search

FlowerWrong / tun2socks

Redirect tun flow to socks 5 in golang, support tcp and udp.
425 stars 107 forks source link

China website can't be opened #42

Closed Sen closed 5 years ago

Sen commented 6 years ago

mac OS, master branch, compiled with latest code. and also can't find any dns record in log

i added a command to make tun work, my local gateway is 192.168.10.1

sudo route -q -n add -inet xxx.xxx.xxx.xxx -gateway 192.168.10.1
2018/08/02 17:27:49 main.go:54: [app] config file path is config.ini
2018/08/02 17:27:49 proxies.go:62: [proxies] default proxy: "B"
2018/08/02 17:27:49 tun_darwin.go:29: [tun] interface name is utun2
2018/08/02 17:27:49 cmd.go:14: [command] ifconfig utun2 10.0.0.5 10.0.0.5 mtu 1500 netmask 255.255.255.0 up
2018/08/02 17:27:49 cmd.go:14: [command] route -n add -net 0.0.0.0 -netmask 128.0.0.0 -interface utun2
2018/08/02 17:27:49 cmd.go:14: [command] route -n add -net 128.0.0.0 -netmask 128.0.0.0 -interface utun2
2018/08/02 17:27:49 main.go:112: [app] run tun2socks(0.50) success
2018/08/02 17:27:49 cmd.go:38: [shell] output Current active networkservice is AX88179 USB 3.0 to Gigabit Ethernet, A4575DFD-CAD3-4009-A7E5-8F0C0820A9A6
old dns is There aren't any DNS Servers set on AX88179 USB 3.0 to Gigabit Ethernet., set dns to 127.0.0.1
2018/08/02 17:27:49 dns.go:12: [dns] listen on 0.0.0.0:53

and this is my config.ini

[general]
# inet addr/mask
# DEFAULT VALUE: 198.18.0.0/15
network = 10.0.0.5/24

# DEFAULT VALUE: 1500
# mtu = 1420

# DEFAULT auto config, This is used for auto set and reset dns server on windows,
# if you have multi interface, the auto config may be not work. eg: eth0, Ethernet0, `Apple USB Ethernet Adapter`.
# interface = Ethernet0

[pprof]
# enabled = false
# prof-host = 127.0.0.1
# prof-port = 6060

[dns]
# dns mode: fake or udp_relay_via_socks5, default fake, fake means google.com -> 10.192.10.126
dns-mode = fake

# DEFAULT VALUE: 53
# dns-port = 53

# backend dns
# DEFAULT VALUE: 114.114.114.114:53, 223.5.5.5:53
# nameserver = 114.114.114.114:53
# nameserver = 223.5.5.5:53

# dns-ttl = 600
# dns-packet-size = 4096
# dns-read-timeout = 5
# dns-write-timeout = 5

# auto-config-system-dns = false

[route]
# eg: sudo ip route add 91.108.4.0/22 dev tun0
# If you have large route tables, please add it with route batch mode by yourself,
# or it will table a long time.
#v = 198.18.0.0/15
#v = 91.108.4.0/22
#v = 91.108.56.0/22
#v = 109.239.140.0/24
#v = 149.154.160.0/20
# v = 149.154.167.0/24
#v = 8.8.8.8
#v = 4.4.4.4
#v = 10.0.0.0/24
v = 0.0.0.0/1
v = 128.0.0.0/1

[tcp]
# default 1 minutes
# timeout = 60

[udp]
# Enable udp relay or not, default true
enabled = false

# default 5 minutes
# timeout = 300

# This proxy is used to relay udp data via socks5, so it must be socks5 with udp support.
# If dns-mode is udp_relay_via_socks5, tun2socks will use this proxy to relay.
# If dns-mode is fake, tun2socks will use the fake domain matched proxy, also || this one.
proxy = B

# define a proxy named "A"
[proxy "A"]
url = socks5://127.0.0.1:1090

# define a proxy named "B"
[proxy "B"]
url = socks5://127.0.0.1:9990
# use this proxy as default
default = yes

# define a pattern and outbound proxy

[pattern "direct-country"]
scheme = IP-COUNTRY
v = CN

# @see https://tools.ietf.org/html/rfc1918
[pattern "internal-ip"]
scheme = IP-CIDR
v = 10.0.0.0/24
v = 192.168.10.0/16

[pattern "proxy-country"]
proxy = B
scheme = IP-COUNTRY
v = US
v = HK

# rules define the order of checking pattern
[rule]
pattern = block-website
pattern = direct-country
pattern = internal-ip
pattern = proxy-country
# set to a proxy for domaines that don't match any pattern
# DEFAULT VALUE: ""
final = B

any idea?

