You are not logged in.
My setup is one where I am connected to router 2 that routes all connections to a vpn, in this setup I have a EndeavourOS guest virtual machine, but I don't want the traffic on this VM to go through the vpn. As a solution, router 1 doesn't use a vpn and provides a proxy applications can connect to. When testing if the proxy works through Firefox (under general -> scroll to bottom -> network settings -> fill out the fields), it was successful! Websites show my real ip instead of the vpn.
It is still possible for some applications to not offer the option of using a proxy, because of this I need a method that doesn't rely on proxy settings being implemented. Here's a little guide on how to do this.
1. Install Redsocks
paru -S redsocks2. Write a configuration file in /etc/redsocks.conf
base {
log_debug = on;
log_info = on;
log = "syslog:daemon";
daemon = on;
redirector = iptables;
}
redsocks {
local_ip = 0.0.0.0;
local_port = 31338;
ip = 192.168.1.1;
port = 8888;
type = http-connect;
}3. Enable and start the systemctl service
sudo systemctl enable redsocks
sudo systemctl start redsocks4. Setup iptables, use the redsocks website as a guide
# Create new chain
sudo iptables -t nat -N REDSOCKS
# Ignore LANs and some other reserved addresses.
# See Wikipedia and RFC5735 for full list of reserved networks.
sudo iptables -t nat -A REDSOCKS -d 0.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 10.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 127.0.0.0/8 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 169.254.0.0/16 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 172.16.0.0/12 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 192.168.0.0/16 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 224.0.0.0/4 -j RETURN
sudo iptables -t nat -A REDSOCKS -d 240.0.0.0/4 -j RETURN
# Anything else should be redirected to port 31338
sudo iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 31338Now it should work, but it doesn't. All my connections are still going through my vpn. In another guide, I noticed someone also did
sudo iptables -t nat -A REDSOCKS -p tcp --dport 443 -j REDIRECT --to-ports 31338
sudo iptables -t nat -A REDSOCKS -p tcp -j REDIRECT --to-ports 31338
# Any tcp connection made should be redirected to the REDSOCKS CHAIN.
sudo iptables -t nat -A OUTPUT -p tcp -j REDSOCKSSo I tried. Now I don't have internet connection. This is mainly due to the last line.
I believe I got this to work on OpenSUSE, but I didn't write the steps I took or the resources I used to achieve this. Is anyone able to help me make this work? I had also tried to use NekoRay which was able to achieve this successfully, but it was using google's dns instead of pi-hole and I can't figure out how to change it. Github issue
Last edited by PatoPan (2023-07-19 19:08:57)
Offline