search

celzero / rethink-app

DNS over HTTPS / DNS over Tor / DNSCrypt client, WireGuard proxifier, firewall, and connection tracker for Android.
https://rethinkfirewall.com/
Apache License 2.0
2.83k stars 144 forks source link

Can't access .onion sites when a TOR ProtonVPN Wireguard profile is used #1668

Closed turbamulta closed 2 weeks ago

turbamulta commented 2 weeks ago

ProtonVPN has some servers that can be used to go through / to the TOR network.

ProtonVPN Android app: 1) Connect to any TOR enabled server 2) Connect to any clearnet site. It loads. You have a TOR exit node ip. 3) Connect to a .onion site. It loads.

RethinkDNS Android app 1) Generate a Wireguard profile of any TOR enabled ProtonVPN server 2) Load the profile in RethinkDNS and connect. 3) Connect to any clearnet site. It loads. You have a TOR exit node ip. 4) Connect to a .onion site. It doesn't load, can't connect.

ignoramous commented 2 weeks ago

Are you running WireGuard in Simple mode or Advanced mode? If the latter, see:

Basically, the resolver set in Configure -> DNS must be able to resolve .onion queries for the usecase you mention to work. That's because, in Advanced WireGuard mode, the resolver in Configure -> DNS is used for ALL apps (and not the DNS set in WireGuard's configuration; this is due to a limitation in Android which doesn't allow split-tunneling per-app DNS requests).

turbamulta commented 2 weeks ago

Correct, I'm using advanced mode.

I've read the thread, makes sense. I'll try again when you have that per-app DNS feature, sounds quite tough.

I'm closing this issue since you already working on it. Thanks for the hard work you put on this.