Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - iwex

Pages: [1]

General Discussion / tun2socks problem

« on: March 25, 2020, 02:50:11 am »

Hello!
I tried to use https://github.com/ambrop72/badvpn/wiki/Tun2socks software, but it says that "TUN not supported on FreeBSD" - https://github.com/ambrop72/badvpn/blob/96b98372776371aff4b8cad312615c8c1e3b75f7/tuntap/BTap.c#L374

Is there any possibility to fix it somehow or do you know some alternatives?
I need to make some Gateway to socks5 connection.

Thank you!

19.7 Legacy Series / OpenVPN log file

« on: November 27, 2019, 12:40:00 pm »

Hello! it's strange, but when I read openvpn logs with `less` command - they are not chronological. What can be wrong?

Code: [Select]

Nov 27 13:37:44 opnsense openvpn[58119]: TLS: tls_pre_encrypt: key_id=0 
Nov 27 13:37:44 opnsense openvpn[58119]: UDPv4 WRITE [45] to [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=44 
Nov 27 13:37:44 opnsense openvpn[58119]: TUN READ [40] 
Nov 27 13:37:44 opnsense openvpn[58119]: TLS: tls_pre_encrypt: key_id=0 
Nov 27 13:37:44 opnsense openvpn[58119]: UDPv4 WRITE [45] to [AF_INET***:7105: P_DATA_V1 kid=0 DATA len=44 
Nov 27 13:37:44 opnsense openvpn[58119]: UDPv4 READ [1345] from [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=1344 
Nov 27 13:37:44 opnsense openvpn[58119]: TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET]***:7105 
Nov 27 13:37:44 opnsense openvpn[58119]: PID_TEST [0] [SSL-0] [0000000000000000000000000000111111111112222222222222222222222233] 0:4055 0:4056 t=1574854664[0] r=[-3,64,15,0,1] sl=[41,64,64,528] 
Nov 27 13:37:44 opnsense openvpn[58119]: TUN WRITE [1340] 
Nov 27 13:37:44 opnsense openvpn[58119]: UDPv4 READ [1000] from [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=999 
Nov 27 13:37:44 opnsense openvpn[58119]: TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET]***:7105 
Nov 27 13:37:44 opnsense openvpn[58119]: PID_TEST [0] [SSL-0] [0000000000000000000000000000011111111111222222222222222222222223] 0:4056 0:4057 t=1574854664[0] r=[-3,64,15,0,1] sl=[40,64,64,528] 
Nov 27 13:37:44 opnsense openvpn[58119]: TUN WRITE [995] 
[b]Nov 27 13:37:44[/b] opnsense openvpn[58119]: TUN READ [40] 
[b]Nov 27 13:37:18[/b] opnsense openvpn[58119]: UDPv4 READ [156] from [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=155 
Nov 27 13:37:18 opnsense openvpn[58119]: TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET***:7105 
Nov 27 13:37:18 opnsense openvpn[58119]: PID_TEST [0] [SSL-0] [0000000000000000000000000000000000000000000000000000001222222222] 0:3757 0:3758 t=1574854638[0] r=[-2,64,15,0,1] sl=[19,64,64,528] 
Nov 27 13:37:18 opnsense openvpn[58119]: TUN WRITE [151] 
Nov 27 13:37:18 opnsense openvpn[58119]: UDPv4 READ [83] from [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=82 
Nov 27 13:37:18 opnsense openvpn[58119]: TLS: tls_pre_decrypt, key_id=0, IP=[AF_INET]***:7105 
Nov 27 13:37:18 opnsense openvpn[58119]: PID_TEST [0] [SSL-0] [0000000000000000000000000000000000000000000000000000000122222222] 0:3758 0:3759 t=1574854638[0] r=[-2,64,15,0,1] sl=[18,64,64,528] 
Nov 27 13:37:18 opnsense openvpn[58119]: TUN WRITE [78] 
Nov 27 13:37:18 opnsense openvpn[58119]: TUN READ [40] 
Nov 27 13:37:18 opnsense openvpn[58119]: TLS: tls_pre_encrypt: key_id=0 
Nov 27 13:37:18 opnsense openvpn[58119]: UDPv4 WRITE [45] to [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=44 
Nov 27 13:37:19 opnsense openvpn[58119]: TUN READ [40] 
Nov 27 13:37:19 opnsense openvpn[58119]: TLS: tls_pre_encrypt: key_id=0 
Nov 27 13:37:19 opnsense openvpn[58119]: UDPv4 WRITE [45] to [AF_INET]***:7105: P_DATA_V1 kid=0 DATA len=44

19.7 Legacy Series / Re: Wireguard Gateway

« on: November 13, 2019, 02:33:43 pm »

Wow, thank you! I didn't see Advances button

19.7 Legacy Series / Re: Wireguard Gateway

« on: November 13, 2019, 11:33:42 am »

No, OPNsense is client. I have a server on some VPS

19.7 Legacy Series / Re: Wireguard Gateway

« on: November 13, 2019, 11:06:24 am »

I need a gateway to specify it in Firewall Rules https://i.imgur.com/0jOzNit.png

19.7 Legacy Series / Re: Wireguard Gateway

« on: November 13, 2019, 10:38:52 am »

I saw that guide but, but it doesn't help. That guide is a bit old because gateway IP "dynamic" is not working

19.7 Legacy Series / Re: Wireguard Gateway

« on: November 13, 2019, 10:27:04 am »

I have wireguard server on VPS, found these iptables rules in some guides. If I connect to this server from my own PC - ping to 10.8.0.1 is working, and all my traffic go through wireguard.

19.7 Legacy Series / Wireguard Gateway

« on: November 12, 2019, 07:12:13 pm »

Hi guys. I want to use wireguard gateway to redirect traffic using firewall rules and aliases. How should I create a new Gateway for wireguard? Maybe I forgot to add something to firewall?
Here is my settings:
Server:

Code: [Select]

[Interface]
Address = 10.8.0.1/24
PostUp = iptables -A FORWARD -i %i -j ACCEPT; iptables -A FORWARD -o %i -j ACCEPT; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE
PostDown = iptables -D FORWARD -i %i -j ACCEPT; iptables -D FORWARD -o %i -j ACCEPT; iptables -t nat -D POSTROUTING -o eth0 -j MASQUERADE
ListenPort = 51820
PrivateKey = XXX

[Peer]
PublicKey =XXX
AllowedIPs = 10.8.0.2/32

19.7 Legacy Series / DNS issue when setting gateway in LAN Rules

« on: October 19, 2019, 08:18:16 pm »

Hello! When I'm changing "Default allow LAN to any rule" gateway from "default" to my "WAN_DHCP" - DNS resolver stops working.
nslookup shows "connection timed out; no servers could be reached", I use default "Unbound DNS"

Pages: [1]