Closed Amir2367 closed 1 month ago
when we select RDNS DEFAULT as DNS and press the connection button, it remains in WAITING mode and no connection is made.
Can you check DNS Logs after you connect to RDNS (ie, when it goes into "waiting" and no websites would load in Chrome) and see what it says?
!
) or a "question" (?
) mark against them (as they're failing).My guess is, your ISP is blocking connections to rethinkdns.com
. You can test for this by:
max.rethinkdns.com
, rethinkdns.com
in the browser to see if loads.max.rethinkdns.com
, sky.rethinkdns.com
, rethinkdns.com
) in DNS Logs to see if you received expected IPs or not.No firewall rules
Yeah, I can see why that can happen. Tracking it here: https://github.com/celzero/rethink-app/issues/1324
To connect, we choose the TERMUX program, no connection is made while the connection is made with Other programs.
You mean, the SOCKS5 proxy running within a Termux session doesn't "see" any packets from Rethink in this version but it did in v055c
(the previous version)? Curious, because we haven't changed much wrt SOCKS5 in v055d
at all to break something like this.
when we select RDNS DEFAULT as DNS and press the connection button, it remains in WAITING mode and no connection is made.
Can you check DNS Logs after you connect to RDNS (ie, when it goes into "waiting" and no websites would load in Chrome) and see what it says?
- The entries in DNS Logs should have an "exclamation" (
!
) or a "question" (?
) mark against them (as they're failing).- The footer of the bottomsheet that comes up when you tap on these failing entires should have a status / error message revealing just why the query failed.
My guess is, your ISP is blocking connections to
rethinkdns.com
. You can test for this by:
- Switching to "System DNS" in Configure -> DNS
- Then attempting to access
max.rethinkdns.com
,rethinkdns.com
in the browser to see if loads.- After you attempt to load those domains in your browser, you can also search them (
max.rethinkdns.com
,sky.rethinkdns.com
,rethinkdns.com
) in DNS Logs to see if you received expected IPs or not.
Hello again, yes, DNS reports should have an "exclamation mark" (!
) or a "question" (?
) in front of them. (You can see the reason for these ERRORs in the video below)
But the interesting thing is that my ISP has not blocked any of RETHINK's DNS. Because according to the instructions you said, after changing to SYSTEM DNS, all RETHINK's DOMAIN and DNS were opened.
Most importantly, I must say that the only version where I didn't have any of these problems is version 0.5.5a.
I recorded the following video according to what you said.(I'm sorry for the low quality of the video)
https://github.com/celzero/rethink-app/assets/83357422/778b4bae-3880-4222-8b80-5c4550b225c7
You mean, the SOCKS5 proxy running within a Termux session doesn't "see" any packets from Rethink in this version but it did in
v055c
(the previous version)? Curious, because we haven't changed much wrt SOCKS5 inv055d
at all to break something like this.
I just installed version 0.5.5a, which has none of the above problems and works with TERMUX as well.All these problems have been found for me after version 0.5.5a
The video below shows the perfect working and flawless version 0.5.5a
https://github.com/celzero/rethink-app/assets/83357422/60cc75a9-ce2e-4c02-b561-c4b303f31235
Thanks, the video demo helped a tonne!
just installed version 0.5.5a, which has none of the above problems and works with TERMUX
Unsure what Termux is doing here, but on v055d
, do you see Termux related entries in Network Logs?
What's changed from v055a
is that, apps that route SOCKS5 (Termux in your case) are not bypassed from Rethink's firewall and DNS rules nor are they excluded from Rethink's VPN tunnel. Equivalent of v055a
behaviour in v055b
+ is to manually exclude Termux. Things should then work as before.
I'm curious why Termux hates being tunneled by Rethink while running SOCKS5. How did you install and setup warp-plus
so that I may test this myself? Will be straightforward to fix, if I can reproduce it on my Android.
Thanks, the video demo helped a tonne!
just installed version 0.5.5a, which has none of the above problems and works with TERMUX
Unsure what Termux is doing here, but on
v055d
, do you see Termux related entries in Network Logs?
- If so, is Termux being blocked? It should; in fact, appear with a white-coloured left-hand side border, bypassing all firewall rules.
- If Termux is not blocked, what do you see in the bottomsheet's footer (which shows the final status of the connection) that comes up when you tap on Termux-related Network Log entries?
screenshot What's changed from
v055a
is that, apps that route SOCKS5 (Termux in your case) are not bypassed from Rethink's firewall and DNS rules nor are they excluded from Rethink's VPN tunnel. Equivalent ofv055a
behaviour inv055b
+ is to manually exclude Termux. Things should then work as before.I'm curious why Termux hates being tunneled by Rethink while running SOCKS5. How did you install and setup
warp-plus
so that I may test this myself? Will be straightforward to fix, if I can reproduce it on my Android.