Sen commented 6 years ago

@FlowerWrong

FlowerWrong commented 6 years ago

There are two dns mode here.

Your config.

[dns]
# dns mode: fake or udp_relay_via_socks5, default fake, fake means google.com -> 10.192.10.126
dns-mode = fake

# DEFAULT VALUE: 53
# dns-port = 53

# backend dns
# DEFAULT VALUE: 114.114.114.114:53, 223.5.5.5:53
# nameserver = 114.114.114.114:53
# nameserver = 223.5.5.5:53

# dns-ttl = 600
# dns-packet-size = 4096
# dns-read-timeout = 5
# dns-write-timeout = 5

# auto-config-system-dns = false

[route]
# eg: sudo ip route add 91.108.4.0/22 dev tun0
# If you have large route tables, please add it with route batch mode by yourself,
# or it will table a long time.
#v = 198.18.0.0/15
#v = 91.108.4.0/22
#v = 91.108.56.0/22
#v = 109.239.140.0/24
#v = 149.154.160.0/20
# v = 149.154.167.0/24
#v = 8.8.8.8
#v = 4.4.4.4
#v = 10.0.0.0/24
v = 0.0.0.0/1
v = 128.0.0.0/1

DNS fake mode worked with config rules. So you need not config route table as 0.0.0.0/1 and 128.0.0.0/1. The route here just works for which use ip for network not domain name or dns server, eg telegram ip and google dns server.

# telegram ip
v = 198.18.0.0/15
v = 91.108.4.0/22
v = 91.108.56.0/22
v = 109.239.140.0/24
v = 149.154.160.0/20
v = 149.154.167.0/24

# google dns server
v = 8.8.8.8

If you are using udp_relay_via_socks5, you may need to set it. See my ip2socks project shell.

Sen commented 6 years ago

@FlowerWrong thanks for reply. as i know, udp_relay_via_socks5 option will resend dns request to socks5 server, right? i implemented a socks5 server, but haven't supported UDP mode yet. Can i just setting dns in the normal way? which means relay dns request to my own local system.

FlowerWrong commented 6 years ago

udp_relay_via_socks5 option will resend dns request to socks5 server, right?

Yes, via udp.

i implemented a socks5 server, but haven't supported UDP mode yet.

You can use tcp dns, eg pdnsd. chrome(udp dns query) -> pdnsd(change to tcp dns query) -> your local socks5 -> remote socks5 -> tcp dns server(eg google).

Can i just setting dns in the normal way? which means relay dns request to my own local system.

What do you mean? Fake mode is doing this way. Starting a dns server on 127.0.0.1:53, and change system dns server to 127.0.0.1. And then all dns query will be take over by local dns server.

FlowerWrong commented 6 years ago

@Sen fake_mode

FlowerWrong commented 6 years ago

tun2socks sketch 2018-08-03 11-02-55

Sen commented 6 years ago

Hmm, but fake mode dosen't work at all on my side.

i've removed route

v = 0.0.0.0/1
v = 128.0.0.0/1

i think i need to implement UDP mode of socks5. Thanks anyway.

FlowerWrong commented 6 years ago

Usually, fake mode need not udp support for socks 5 unless you need to use it for udp flow, eg udp game. Please check you system dns has been set to 127.0.0.1 or not if there are no any dns logs in termainl. At the beginning, you can use the default config file just change the proxy server.

1 sudo go run cmd main go -c config example ini main 2018-08-03 14-42-28
Sen commented 6 years ago
2018-08-03 4 41 17 2018-08-03 4 41 11

not work on my side, no DNS request like yours. Don't know why. i tried config.example.ini without any change, but those websites which blocked can't be viewed.

FlowerWrong commented 6 years ago

@Sen dig @127.0.0.1 baidu.com, please try this command to test dns work or not.

Sen commented 6 years ago

@FlowerWrong fake mode dns not work, is that my computer's problem?

image image
FlowerWrong commented 5 years ago

May be I know that. The shell can not get your active network service right.

My log.

2018/11/05 22:29:12 cmd.go:38: [shell] output Current active networkservice is Wi-Fi, 5750EEA5-6D39-4083-896E-1DDED3A42B1A

You can set the auto-config-system-dns flag to false, and then set your dns by hand.