I’m running 2 instances of Dante server on my Linux machine, one of them is called
danted which is supposed to connect me to the internet through the ethernet cable and the other is
sockd which is supposed to connect me through an OpenVPN connection..
The first one,
danted is configured to use my ethernet cable (ens33):
internal: ens33 port=1080 external: ens33
The second one,
sockd is configured to use the OpenVPN interface (tun0):
internal: ens33 port=2080 external: tun0
The Dante servers are configured properly and when OpenVPN is not connected,
danted works fine but when OpenVPN connects,
danted doesn’t work anymore. When I check it’s logs, I just see that the connection times out.
My routing table when OpenVPN is not connected looks like this:
default via 192.168.1.1 dev ens33 src 192.168.1.10 metric 202 default via 192.168.1.1 dev ens33 proto dhcp metric 20001 169.254.0.0/16 dev ens33 scope link metric 1000 192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.10 metric 1 192.168.1.0/24 dev ens33 proto dhcp scope link src 192.168.1.10 metric 202
And when OpenVPN connects, it looks like this:
0.0.0.0/1 via 10.123.58.1 dev tun0 default via 192.168.1.1 dev ens33 src 192.168.1.10 metric 202 default via 192.168.1.1 dev ens33 proto dhcp metric 20001 10.123.58.0/23 dev tun0 proto kernel scope link src 10.123.58.65 18.104.22.168/1 via 10.123.58.1 dev tun0 169.254.0.0/16 dev ens33 scope link metric 1000 openvpn.server.wan.ipaddress via 192.168.1.1 dev ens33 192.168.1.0/24 dev ens33 proto kernel scope link src 192.168.1.10 metric 1 192.168.1.0/24 dev ens33 proto dhcp scope link src 192.168.1.10 metric 202
So OpenVPN adds 4 new routes to my table. I’ve tried individually deleting each of these rules or also did
ip route flush dev tun0 or deleted the
0/1 rule and added a
default rule for the
tun0 interface; but when I try these, and test the
sockd proxy server, my IP is my ethernet cable’s IP, not OpenVPN’s server IP.
I have no idea how to fix this, I’ve been Googling this a lot, I thought this was an easy task since Dante proxy server just binds to external connections.
Summary for the bounty:
I’ve tried using my interface’s IPv4 addresses instead of the interface names, for example I used 192.168.1.10 instead of ens33 and used 10.123.58.1 instead of tun0, but didn’t fix the issue (I know that OpenVPN’s internal address changes every time we reconnect).
I am specifying the external (outgoing) interface in Dante configs, so from my understanding, it really shouldn’t be using the Ubuntu’s routing table, doesn’t it just listen to incoming connections and forward them to the external interface? I don’t understand why the OpenVPN added routes causes me issues, even thought I can easily ping computers on my local network, I’ve checked there are no firewall rules added to my iptables (
iptables -n -v -L).
Here are the logs when I test the SOCKS server:
[18:18] Testing Started. Proxy Server Address: 192.168.1.10:1080 Protocol: SOCKS 5 Authentication: NO [18:18] Starting: Test 1: Connection to the Proxy Server [18:18] IP Address: 192.168.1.10 [18:18] Connection established [18:18] Test passed. [18:18] Starting: Test 2: Connection through the Proxy Server [18:18] Authentication was successful. [18:49] Error : the proxy server cannot establish connection to www.google.com:80 Error = 0x06 (Timeout). Please confirm that the target host address is correct. The error may also indicate that the proxy server is not operating properly. [18:49] Test failed. [18:49] Testing Finished.
The target host address is correct, I’ve checked dante-server’s logs as I’ve said above, and I can see google.com’s IP address:
Aug 26 19:01:11 (1629988271.706256) danted: info: pass(2): tcp/connect ]: 0 -> 192.168.1.15.9786 192.168.1.10.1080 -> 0, 0 -> 192.168.1.10.9786 22.214.171.124.443 -> 0: connect timeout. Session duration: 31s
When OpenVPN is disconnected, a successful connection looks like this:
Aug 26 19:06:18 (1629988578.802869) danted: info: pass(2): tcp/connect ]: 0 -> 192.168.1.15.9796 192.168.1.10.1080 -> 0, 0 -> 192.168.1.129.9796 126.96.36.199.443 -> 0: local client closed. Session duration: 10s
My question is specific about Dante-SOCKS5-Server, although I have tried Squid-HTTPS-Server and I had the same issue with it:
My question is specific about Dante-SOCKS5-Server, although I have tried Squid-HTTPS-Server and I had the same issue with it: [05:40] Starting: Test 1: Connection to the Proxy Server [05:40] IP Address: 192.168.1.10 [05:40] Connection established [05:40] Test passed. [05:40] Starting: Test 2: Connection through the Proxy Server [06:40] Error : the proxy server cannot establish connection with 188.8.131.52:443 The error indicates that the target host is down or unreachable. Please try to use another host and/or port as a test target. The proxy server reply header is: HTTP/1.1 503 Service Unavailable Server: squid/4.10 Mime-Version: 1.0 Date: Thu, 26 Aug 2021 16:36:40 GMT Content-Type: text/html;charset=utf-8 Content-Length: 3438 X-Squid-Error: ERR_CONNECT_FAIL 110 Vary: Accept-Language Content-Language: en [06:40] Test failed. [06:40] Testing Finished.