Hello, I recorded all DNS LOGS(version 0.5.5d)of TERMUX in the form of a video below.
https://github.com/celzero/rethink-app/assets/83357422/07c2ee6d-f497-4e40-b9ad-08608f7e133a
Is it possible to fix again what you changed about TERMUX from version 0.5.5A, or is there another way? I think there must be another way (we need TERMUX to connect to free internet in our region and When combined with the RETHINK app, it blocks a lot of ads and improves speed )
Of course, WARP is the WIREGUARD GO project and is used for areas where WARP is completely blocked. You can use this project from the link below. https://github.com/bepass-org/warp-plus
Thank you.
Is it possible to fix again what you changed about TERMUX from version 0.5.5A, or is there another way?
To achieve v055a
equivalent behaviour in v055d
, exclude Termux.
Of course, WARP is the WIREGUARD GO project and is used for areas where WARP is completely blocked.
Why not import WARP profile in Rethink (ref) than run Termux in the background as a SOCKS5 proxy forwarding WireGuard packets?
Thanks. I think I know why this has trouble working in v055d
(as Termux is routed back into Rethink's VPN tunnel which itself is trying to establish a WARP tunnel of its own)... Can't say if we'll fix it right away, as I am not sure just what "kind" of changes are needed to support such a usecase.
Thank you.
Is it possible to fix again what you changed about TERMUX from version 0.5.5A, or is there another way?
To achieve
v055a
equivalent behaviour inv055d
, exclude Termux.Of course, WARP is the WIREGUARD GO project and is used for areas where WARP is completely blocked.
Why not import WARP profile in Rethink (ref) than run Termux in the background as a SOCKS5 proxy forwarding WireGuard packets?
Thanks. I think I know why this has trouble working in
v055d
(as Termux is routed back into Rethink's VPN tunnel which itself is trying to establish a WARP tunnel of its own)... Can't say if we'll fix it right away, as I am not sure just what "kind" of changes are needed to support such a usecase.
See, WARP doesn't work with or without a profile in Iran, it's completely blocked, and the only way to run it is the WIREGUARD GO project and plugging it into proxy runner programs.
I hope that with the help of your good team, you will solve this problem and we users will be able to access the free internet.
I'm not sure if this needs it's own issue, but I have problems with Nekobox SOCKS5 proxy in v0.5.5d
too. Rethink doesn't seem to route any traffic to it as it has been in v0.5.5c
. When I try to check my IP with the same setup I've had before update it shows me my real IP instead of my proxy's, and all of my ISP's blocklists apply too.
I have Rethink in Always-on VPN mode, Nekobox in proxy mode, port 1234 for SOCKS5, port 6450 for DNS proxy, and I set up SOCKS5 proxy in Rethink to 127.0.0.1:1234 - Nekobox, and DNS proxy to 127.0.0.1:6450 - Nekobox. Nekobox is excluded from dns and firewall rules.
It all did use to work before update, I haven't changed anything.
Rethink doesn't seem to route any traffic to it as it has been in v0.5.5c. When I try to check my IP with the same setup I've had before update it shows me my real IP instead of my proxy's, and all of my ISP's blocklists apply too.
Strange. Is SOCKS5 generally working for other such apps (like with ShadowRocket or Orbot or SingBox for example)?
Please track at: https://github.com/celzero/rethink-app/issues/1337
v055j
onwards (github, website, f-droid), proxy forwarder apps when selected (like Termux, ShadowRocket, Orbot) are Excluded by default from Rethink's VPN tunnel, like before.
To not have those proxy forwarder apps Excluded, one can turn ON Loopback proxy forwarder apps in Configure -> Network.
If this issue isn't fixed with Loopback proxy forwarder apps turned OFF (which is the default), feel free to re-open this issue. Thanks.
Hello, the first problem is that when we enter the program for the first time, we see NOTE: NO FIREWALL RULES FOUND, which was a problem in the previous 2 versions, but it was not a problem in version 0.5.5a.
The second problem: when we select RDNS DEFAULT as DNS and press the connection button, it remains in WAITING mode and no connection is made. This problem was the same as the previous problem in the previous 2 versions. This was not a problem only in version 0.5.5a.
The third problem: when from the SETUP SOCKS5 PROXY section To connect, we choose the TERMUX program, no connection is made while the connection is made with Other programs. While in all previous versions, the program was compatible with TERMUX
All problems are recorded in order in the video below
https://github.com/celzero/rethink-app/assets/83357422/fde6b7d0-0318-450d-a403-3cc7a9a7077c