find out more detail? Thank you in advance

Can you try changing your local proxy port in your Edit Server window to another port like 10800?

Thx, but that not helped. The same error.
I changed it on the client and also in server's config.json and restarted shadowsocks-libev service on server.
Then in the web browser proxy configuration, set 127.0.0.1:10800, socks5.

@chenshaoju thank you. That apparently WORKED. I executed that commands from within command prompt launched as an administrator (click Windows menu, type "cmd" right click item and launch as admin.) then i quit SS client and start it again. Now firewall asked me to allow the connection and everything works.. I am unsure if this is something to be fixed, yet i am closing this issue since it is away after that "hack".

Reset TCP/IP in some cases may risky, for example, some network may request set IP Address/Mask/Gateway/DNS manually.

After reset TCP/IP, these settings will lost.

Can you check your system (OS) or software environment?

Are you using some VPN or security software?

I guess there is some software using a little trick in your system to change something. (sorry for my English)

Taken from https://qv2ray.net/en/faq/v2ray-core.html#windows-reserved-by-system .
License: CC-BY-SA 4.0

Windows: Reserved by System

This happens only on Windows, whose error log usually looks like this:

An attempt was made to access a socket in a way forbidden by its access permissions.
Microsoft launched KB4074588 patch on February 13th in 2018, which will modify the reserved port range on Windows operating system, so you may be affected.
As is stated, you can use netsh interface ipv4 show excludedportrange protocol=tcp command to show the reserved ports. If a port is reserved, you should avoid that port and just change the listening port to another one.