search

daeuniverse / dae

eBPF-based Linux high-performance transparent proxy solution.
GNU Affero General Public License v3.0
3.18k stars 195 forks source link

[Support Request] 如何验证 TPROXY 正常开启?在 PPPoE 软路由中配置 TPROXY 本机代理连接挂起 #681

Open xinyifly opened 2 hours ago

xinyifly commented 2 hours ago

Checks

Support Request

在 PPPoE 环境中根据 #304 配置本机代理

Current Behavior

lan_interface 下,局域网机器已经正常代理。

运行 iptables 启动脚本以后,

curl 域名解析不到 ip, curl ip 挂起。

ss -ltunp 看不到 12345 端口。

Expected Behavior

通过 TPROXY 正常代理本机请求

Steps to Reproduce

  1. dae 配置 dnsmasq
global {
  tproxy_port: 12345
  tproxy_port_protect: false
  so_mark_from_dae: 0x80
}

routing {
  pname(dnsmasq) -> must_direct
  // 其它直连规则
  fallback: auto // 代理
}

dns {
  routing {
    request { fallback: dnsmasq }
    // 省略 response
  }
}

  1. dnsmasq 上游使用运营商 ip , /etc/resolv.conf 使用运营商 ip 让 dae 劫持

  2. 运行 #304 中的 iptables 规则

  3. 在本机执行 curl 测试网络

Environment

dae version 0.7.4
go runtime go1.22.3 linux/amd64
Copyright (c) 2022-2024 @daeuniverse
License GNU AGPLv3 <https://github.com/daeuniverse/dae/blob/main/LICENSE>
BUG_REPORT_URL="https://github.com/NixOS/nixpkgs/issues"
BUILD_ID="23.11.20240709.205fd42"
DOCUMENTATION_URL="https://nixos.org/learn.html"
HOME_URL="https://nixos.org/"
ID=nixos
LOGO="nix-snowflake"
NAME=NixOS
PRETTY_NAME="NixOS 23.11 (Tapir)"
SUPPORT_END="2024-06-30"
SUPPORT_URL="https://nixos.org/community.html"
VERSION="23.11 (Tapir)"
VERSION_CODENAME=tapir
VERSION_ID="23.11"
Linux asus 6.1.96 #1-NixOS SMP PREEMPT_DYNAMIC Thu Jun 27 11:46:24 UTC 2024 x86_64 GNU/Linux

Anything else?

No response

dae-prow[bot] commented 2 hours ago

Thanks for opening this issue!