rofl0r/proxychains-ng

NordVPN: disconnected shortly after connecting

d3spwn opened this issue ยท 19 comments

I'm able to connect irssi to an IRC server (with SSL) using proxychians-ng (as suggested by irssi). However a few seconds later I get disconnected. I'm using the default proxychains4.conf with just one socks5 proxy added. The same happens when I use a different proxy server or connect to a non SSL IRC server.

-!- Irssi: warning SSL read error: server closed connection unexpectedly
-!- Irssi: Connection lost to chat.freenode.net
$ proxychains irssi
[proxychains] config file found: /etc/proxychains4.conf
[proxychains] preloading /usr/lib/x86_64-linux-gnu/libproxychains.so.4
[proxychains] DLL init: proxychains-ng 4.13

as suggested by irssi

can you elaborate on that ?

server closed connection unexpectedly

i don't think this is due to proxychains, but due to the used proxy.

https://irssi.org/documentation/startup/#proxies-and-irc-bouncers says:

Using proxychains-ng (for SOCKS) is recommended

I'm using a NordVPN SOCKS5 proxy. I've send them a support request as well, but I doubt they can help. I'm not sure how to troubleshoot this issue or if it's even supposed to be able to work at all.

interesting. does it work when you connect to the IRC network with profixied netcat, or another proxified IRC app like hexchat ?

You're right. It's probably my VPN provider. I've tried a few random free SOCKS5 proxies from this list https://www.socks-proxy.net/ and some of them work just fine.

i've seen a couple bug reports mentioning nordvpn in specific, i suspect their socks gateway software does something particular that's currently not compatible with proxychains. would you mind mentioning in your support request that i would be willing to work with them to find and eliminate the issue ? i think it would be sufficient if i get a pcap file of a connection attempt, for starters.

have you been able to contact nordvpn in this context, @d3spwn ?

I tried, but I couldn't get past the scripted replies.

i0rpc commented

@rofl0r

Im willing to purchase the vpn for you to see if you could find the issue & make the changes.
also, curious if your proxychains can have pptp support added.

if you wanna purchase the vpn your self and just leave your btc wallet or paypal ill refund you.

thank you.

if you wanna purchase the vpn your self and just leave your btc wallet or paypal ill refund you.

@i0rpc thanks for the offer, but i currently don't have access to the one or the other

what would work though is if you order the socks5 access in your name and tell me the credentials in private, so i can test it. theoretically a single day of access would be sufficient, (but supposedly one needs to order at least a month?) so the cost could be kept minimal. we could exchange the credentials over IRC (channel is mentioned in README).

@i0rpc i've seen you joining. next time you enter the channel with the same nickname you will receive a message...

ok, thanks to an account provided by @i0rpc i was able to debug and find the issue.

nordvpn's socks5 service has a hardcoded inactivity timeout of 10 seconds. if there's no packet traffic during 10 seconds, the connection will be closed.
This is insufficient for a couple of protocols, most notably IRC. Usually, IRC servers send a PING packet every couple minutes on otherwise inactive connections. There's actually no standardized timeout and i suppose the timeout used differs per IRC network, with most of them probably using a PING interval of 60 seconds, but i've also seen some with 5 mins.
So NordVPN should fix their inactivity timeout and set it to something reasonable, like 310 seconds to be on the safe side, but at the very least 60+ seconds.

@d3spwn would you mind sending what i wrote above to support@nordvpn.com ? apparently they've got no ticket system and the account i have is not capable of sending emails.

I've forwarded your findings to their support team and asked them to keep me informed. I'll post here if I get any reply.

This is the reply I got:

Unfortunately, the 10 second inactivity timeout on our SOCKS5 connections has specific reasoning behind it, and is unlikely to change.

For your purposes, we can only recommend to set up an HTTP proxy connection using port 80.

thanks. so the NordVPN socks5 service is practically useless and shouldn't be used. let's keep this open for the world to see until NordVPN is shamed into conformance or out of business.

i did a test with their HTTP server, which works correctly. i didn't have any issues with an IRC server using a ping interval of 180 seconds.
might also be interesting to test this: http://www.tldp.org/HOWTO/TCP-Keepalive-HOWTO/usingkeepalive.html to set a tcp keepalive timeout < 10 seconds, but their socks5 software will probably not operate on that layer.

meanwhile Im fucked up right now because of this in 2020

zebdo commented

2022 me too!

i got my irc client to work with this tutorial: Proxy setup on qBittorrent
i searched for "http"

โ€ข Type: SOCKS5
โ€ข Host: Address of the proxy server of your choice

Choose from this list of servers:
amsterdam.nl.socks.nordhold.net
atlanta.us.socks.nordhold.net
dallas.us.socks.nordhold.net
los-angeles.us.socks.nordhold.net
nl.socks.nordhold.net
se.socks.nordhold.net
stockholm.se.socks.nordhold.net
us.socks.nordhold.net

Port: 1080
Select the Use proxy for peer connections and the Authentication checkboxes.
Username: Your NordVPN service username
Password: Your NordVPN service password`

it's just not every server works. you have to find out yourself

edit:
oh, well. it might not be that stable ... looks like i lost connection after 10 min
and again after 18 minutes :/

2024 still the same