Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - iwex

Pages1

General Discussion / tun2socks problem

March 25, 2020, 02:50:11 AM

Hello!
I tried to use https://github.com/ambrop72/badvpn/wiki/Tun2socks software, but it says that "TUN not supported on FreeBSD" - https://github.com/ambrop72/badvpn/blob/96b98372776371aff4b8cad312615c8c1e3b75f7/tuntap/BTap.c#L374

Is there any possibility to fix it somehow or do you know some alternatives?
I need to make some Gateway to socks5 connection.

Thank you!

19.7 Legacy Series / OpenVPN log file

November 27, 2019, 12:40:00 PM

Hello! it's strange, but when I read openvpn logs with `less` command - they are not chronological. What can be wrong?

Code Select


Nov 27 13:37:44 opnsense openvpn[58119]: TLS: tls_pre_encrypt: key_id=0 
Nov 27 13:37:44 opnsense openvpn[58119]: UDPv4 WRITE [45] to [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=44 
Nov 27 13:37:44 opnsense openvpn[58119]: TUN READ [40] 
Nov 27 13:37:44 opnsense openvpn[58119]: TLS: tls_pre_encrypt: key_id=0 
Nov 27 13:37:44 opnsense openvpn[58119]: UDPv4 WRITE [45] to [AF_INET***:7105: P_DATA_V1 kid=0 DATA len=44 
Nov 27 13:37:44 opnsense openvpn[58119]: UDPv4 READ [1345] from [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=1344 
Nov 27 13:37:44 opnsense openvpn[58119]: TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET]***:7105 
Nov 27 13:37:44 opnsense openvpn[58119]: PID_TEST [0] [SSL-0] [0000000000000000000000000000111111111112222222222222222222222233] 0:4055 0:4056 t=1574854664[0] r=[-3,64,15,0,1] sl=[41,64,64,528] 
Nov 27 13:37:44 opnsense openvpn[58119]: TUN WRITE [1340] 
Nov 27 13:37:44 opnsense openvpn[58119]: UDPv4 READ [1000] from [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=999 
Nov 27 13:37:44 opnsense openvpn[58119]: TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET]***:7105 
Nov 27 13:37:44 opnsense openvpn[58119]: PID_TEST [0] [SSL-0] [0000000000000000000000000000011111111111222222222222222222222223] 0:4056 0:4057 t=1574854664[0] r=[-3,64,15,0,1] sl=[40,64,64,528] 
Nov 27 13:37:44 opnsense openvpn[58119]: TUN WRITE [995] 
[b]Nov 27 13:37:44[/b] opnsense openvpn[58119]: TUN READ [40] 
[b]Nov 27 13:37:18[/b] opnsense openvpn[58119]: UDPv4 READ [156] from [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=155 
Nov 27 13:37:18 opnsense openvpn[58119]: TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET***:7105 
Nov 27 13:37:18 opnsense openvpn[58119]: PID_TEST [0] [SSL-0] [0000000000000000000000000000000000000000000000000000001222222222] 0:3757 0:3758 t=1574854638[0] r=[-2,64,15,0,1] sl=[19,64,64,528] 
Nov 27 13:37:18 opnsense openvpn[58119]: TUN WRITE [151] 
Nov 27 13:37:18 opnsense openvpn[58119]: UDPv4 READ [83] from [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=82 
Nov 27 13:37:18 opnsense openvpn[58119]: TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET]***:7105 
Nov 27 13:37:18 opnsense openvpn[58119]: PID_TEST [0] [SSL-0] [0000000000000000000000000000000000000000000000000000000122222222] 0:3758 0:3759 t=1574854638[0] r=[-2,64,15,0,1] sl=[18,64,64,528] 
Nov 27 13:37:18 opnsense openvpn[58119]: TUN WRITE [78] 
Nov 27 13:37:18 opnsense openvpn[58119]: TUN READ [40] 
Nov 27 13:37:18 opnsense openvpn[58119]: TLS: tls_pre_encrypt: key_id=0 
Nov 27 13:37:18 opnsense openvpn[58119]: UDPv4 WRITE [45] to [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=44 
Nov 27 13:37:19 opnsense openvpn[58119]: TUN READ [40] 
Nov 27 13:37:19 opnsense openvpn[58119]: TLS: tls_pre_encrypt: key_id=0 
Nov 27 13:37:19 opnsense openvpn[58119]: UDPv4 WRITE [45] to [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=44

19.7 Legacy Series / Re: Wireguard Gateway

November 13, 2019, 02:33:43 PM

Wow, thank you! I didn't see Advances button :-[

19.7 Legacy Series / Re: Wireguard Gateway

November 13, 2019, 11:33:42 AM

No, OPNsense is client. I have a server on some VPS

19.7 Legacy Series / Re: Wireguard Gateway

November 13, 2019, 11:06:24 AM

I need a gateway to specify it in Firewall Rules https://i.imgur.com/0jOzNit.png

19.7 Legacy Series / Re: Wireguard Gateway

November 13, 2019, 10:38:52 AM

I saw that guide but, but it doesn't help. That guide is a bit old because gateway IP "dynamic" is not working

19.7 Legacy Series / Re: Wireguard Gateway

November 13, 2019, 10:27:04 AM

I have wireguard server on VPS, found these iptables rules in some guides. If I connect to this server from my own PC - ping to 10.8.0.1 is working, and all my traffic go through wireguard.

19.7 Legacy Series / Wireguard Gateway

November 12, 2019, 07:12:13 PM

Hi guys. I want to use wireguard gateway to redirect traffic using firewall rules and aliases. How should I create a new Gateway for wireguard? Maybe I forgot to add something to firewall?
Here is my settings:
Server:

Code Select


[Interface]
Address = 10.8.0.1/24
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PrivateKey = XXX

[Peer]
PublicKey =XXX
AllowedIPs = 10.8.0.2/32

19.7 Legacy Series / DNS issue when setting gateway in LAN Rules

October 19, 2019, 08:18:16 PM

Hello! When I'm changing "Default allow LAN to any rule" gateway from "default" to my "WAN_DHCP" - DNS resolver stops working.
nslookup shows "connection timed out; no servers could be reached", I use default "Unbound DNS"

Pages1