search

nadoo / glider

glider is a forward proxy with multiple protocols support, and also a dns/dhcp server with ipset management features(like dnsmasq).
GNU General Public License v3.0
3.19k stars 439 forks source link

Issues with forwarding UDP via SOCKS5 server #372

Closed brnbs closed 1 year ago

brnbs commented 1 year ago

I am trying to run the following example from the docs: glider -listen udp://:53 -forward socks5://SERVER_IP:9150,udp://8.8.8.8:53 Then on the server, I start a simple SOCKS5 server using glider: glider -verbose -listen socks5://:9150 In this setup, running nslookup apple.com 127.0.0.1 works well and returns a non-authoritative answer.

However, if I use Dante SOCKS5 server with a very minimal config (without authentication), the UDP tunneling does not work and I get a DNS request timeout error. The Dante server has been tested with multiple clients, and it is working fine. Here is the config I used to start Dante:

logoutput: syslog
user.privileged: root
user.unprivileged: nobody

internal: 0.0.0.0 port=9150
external: eth0

socksmethod: none
clientmethod: none

client pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
}
socks pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
    command: bind connect udpassociate
}
socks pass {
    from: 0.0.0.0/0 to: 0.0.0.0/0
    command: bindreply udpreply
}

This is the verbose output of the glider command:

2023/06/20 22:02:57 group.go:191: [group] main: only 1 forwarder found, disable health checking
2023/06/20 22:02:57 udp.go:66: [udp] listening UDP on :53
2023/06/20 22:03:02 udp.go:109: [udp] 127.0.0.1:60064 <-> SERVER_IP:9150,8.8.8.8:53
2023/06/20 22:03:04 udp.go:109: [udp] 127.0.0.1:50615 <-> SERVER_IP:9150,8.8.8.8:53
2023/06/20 22:03:06 udp.go:109: [udp] 127.0.0.1:49859 <-> SERVER_IP:9150,8.8.8.8:53
2023/06/20 22:03:08 udp.go:109: [udp] 127.0.0.1:49861 <-> SERVER_IP:9150,8.8.8.8:53
2023/06/20 22:03:10 udp.go:109: [udp] 127.0.0.1:49863 <-> SERVER_IP:9150,8.8.8.8:53

And this is the output of the DNS query:

PS C:\Users\user> nslookup apple.com 127.0.0.1
DNS request timed out.
    timeout was 2 seconds.
Server:  UnKnown
Address:  127.0.0.1

DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
DNS request timed out.
    timeout was 2 seconds.
*** Request to UnKnown timed-out

Could it be a bug in the UDP forwarding implementation that causes this compatibility issue?

github-actions[bot] commented 1 year ago

This issue is stale because it has been open 90 days with no activity. Remove stale label or comment or this will be closed in 5 days.

brnbs commented 1 year ago

@nadoo @felixonmars could you help me with this? I would really appreciate your input!