Closed kaizushi closed 1 year ago
r4sas
commented
1 year ago You must use socks with DNS resolving on proxy side. In curl this can be achieved by using -x socks5h://127.0.0.1:14447
Also, related: https://github.com/PurpleI2P/i2pd/issues/1174
kaizushi
commented
1 year ago If there is anything relevant from the duplicate in another language, let me know. I need some kind of pseudo DNS interface, and that working with the SOCKS feature as transparent SOCKS requires IP addresses to work, as it involves the Linux iptables/nftables firewall. Doing DNS on the proxy side is not my issue, the issue is that DNS must be done so there are these IP mappings so that I can add i2p support to my existing systems that do this sort of thing with Tor.
I am interested in using i2pd through its SOCKS interface, and I am a bit confused because I can't find any information on DNS or whatever equivalent I use. Normally SOCKS just handles TCP/IP connections to a specific address, and the DNS is done elsewhere.
I have this very simple
tunnels.conf:And after starting ip i2pd opens port 14447 and it seems to talk SOCKS.
Yet if I try and reach and eepsite through this with curl and SOCKS5 I get results like this, which I actually expected...
The thing is I want to use this socks interface with redsocks to have transparent proxying of any TCP connections to i2p hidden service. I want this to work alongside my other transparent proxy, and involve DNS. There does not seem to be any kind of DNS server in i2pd or anything to map the DNS address off the .i2p TLD to IP addresses.
To better explain my predicament I'll quickly explain how Tor does transparent proxying, it listens on a TCP port for requests. The IP tables firewall redirects things to this port, from a range of WAN addresses. A client does a DNS query, and it will map an IP address for the onion requested from DNS and Tor will see that a request has been redirected to it with that IP as a source, and then do its thing and establish a connection to the hidden service.
To add i2p into the mix here so systems can transparently reach either Tor or i2pd my best shot would be to have unbound send things to the right place depending on the .onion or .i2pd TLD in the DNS query.
In fact, with the way I've been doing this unbound actually only sends onion requests to Tor. Requests for ordinary Internet sites in fact themselves are transparently proxied by redsocks2 and what I call my private exits.
In short: I want to add on to this system so that i2pd is also transparently accessible, and I thought I could do that using its SOCKS service, but there is nothing for DNS.
I am pretty sure that i2pd has no DNS server but I thought there might be something out there that can do these kind of arbitrary DNS to IP mappings so that eepsites can be used in this way. Google results for this are very ambiguous, or lead to very irrational Q&A type stuff about httpproxy somehow being involved, and it makes no sense since this kind of transparent proxy kind of disregards layer 7 things like HTTP.
I have seen lists of various software and tools that run alongside i2pd and this is where I thought someone might know an answer that can help me achieve this.
And to get back to the simple issue where I demonstrate the issue, how does one use the SOCKS service properly to reach an eepsite and handle the hostname?