search

dndx / phantun

Transforms UDP stream into (fake) TCP streams that can go through Layer 3 & Layer 4 (NAPT) firewalls/NATs.
Apache License 2.0
1.71k stars 137 forks source link

Unable to connect using IPV6 in phantun 0.6.0 #98

Closed address-list closed 1 year ago

address-list commented 1 year ago 

# Server
OS Debian11 and OpenWrt 22.03
LAN test connection

-------------------------------------------------
# run command line
RUST_LOG=info phantun_server -l 4567 -r [240e:xxxxxx]:53
-------------------------------------------------
# iptables rule
sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1
iptables -t nat -A PREROUTING -p tcp -i eth0 --dport 4567 -j DNAT --to-destination 192.168.201.2
ip6tables -t nat -A PREROUTING -p tcp -i eth0 --dport 4567 -j DNAT --to-destination fcc9::2
-------------------------------------------------

# Client
OS Debian11 and OpenWrt 22.03
LAN test connection

-------------------------------------------------
ipv4 ok  INFO  fake_tcp > Connection to 192.168.100.100:4567 established
RUST_LOG=info phantun_client -l [::]:53 -r 192.168.100.100:4567
-------------------------------------------------
# ipv6 err
RUST_LOG=info phantun_client -l [::]:53 -r [240e:xxxx::1]:4567
-------------------------------------------------
# ipv6 err is
 INFO  fake_tcp > Fake TCP connection to (Fake TCP connection from [fcc8::2]:32975 to [240e:xxxxx]:4567) closed
 ERROR client   > Unable to connect to remote [240e:xxxx]:4567
-------------------------------------------------
# iptables rule
sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1
iptables -t nat -A POSTROUTING -o ens32 -j MASQUERADE
ip6tables -t nat -A POSTROUTING -o ens32 -j MASQUERADE

# It is also impossible to connect on the IPV6 network using the nft rule
address-list commented 1 year ago

Solved, it was my parameter configuration error.