Can we relay both WebRtc and DNS (UDP) through Proxy ?
Jackychans opened this issue · 2 comments
Jackychans commented
I'm new to redsocks. Just wonder how we can bypass webrtc and DNS leak.
Please look at the photo below, the true IP shown from webrtc field and DNS ISP not from proxy country.
Here is my iptable rule
iptables -t nat -N REDSOCKS
iptables -t nat -A REDSOCKS -p udp --dport 53 -j DNAT --to-destination 127.0.0.1:10053
iptables -t nat -A REDSOCKS -p tcp -d 8.8.8.8:53 -j REDIRECT --to-ports 12345
iptables -t nat -A REDSOCKS -p tcp -d 8.8.4.4:53 -j REDIRECT --to-ports 12345
iptables -t nat -A REDSOCKS -m owner --uid-owner $(pgrep redsocks2) -j RETURN
iptables -t nat -A REDSOCKS -p tcp -d 65.108.9.147 -j RETURN
iptables -t nat -A REDSOCKS -p tcp -d 65.21.238.216 -j RETURN
iptables -t nat -A REDSOCKS -p tcp -d 192.168.0.0/24 -j RETURN
iptables -t nat -A REDSOCKS -p tcp -d 10.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -p tcp -d 172.16.0.0/12 -j RETURN
iptables -t nat -A REDSOCKS -p tcp -d 224.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -p tcp -d 240.0.0.0/4 -j RETURN
iptables -t nat -A REDSOCKS -p tcp -d 127.0.0.0/8 -j RETURN
iptables -t nat -A REDSOCKS -p tcp --dport 80 -j REDIRECT --to-ports 12345
iptables -t nat -A REDSOCKS -p tcp --dport 443 -j REDIRECT --to-ports 12345
iptables -t nat -I OUTPUT -j REDSOCKS
iptables -t filter -N REDSOCKS
iptables -t filter -A REDSOCKS -p udp -d 65.108.9.147 -j RETURN
iptables -t filter -A REDSOCKS -p udp -d 65.21.238.216 -j RETURN
iptables -t filter -A REDSOCKS -p udp -d 192.168.0.0/24 -j RETURN
iptables -t filter -A REDSOCKS -p udp -d 10.0.0.0/8 -j RETURN
iptables -t filter -A REDSOCKS -p udp -d 172.16.0.0/12 -j RETURN
iptables -t filter -A REDSOCKS -p udp -d 224.0.0.0/4 -j RETURN
iptables -t filter -A REDSOCKS -p udp -d 240.0.0.0/4 -j RETURN
iptables -t filter -A REDSOCKS -p udp -d 127.0.0.0/8 -j RETURN
iptables -t filter -A REDSOCKS -p udp --dport 80 -j REJECT
iptables -t filter -A REDSOCKS -p udp --dport 443 -j REJECT
iptables -t filter -I OUTPUT -j REDSOCKS
and redsocks.conf
base {log_debug = off;log_info = off;log = "stderr";daemon = on;redirector = iptables; }
redsocks { bind = "0.0.0.0:12345";relay = "207.246.121.109:15892"; type = socks5; login = "ynureq5v0tg8"; password = "ynureq5v0tg8"; }
redudp { bind = "0.0.0.0:10053";relay = "207.246.121.109:15892"; type = socks5; login = "ynureq5v0tg8"; password = "ynureq5v0tg8"; dest = "8.8.8.8:53"; udp_timeout = 3;}
tcpdns { bind = "127.0.0.1:1053"; tcpdns1 = "8.8.8.8:53"; tcpdns2 = "8.8.4.4:53" ;timeout = 10;}
The expectation is that the webrtc field should show Proxy IP and ISP country should be US
Please advise, really appreciate
Jackychans commented
I just add another IP table line
iptables -t nat -A REDSOCKS -p udp --dport 19302 -j REDIRECT --to-ports 10053
However, that would block public IP address exposed by webrtc, while I expect webrtc should show proxy IP.
ge9 commented
It's possible.
You have to use TPROXY instead of REDIRECT to proxy UDP traffic.