Closed ghost closed 4 years ago
Hello,
Sorry but I don't understand your question :'( What is v2ray ?
v2ray is software to bypass China firewall. I want use your wstunnel, but need SO_MARK option. In C or Golang I can add SO_MARK to socket via setsockopt and routing it via ip rule
. I cant find method to add it in Haskell, maybe u can help.
It is not available in Haskell as it is dependent of the platform, SO_MARK exist only in Linux. I can look if there is custom bypass, but I am not sure.
Out of curiosity how does v2ray works ? Why do you need ip rule
to route the traffic ?
I combined VPN+v2ray on Android phone. Android use fwmark for internal routing and if I set v2ray fwmark to 0x20000 it can bypass Android VPN Service and connect directly to server. My VPN client connect via v2ray to destination server and all work. VPN-Client -> v2ray-client -> (websocket traffic via Internet) -> v2ray-server -> VPN-Server
Ok Thanks for the explanation :) I will to look this week-end if it is possible to add SO_MARK
I have a proto working, can you tell for which arch do you need the binary ? {x86, armv7, aarch64}
aarch64 :)
ack, I will do a release tonight or tomorrow as I have to spawn somewhere an aarch64
here we are, would you mind testing this release ? https://github.com/erebe/wstunnel/releases/download/SO_MARK/wstunnel
@erebe sorry, i check commits and cant find where i need to set custom mark value, maybe commandline args or something else
it is on by default, so nothing to do normally if it is supported by the kernel. Your packet should be marked without anything extra
it need to be configured with some custom value, and via ip rule
it will be detected by mark value and routed
SO_MARK (since Linux 2.6.25)
Set the mark for each packet sent through this socket (similar
to the netfilter MARK target but socket-based). Changing the
mark can be used for mark-based routing without netfilter or
for packet filtering.
The mark should be 1 for now (that's the value I passed to setSocketOption), before making it confirgurable I would like to see if it is even working on arm ;x
P.s: Sorry for the lack of explanation ;c
Tested now, think all work good. I set ip rule add pref 9000 from all fwmark 0x0/0x1 iif lo lookup wlan0
on my Android phone and your wstunnel+WireGuard working good, without ip rule
it not working. In Android packets market 0x20000 can bypass Android VPN without routing rule add, so can u set it to 0x20000 (131072 in decimal) or add command line arg to set value (its preferable).
And one more feature request: in Haskell can you change SNI in ClientHello packet? If i need simulate connection to site whose domain is not mine i need modify my hosts file or inject DNS. It will be good if domain name can be set separated from wstunnel server IP.
Thanks 👍
Going to add an option to configure the value. Regarding the SNI, it has been asked several times already but I won't do it as it is too low lvl in the library I use, so I don't have access to it. I can done if I fork the lib, but I would rather avoid doing that?
Here we are, https://github.com/erebe/wstunnel/releases/download/v3.0/wstunnel-aarch64 You now have an option --soMark where you can put the value you want :)
If it is working for you, I would be glad if you have time to write a short page about your setup, so I can link it in the readme
Ping @B1oHazard regarding à little explanation of your interesting setup. Just à paragraphe or 2 would be enough, I am sure it can be appreciated by à lot of other people :)
more information here https://stackoverflow.com/a/38764232 but this method needs root access on android devices, I have plan to develop a VPN based on wstunnel for android devices and I need some changes in wsocket I'll create an issue for that in the future (currently I don't know Haskell!)
Hi, can u add option to mark wstunnel packets as realized in v2ray?