allowed_ips - Githubissues

xutianyi1999 / fubuki

A mesh VPN

150 stars 19 forks source link

allowed_ips #15

Closed steom closed 5 months ago

steom commented 1 year ago

there are some requirements for using allowed_ips on windows?

adding the option:

ERROR simple_wintun::adapter - Delete wintun driver error: OS Error -536870339 (FormatMessageW() returned error 317) (os error -536870339) node xxx tcp handler error

Caused by: add nat record failed

xutianyi1999 commented 1 year ago

Can NetNat commands be executed in powershell?

steom commented 1 year ago

yes, New-NetNat and Set-NetNat can be executed in powershell.

xutianyi1999 commented 1 year ago

Are there more error logs?

steom commented 1 year ago

no

xutianyi1999 commented 1 year ago

Recompile, you may see more errors

steom commented 1 year ago

Are there more error logs?

New-NetNat -Name fubuki-172.0.0.0/24 -InternalIPInterfaceAddressPrefi ...


+ CategoryInfo          : NotSpecified: (MSFT_NetNat:root/StandardCimv2/MSFT_NetNat) [New-NetNat], CimException
+ FullyQualifiedErrorId : HRESULT 0x80041013,New-NetNat

[2023-06-15 20:07:16] ERROR simple_wintun::adapter - Delete wintun driver error: OS Error -536870339 (FormatMessageW() returned error 317) (os error -536870339) node t1 tcp handler error

xutianyi1999 commented 1 year ago

May have to enable Hyper-V https://learn.microsoft.com/en-us/virtualization/hyper-v-on-windows/user-guide/setup-nat-network

xutianyi1999 commented 6 months ago

Add cross_nat option

Used to replace the current platform system NAT component. It can be enabled when the system NAT is unavailable. It only takes effect when allowed_ips is configured. The default is false

steom commented 6 months ago

finally! very good! I will give you feedback!

xutianyi1999 commented 6 months ago

finally! very good! I will give you feedback!

precompiled test version

steom commented 6 months ago

subnets ping works successfully but ERROR fubukil::node::cross_nat - tcp_inbound_handler error: connect to 192.168.0.3:445 error

Caused by: Unable to establish connection. Incorrect response from the connected party after the time interval or no response from the connected host. (os error 10060)

xutianyi1999 commented 6 months ago

Not sure if you have config it correctly when Node A has route 192.168.0.0/24, add allowed_ips config

"allowed_ips": [
        "192.168.0.0/24"
]

when Node B wants to access 192.168.0.3, add ips config

 "ips": {
        "Node A IP": [
          "192.168.0.0/24"
        ]
}

steom commented 6 months ago

yes sure... without this conf Node B, will not ping 192.168.0.3...

udp traffic is ok tcp tcp_inbound_handler error

xutianyi1999 commented 6 months ago

Reply of this ping is fake Can TCP be established with 192.168.0.3:445 on Node A?

steom commented 6 months ago

i've checked with an udp payload test ok

i've checked with an tcp payload test also...

tcp ERROR fubukil::node::cross_nat - tcp_inbound_handler error: connect to 192.168.0.3:445 error on node A

xutianyi1999 commented 6 months ago

Only using telnet 192.168.0.3 445 on Node A is also established?

steom commented 6 months ago

yes

new-Object System.Net.Sockets.TcpClient("192.168.0.3", 445)

Client : System.Net.Sockets.Socket Available : 0 Connected : True ExclusiveAddressUse : False ReceiveBufferSize : 65536 SendBufferSize : 65536 ReceiveTimeout : 0 SendTimeout : 0 LingerState : System.Net.Sockets.LingerOption NoDelay : False

xutianyi1999 commented 6 months ago

remove the socket network interface binding in cross_nat https://github.com/xutianyi1999/fubuki-test/releases/tag/v0.1.87

steom commented 6 months ago

fine! now works ok

xutianyi1999 commented 5 months ago

cross-nat merged into v0.5.9