Rubin Shrestha
Zend certified PHP/Magento developer
Rubin Shrestha
Blog

Using Redsocks to relay UDP traffic

by |Published

I want to set my up my Ubuntu server as a router to use Redsocks to pass all TCP and UDP (specifically DNS) traffic from my client’s to a SOCKS5 proxy server.

So far, I am able to route all TCP traffic without any issues, but no DNS traffic.

Here’s my redudp configuration:

base {
        // debug: connection progress & client list on SIGUSR1
        log_debug = off;

        // info: start and end of client session
        log_info = on;

        /* possible `log' values are:
         *   stderr
         *   "file:/path/to/file"
         *   syslog:FACILITY  facility is any of "daemon", "local0"..."local7"
         */
        log = "syslog:daemon";

        // detach from console
        daemon = on;

        /* Change uid, gid and root directory, these options require root
         * privilegies on startup.
         * Note, your chroot may requre /etc/localtime if you write log to syslo                                                                                                             g.
         * Log is opened before chroot & uid changing.
         */
        user = redsocks;
        group = redsocks;
        // chroot = "/var/chroot";

     
        redirector = iptables;
}

redudp {
        // `local_ip' should not be 0.0.0.0 as it's also used for outgoing
        // packets that are sent as replies - and it should be fixed
        // if we want NAT to work properly.
        local_ip = 192.168.18.128;
        //local_ip = 0.0.0.0;
        local_port = 3443;

        // `ip' and `port' of socks5 proxy server.
        ip = 127.0.0.1;
        port = 3444;

        // kernel does not give us this information, so we have to duplicate it
        // in both iptables rules and configuration file.  By the way, you can
        // set `local_ip' to 127.45.67.89 if you need more than 65535 ports to
        // forward ;-)
        // This limitation may be relaxed in future versions using contrack-tools.
        dest_ip = <internal dns server IP>
        dest_port = 53;

        udp_timeout = 30;
        //udp_timeout_stream = 180;
}

And here is my iptables config for UDP:

*nat
:PREROUTING ACCEPT [106:8699]
:INPUT ACCEPT [53:4443]
:OUTPUT ACCEPT [65:4694]
:POSTROUTING ACCEPT [245:16338]
:REDSOCKS - [0:0]
-A PREROUTING -i ens37 -p udp -m udp --dport 53 -j REDSOCKS
-A REDSOCKS -d 192.168.18.0/24 -j RETURN
-A REDSOCKS -p udp -m udp --dport 53 -j REDIRECT --to-ports 3443
COMMIT

On my Windows system I’ve configured the default gateway to point to the redsocks vm. I have configured the DNS server to point to the same DNS server listed in the redudp block, which is the DNS server in my environment.

I also have Wireshark running, so I can confirm that all the UDP traffic is being routed to the Redsocks VM. Also, I see the packet counter increase for the DNS rules in iptables, but doesn’t seem like it’s actually working as I can’t resolve any hostnames in my environment.

It’s able to route all the TCP traffic.

Did I misconfigure something?

You may also like