faern
commented
1 year ago Which socks5 proxy more exactly? Could you elaborate on your setup and what you want to achieve please?
Closed zero77 closed 1 year ago
faern
commented
1 year ago Which socks5 proxy more exactly? Could you elaborate on your setup and what you want to achieve please?
zero77
commented
1 year ago @faern Mullvad offers socks5 proxies that are found https://mullvad.net/en/servers/ but, they only work when the vpn is connected. I think there should be an option to use the proxies without the vpn being connected but, still having the app installed.
faern
commented
1 year ago I suppose you mean our bridge servers? They are only intended to be used to reach our infrastructure (web server and VPN servers) when they are being blocked/censored. They are not intended to be used to reach the internet directly via.
zero77
commented
1 year ago The bridge servers provide SOCKS5 to internet functionality already. So is there any reason that this couldn't be added as having a SOCKS5 option is very useful.
faern
commented
1 year ago If one is already provided by the bridges, you can use it. What functionality in the app is it you want? No it is not in scope for the app to add another protocol allowing users to tunnel like user -> bridge -> internet. Why do you want this instead of using it like intended with either user -> VPN server -> internet or if you are censored possibly user -> bridge -> VPN server -> internet?
hdk5
commented
1 year ago I believe what @zero77 really wants is an option for not routing everything through VPN, and route only connections to aforementioned mullvad infrastructure. This feature would be useful to me as well.
With official WireGuard client, similar functionality could be achieved by setting AllowedIPs as
AllowedIPs = 10.64.0.1/32, 10.124.0.0/23And then setting up application to use socks5 proxy server like socks5://10.64.0.1:1080 (for the same server connection) or, for example, socks5://fi-hel-wg-socks5-002.relays.mullvad.net:1080 (for fi-hel-wg-002).
zero77
commented
1 year ago I believe what zero77 really wants is an option for not routing everything through VPN, and route only connections to aforementioned mullvad infrastructure.
Yes this is the sort of thing i am requesting.
faern
commented
1 year ago Aah. You are referring to the socks proxies available inside the WireGuard tunnels for our makeshift socks5 based multihop solution. I see now. This feature request is basically equivalent to inverse split tunneling where there would be a tunnel up, but by default no application would use it, and only selected programs would go in the tunnel.
I am then going to close this as a duplicate of inverse split tunneling feature. Sadly we don't plan on doing said feature anytime soon. #2808
faern
commented
1 year ago The core design of the Mullvad VPN app is "encapsulate everything and secure as much as possible". We do realize there are some people who want it only for the convenience of easily switching servers and automatically finding a new server if one goes down etc. We do acknowledged that use case. But it would probably require a rather large code change, and it would be a security risk to introduce many code paths that intentionally does not secure the system in every possible ways.
Operating system: Linux Debian
App version: Beta
Issue description
Can you please add support for using the Socks5 proxy without having to have a VPN connection established. Perhaps by creating a secondary virtual network adapter.