Socks5 mode: system-wide all connections interrupt on connection to a location.

[deNoor]

Please answer the following questions for yourself before submitting an issue.

• [X] I am running the latest version
• [X] I checked the documentation and found no answer
• [X] I checked to make sure that this issue has not already been filed

AdGuard VPN version

2.1.10 (1046)

Operating mode

SOCKS5

Environment

- OS: Windows 11, 22H2, 22621.2428
- Other network-level software:
  - Proxifier Standard v4.11. (nothing changes with it disabled and its driver unloaded)

Issue Details

Steps to reproduce:

1. AgVPN client is running in Socks5 mode, exclusions set to "everywhere" for sites and apps. NOT connected to any location. No app is currently redirected to AG's socks5 proxy.
2. Monitor connections in any preferred way: TCPView, browser dev tools tracking an opened stream, etc.
3. Open any app which maintains a persistent connection. (Like internet-radio, Teams, p2p client). Do not redirect those apps to AG's socks5.
4. In AgVPN app connect to any location using the button on the main page.
5. You'll see connections interrupted for all apps and system DNS flushed. Most apps will do their auto-reconnect, but you'll notice that old connections were dropped and new ones were established.

Happens on connection to a location (from disconnected state). Disconnect (from connected state) does not terminate system-wide connections.

Known as #226 which was marked as resolved without actual fixes. :) DNS flush wasn't prevented, connections termination is still present.

Kill Switch is disabled. QUIC enabled\disabled has no impact. Apps Selective mode has no impact (happens even when nothing is added to the list) but I have Sites set to "everywhere".

Expected Behavior

1. Socks5 mode does NOT interfere with system-wide connections, everything outside AG's socks5 should be unaffected.
2. No DNS flushes.

Actual Behavior

1. The app terminates connections.
2. System DNS flush.

Additional Information

Even though Proxifier is mentioned, I've also checked with it disabled and its driver unloaded. If AG loses connection to current location "often" with autoreconnect enabled, then user will have a hard time with all system-wide connections flapping. AG on system startup + autoconnect causes issues because other network apps are also trying to do their initial startup and are being interrupted by AgVPN.

Also AG VPN still runs driver uninstallation routine on every connection to a location according to logs.

INFO, AdGuardVpn.Tools.exe, Logger, 1, 11.11.2023 3:27:44.409, Uninstalling drivers INFO, AdGuardVpn.Tools.exe, Logger, 1, 11.11.2023 3:27:44.414, Uninstalling driver adgvpnnetworktdidrv from C:\Windows\system32\drivers\adgvpnnetworktdidrv.sys INFO, AdGuardVpn.Tools.exe, Logger, 1, 11.11.2023 3:27:44.414, Uninstalling driver adgvpnnetworkwfpdrv from C:\Windows\system32\drivers\adgvpnnetworkwfpdrv.sys INFO, AdGuardVpn.Tools.exe, Logger, 1, 11.11.2023 3:27:44.414, Uninstalling drivers has been completed successfully

Even if this is unrelated to current issue, probably driver uninstallation isn't really required at this moment. I don't have those drivers registered and I don't have driver files in system32. And I don't switch from socks5 mode ever. :)

I've sent Verbose unedited logs to devteam@adguard.com. Check around 11.11.2023 3:10:32 timestamps. But from my perspective there are only regular actions on connect-disconnect button press. So it's not about my specific environment.

Connections termination is definitely done by AgVPN client. ipconfig /flushdns on its own won't drop connections. Starting listening on any port (like socks5 mode does) won't drop connections.

Please, limit AgVPN in socks5 mode to its internal affairs only. :( Do not interfere with my connections, do not interfere with my DNS cache. I'll feed everything needed into socks5, but the world outside of the listening port is none of AgVPN's business.

If you must drop connections for some reason, could you then target only established to/from the AG's socks5 port? Probably I'm missing some network understanding, but when a remote socks5 proxy dies, I get my connections dead too because transport cannot continue. No system-global reset is needed. :) So why it should be different for a local proxy inside AgVPN process?

I know that previously established connections will continue running when I start redirecting an already running app to socks5 (and when I stop redirecting). But it's common and expected. The same is for remote socks5. There is no need to help me with terminating all running connections, I'll do it on my own if needed.