search

shadowsocks / shadowsocks-android

A shadowsocks client for Android
Other
35.12k stars 11.58k forks source link

A question about shadowsocks-android and UDP port forwarding (and another more general question) #290

Closed lepasserby closed 9 years ago

lepasserby commented 9 years ago

Okay, the setup is:

Shadowsocks-libev on the server (with udp forwarding enabled)

Shadowsocks android on the phone (Android 4.4)

Per-app proxification (I don't want to enable global proxy, due to reasons, and would so far refrain from a VPN)

The app runs normal TCP (sip signalling) and UDP (ports 5060 - 5080). Udp seems to be broken somehow.

I want to configure static port fowarding so that all UDP traffic originating from my phone that is destinatied towards port in that range is actually routed through shadowsocks.

About this way [phone, UDP to any remote host if destination port is in 5060-5080 range] \/ [shadowsocks's encrypted connection] \/ [remote shadowsocks server] \/ [callcentric's server]

It seems that I'm missing something about how to forward traffic through shadowsocks and being dumb with iptables.

Would you kindly help me out?

P.S.: Is there an IRC server / community / forum where I can direct similar inquiries, so as not to annoy you with dumb support requests like this ?

madeye commented 9 years ago

About UDP forwarding:

Android 4.4 or below:

  1. NAT mode: Enable = Global DNS forwarding through UDP. Disable = Global DNS proxy through TCP.
  2. VPN mode: Enable = Global UDP forwarding (all UDP). Disable = Global DNS proxy through TCP.

Android 5.0 or above:

  1. NAT mode: Enable = Global DNS forwarding through UDP. Disable = Global DNS proxy through TCP.
  2. VPN mode: Enable = Global/Per-App UDP forwarding (all UDP). Disable = Global/Per-App DNS proxy through TCP.

Post your further questions on support forum instead: https://groups.google.com/forum/#!forum/shadowsocks

lepasserby commented 9 years ago

Okay, I guess I'll go there now.

I am still greatly confused about how to do static port forwarding with Shadowsocks...

PiaDebian commented 6 years ago

Same problem like lepasserby and cannot join the given google groop... https://groups.google.com/forum/#!forum/shadowsocks ...there is no join button :-(

Kein commented 4 years ago

Any idea how to even test UDP forwarding (without super-complex traffic sniffing and decrypting)? Coming from https://github.com/shadowsocks/v2ray-plugin/issues/104

I have a SS server with UDP and TCP enabled and relay mode enabled as well in client and while TCP part is easy to test, the UDP one is like a ghost. dig cant really help me here and just returns me query normally from 8.8.8.8 but how would I even know if it was relayed.

soroush commented 1 year ago

I can confirm that UDP is completely ignored on the Android client. On Windows, the voice calls are relayed and working fine. I can also see the traffic on the server side. Though on the Android side, no matter which configuration I use, the UDP packets are sent through the default gateway... I am using ss+v2ray on websocket-http (no cert)

LindaFerum commented 1 year ago

@soroush Wait, so if I use Shadowsocks Android (most recent version) with VPN mode the UDP packets are either dropped (not relayed) or sent through regular connection?

That is... quite concerning!

Or is that specifically consequence of using the v2ray plugin with websocket-http ?

Can someone look into this? gently pinging @Mygod