I want to set my up my Ubuntu server as a router to use Redsocks to pass all TCP and UDP (specifically DNS) traffic from my client’s to a SOCKS5 proxy server.
So far, I am able to route all TCP traffic without any issues, but no DNS traffic.
Here’s my redudp
configuration:
base {
// debug: connection progress & client list on SIGUSR1
log_debug = off;
// info: start and end of client session
log_info = on;
/* possible `log' values are:
* stderr
* "file:/path/to/file"
* syslog:FACILITY facility is any of "daemon", "local0"..."local7"
*/
log = "syslog:daemon";
// detach from console
daemon = on;
/* Change uid, gid and root directory, these options require root
* privilegies on startup.
* Note, your chroot may requre /etc/localtime if you write log to syslo g.
* Log is opened before chroot & uid changing.
*/
user = redsocks;
group = redsocks;
// chroot = "/var/chroot";
redirector = iptables;
}
redudp {
// `local_ip' should not be 0.0.0.0 as it's also used for outgoing
// packets that are sent as replies - and it should be fixed
// if we want NAT to work properly.
local_ip = 192.168.18.128;
//local_ip = 0.0.0.0;
local_port = 3443;
// `ip' and `port' of socks5 proxy server.
ip = 127.0.0.1;
port = 3444;
// kernel does not give us this information, so we have to duplicate it
// in both iptables rules and configuration file. By the way, you can
// set `local_ip' to 127.45.67.89 if you need more than 65535 ports to
// forward ;-)
// This limitation may be relaxed in future versions using contrack-tools.
dest_ip = <internal dns server IP>
dest_port = 53;
udp_timeout = 30;
//udp_timeout_stream = 180;
}
And here is my iptables config for UDP:
*nat
:PREROUTING ACCEPT [106:8699]
:INPUT ACCEPT [53:4443]
:OUTPUT ACCEPT [65:4694]
:POSTROUTING ACCEPT [245:16338]
:REDSOCKS - [0:0]
-A PREROUTING -i ens37 -p udp -m udp --dport 53 -j REDSOCKS
-A REDSOCKS -d 192.168.18.0/24 -j RETURN
-A REDSOCKS -p udp -m udp --dport 53 -j REDIRECT --to-ports 3443
COMMIT
On my Windows system I’ve configured the default gateway to point to the redsocks vm. I have configured the DNS server to point to the same DNS server listed in the redudp block, which is the DNS server in my environment.
I also have Wireshark running, so I can confirm that all the UDP traffic is being routed to the Redsocks VM. Also, I see the packet counter increase for the DNS rules in iptables
, but doesn’t seem like it’s actually working as I can’t resolve any hostnames in my environment.
It’s able to route all the TCP traffic.
Did I misconfigure something?