-
-
Notifications
You must be signed in to change notification settings - Fork 483
Examples
Important Note: Please make sure that your proxy server is not running locally, e.g.
127.0.0.1:1080
, as this can cause an infinite route loopback. Some interface binding techniques can be used to solve this kind of problem, but users are on their own to solve it, as it is a proxy server-side issue.
Create TUN interface tun0
and assign an IP address for it.
ip tuntap add mode tun dev tun0
ip addr add 198.18.0.1/15 dev tun0
ip link set dev tun0 up
Configure the default route table with different metrics. Let's say the primary interface is eth0
and gateway is 172.17.0.1
.
ip route del default
ip route add default via 198.18.0.1 dev tun0 metric 1
ip route add default via 172.17.0.1 dev eth0 metric 10
Start tun2socks and bind it to the primary interface.
tun2socks -device tun0 -proxy socks5://host:port -interface eth0
Note: sometimes we need to disable rp_filter
for the corresponding interface so that it can receive packets from other interfaces.
sysctl net.ipv4.conf.all.rp_filter=0
sysctl net.ipv4.conf.eth0.rp_filter=0
In macOS, we need to start tun2socks first so that it will create TUN interface for us.
tun2socks -device utun123 -proxy socks5://host:port -interface en0
Use ifconfig
to bring the TUN interface up and assign addresses for it.
sudo ifconfig utun123 198.18.0.1 198.18.0.1 up
Add these specific routes so that tun2socks can handle primary connections.
sudo route add -net 1.0.0.0/8 198.18.0.1
sudo route add -net 2.0.0.0/7 198.18.0.1
sudo route add -net 4.0.0.0/6 198.18.0.1
sudo route add -net 8.0.0.0/5 198.18.0.1
sudo route add -net 16.0.0.0/4 198.18.0.1
sudo route add -net 32.0.0.0/3 198.18.0.1
sudo route add -net 64.0.0.0/2 198.18.0.1
sudo route add -net 128.0.0.0/1 198.18.0.1
sudo route add -net 198.18.0.0/15 198.18.0.1
To use it in windows, download wintun to the tun2socks folder or the system PATH and start the program.
tun2socks -device wintun -proxy socks5://host:port
Same as macOS version, but we don't need to bring up the interface by hand, the only thing we need is to assign an IP address to it.
netsh interface ip set address name="wintun" source=static addr=192.168.123.1 mask=255.255.255.0 gateway=none
Then route default traffic to TUN interface and make proxy server ip as an exception.
route add 0.0.0.0 mask 0.0.0.0 192.168.123.1 if <IF NUM> metric 5
route add <server ip> mask 255.255.255.255 <primary gateway ip>
See this issue: #123