SOCKS 4A/5 or HTTP proxy

[sssemil]

Is it possible to use SOCKS 4A/5 or HTTP proxy to connect through cjdroute without tun device?

[kpcyrd]

No.

I was thinking about this a while ago, as it'd be a fun project especially in environments where one does not have CAP_NET_ADMIN. The reason why this is hard is because cjdroute works with packets, but the proxy would need to work with streams, so it would need to have it's own tcp/ip stack. I'd assume it's out of scope for the original cjdroute, but it should be possible to write a standalone application that wraps tun devices as socks proxy with LD_PRELOAD.

[sssemil]

I'd assume it's out of scope for the original cjdroute, but it should be possible to write a standalone application that wraps tun devices as socks proxy with LD_PRELOAD.

Could you please point me into more details?

Will this do https://github.com/russdill/tunsocks?

[sssemil]

So, I'll have to wrap most of calls in this file - https://github.com/cjdelisle/cjdns/blob/master/interface/tuntap/TUNInterface_linux.c ?

With something like this:

#include "library.h"

#include <stdio.h>

#define __USE_GNU

#include <dlfcn.h>
#include <string.h>

#if defined(android)
#define DEVICE_PATH "/dev/tun"
#else
#define DEVICE_PATH "/dev/net/tun"
#endif

typedef int (*orig_ioctl_f_type)(int d, unsigned long request, char *argp);

int ioctl(int d, unsigned long request, char *argp, ...) {
    orig_ioctl_f_type orig_ioctl;
    orig_ioctl = (orig_ioctl_f_type) dlsym(RTLD_NEXT, "ioctl");
    int tmp = orig_ioctl(d, request, argp);

    if (d == 1001) {
        printf("Hello from ioctl: %d, %d\n", d, tmp);
    }

    return tmp;
}

typedef int (*orig_open_f_type)(const char *pathname, int flags);

int open(const char *pathname, int flags, ...) {
    if (strcmp(pathname, DEVICE_PATH) == 0){
        printf("Hello from open: \"%s\"\n", pathname);
        return 1001;
    }

    orig_open_f_type orig_open;
    orig_open = (orig_open_f_type) dlsym(RTLD_NEXT, "open");
    return orig_open(pathname, flags);
}

But with much more stuff like my own TCP/IP stack?

[kpcyrd]

Yes, that should work. You'd either have to write a new TunInterface that uses file fds or write a helper program that hooks the function cjdroute uses to open the tun device and then wires it up with stdio from tunsocks.

[sssemil]

Would it be ok to add stdio interface support near TUNInterface? Similar to this openconnect --script-tun --script "tunsocks -D 8080 -R ssh -L 8888:webproxy.example.com:80" vpn.example.com but inside configuration?

*"ok" as if it's in the spirit of the project.

[sssemil]

I hope that I'm in the right direction https://github.com/sssemil/cjdns/commit/60a37b07eb5ff83eb86f4e4c41e6b743ccd10138