diff --git a/server/wsproxy/kcpsession.cc b/server/wsproxy/kcpsession.cc
index aaa2e8b..7304329 100644
--- a/server/wsproxy/kcpsession.cc
+++ b/server/wsproxy/kcpsession.cc
@@ -1,6 +1,7 @@
 #include "precompile.h"
 
 #include <memory.h>
+#include <string.h>
 
 #include <f8/netmsghandler.h>
 #include <f8/udplog.h>
@@ -74,8 +75,21 @@ void KcpSession::SendClientMsg(char* buf, int buf_len)
 
 void KcpSession::OnRecvPacket(a8::UdpPacket* pkt)
 {
+    const int IKCP_OVERHEAD = 24;
+
     remote_addr_ = pkt->remote_addr;
-    ikcp_input(kcp_, pkt->buf, pkt->buf_len);
+    if (GetSecretKeyPlace()) {
+        char* buf = (char*)malloc(pkt->buf_len - GetSecretKeyLen());
+        int buflen = pkt->buf_len - GetSecretKeyLen();
+        memmove(buf, pkt->buf, IKCP_OVERHEAD);
+        if (pkt->buf_len > IKCP_OVERHEAD + GetSecretKeyLen()) {
+            memmove(buf + IKCP_OVERHEAD, pkt->buf + IKCP_OVERHEAD + GetSecretKeyLen(), buflen - IKCP_OVERHEAD);
+        }
+        ikcp_input(kcp_, buf, buflen);
+        free(buf);
+    } else {
+        ikcp_input(kcp_, pkt->buf, pkt->buf_len);
+    }
 }
 
 void KcpSession::UpdateInput()
diff --git a/server/wsproxy/longsessionmgr.cc b/server/wsproxy/longsessionmgr.cc
index 9245421..9720d99 100644
--- a/server/wsproxy/longsessionmgr.cc
+++ b/server/wsproxy/longsessionmgr.cc
@@ -134,7 +134,7 @@ void LongSessionMgr::ProcUdpPacket(a8::UdpPacket* pkt)
         return;
     }
     if (session->GetSecretKeyPlace()) {
-        if (pkt->buf_len > IKCP_OVERHEAD + KcpSession::GetSecretKeyLen()) {
+        if (pkt->buf_len >= IKCP_OVERHEAD + KcpSession::GetSecretKeyLen()) {
             long long secret_key = KcpSession::ReadSecretKey(pkt->buf + IKCP_OVERHEAD, pkt->buf_len);
             if (secret_key == session->GetKcpSession()->GetSecretKey()) {
                 session->GetKcpSession()->OnRecvPacket(pkt);