search

xjasonlyu / tun2socks

tun2socks - powered by gVisor TCP/IP stack
https://github.com/xjasonlyu/tun2socks/wiki
GNU General Public License v3.0
3.13k stars 433 forks source link

[Bug] macOS safari not work through tun2socks #211

Closed sonvirgo closed 1 year ago

sonvirgo commented 1 year ago

Verify steps

Version

2.4.1

What OS are you seeing the problem on?

macOS

Description

setup tun2socks to a remote socks5. add route to net 0/1 safari and terminal not connect, only Xcode and brew

CLI or Config

sudo ./tun2socks -device utun123 -proxy socks5://192.168.43.1:2088 -interface en0 sudo ifconfig utun123 198.18.0.1 198.18.0.1 up sudo route add -net 0/1 198.18.0.1

Logs

netstat -nr
Routing tables

Internet:
Destination        Gateway            Flags           Netif Expire
0/1                198.18.0.1         UGScg         utun123       
default            192.168.43.1       UGScg             en0       
127                127.0.0.1          UCS               lo0       
127.0.0.1          127.0.0.1          UH                lo0       
169.254            link#6             UCS               en0      !
192.168.43         link#6             UCS               en0      !
192.168.43.1/32    link#6             UCS               en0      !
192.168.43.1       2c:fd:a1:4d:7a:8c  UHLWIir           en0   1065
192.168.43.143/32  link#6             UCS               en0      !
192.168.43.143     38:b1:db:e2:1c:ef  UHLWI             lo0       
198.18.0.1         198.18.0.1         UHr           utun123       
224.0.0/4          link#6             UmCS              en0      !
224.0.0.251        1:0:5e:0:0:fb      UHmLWI            en0       
255.255.255.255/32 link#6             UCS               en0      !

ifconfig
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
    options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
    inet 127.0.0.1 netmask 0xff000000 
    inet6 ::1 prefixlen 128 
    inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 
    nd6 options=201<PERFORMNUD,DAD>
XHC20: flags=0<> mtu 0
gif0: flags=8010<POINTOPOINT,MULTICAST> mtu 1280
EHC29: flags=0<> mtu 0
stf0: flags=0<> mtu 1280
en0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether 38:b1:db:e2:1c:ef 
    inet6 fe80::1802:99ae:1939:a76c%en0 prefixlen 64 secured scopeid 0x6 
    inet 192.168.43.143 netmask 0xffffff00 broadcast 192.168.43.255
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active
p2p0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 2304
    options=400<CHANNEL_IO>
    ether 0a:b1:db:e2:1c:ef 
    media: autoselect
    status: inactive
awdl0: flags=8943<UP,BROADCAST,RUNNING,PROMISC,SIMPLEX,MULTICAST> mtu 1484
    options=400<CHANNEL_IO>
    ether ce:20:0d:6f:c4:51 
    inet6 fe80::cc20:dff:fe6f:c451%awdl0 prefixlen 64 scopeid 0x8 
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active
llw0: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
    options=400<CHANNEL_IO>
    ether ce:20:0d:6f:c4:51 
    inet6 fe80::cc20:dff:fe6f:c451%llw0 prefixlen 64 scopeid 0x9 
    nd6 options=201<PERFORMNUD,DAD>
    media: autoselect
    status: active
utun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1380
    inet6 fe80::278a:5ade:3527:453b%utun0 prefixlen 64 scopeid 0xa 
    nd6 options=201<PERFORMNUD,DAD>
utun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 2000
    inet6 fe80::aecc:bb6b:5ca6:36dc%utun1 prefixlen 64 scopeid 0xb 
    nd6 options=201<PERFORMNUD,DAD>
utun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1000
    inet6 fe80::ce81:b1c:bd2c:69e%utun2 prefixlen 64 scopeid 0xc 
    nd6 options=201<PERFORMNUD,DAD>
utun123: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500
    inet 198.18.0.1 --> 198.18.0.1 netmask 0xffffff00

How to Reproduce

just run command sequence as the above

chromer030 commented 1 year ago

Base on wiki :

macOS
In macOS, we need to start tun2socks first so that it will create TUN interface for us.

tun2socks -device utun123 -proxy socks5://host:port -interface en0
Use ifconfig to bring the TUN interface up and assign addresses for it.

sudo ifconfig utun123 198.18.0.1 198.18.0.1 up
Add these specific routes so that tun2socks can handle primary connections.

sudo route add -net 1.0.0.0/8 198.18.0.1
sudo route add -net 2.0.0.0/7 198.18.0.1
sudo route add -net 4.0.0.0/6 198.18.0.1
sudo route add -net 8.0.0.0/5 198.18.0.1
sudo route add -net 16.0.0.0/4 198.18.0.1
sudo route add -net 32.0.0.0/3 198.18.0.1
sudo route add -net 64.0.0.0/2 198.18.0.1
sudo route add -net 128.0.0.0/1 198.18.0.1
sudo route add -net 198.18.0.0/15 198.18.0.1
sonvirgo commented 1 year ago

Base on wiki : Add these specific routes so that tun2socks can handle primary connections.

sudo route add -net 1.0.0.0/8 198.18.0.1 sudo route add -net 2.0.0.0/7 198.18.0.1 sudo route add -net 4.0.0.0/6 198.18.0.1 sudo route add -net 8.0.0.0/5 198.18.0.1 sudo route add -net 16.0.0.0/4 198.18.0.1 sudo route add -net 32.0.0.0/3 198.18.0.1 sudo route add -net 64.0.0.0/2 198.18.0.1 sudo route add -net 128.0.0.0/1 198.18.0.1 sudo route add -net 198.18.0.0/15 198.18.0.1


I think they got same result in routing table
sudo route add -net 0/1 198.18.0.1
sonvirgo commented 1 year ago

I figure it out. My socks5 psiphon port do not support UDP, so there was no DNS By default tun2sock forward all UDP to the socks5, hence noway to resolve DNS by UDP. Workaround use TCP for DNS. Screen Shot 2023-01-31 at 10 05 09 PM