[Bug Report] Does not work with forward proxy
lukebakare opened this issue · comments
Checks
- I have searched the existing issues
- I have read the documentation
- Is it your first time sumbitting an issue
Current Behavior
I am running dae with squid configured as a forward proxy. While running dae I'm not able to connect to anything on the internet.
I have read the documentation and don't understand what a subscription is so have left that out of my config, there's no mention of how to configure it anywhere in this repo.
Log output:
[Jan 26 03:40:33] INFO Include config files: [config.dae]
[Jan 26 03:40:33] INFO Loading eBPF programs and maps into the kernel...
[Jan 26 03:40:33] INFO The loading process takes about 120MB free memory, which will be released after loading. Insufficient memory will cause loading failure.
[Jan 26 03:40:37] INFO Loaded eBPF programs and maps
[Jan 26 03:40:37] INFO Bind to WAN: enX0
[Jan 26 03:40:37] INFO Group "my_group" node list:
[Jan 26 03:40:37] INFO squid
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=tcp4
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=tcp6
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=udp4(DNS)
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=udp6(DNS)
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=tcp4(DNS)
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=tcp6(DNS)
[Jan 26 03:40:37] INFO Routing match set len: 6/64
[Jan 26 03:40:37] INFO ALIVE --udp4(DNS)-> NOT ALIVE: dialer=squid group=my_group
[Jan 26 03:40:37] INFO Group has no dialer alive group=my_group network=udp4(DNS)
[Jan 26 03:40:37] INFO ALIVE --udp6(DNS)-> NOT ALIVE: dialer=squid group=my_group
[Jan 26 03:40:37] INFO Group has no dialer alive group=my_group network=udp6(DNS)
Expected Behavior
To connect to the the internet, for instance curl cloudflare.com
Steps to Reproduce
I'm running on Amazon Linux 2023, my config is below:
global {
tproxy_port: 12345
tproxy_port_protect: true
so_mark_from_dae: 0
log_level: info
disable_waiting_network: false
wan_interface: auto
auto_config_kernel_parameter: true
tcp_check_url: 'http://cp.cloudflare.com,1.1.1.1,2606:4700:4700::1111'
tcp_check_http_method: HEAD
udp_check_dns: 'dns.google.com:53,8.8.8.8,2001:4860:4860::8888'
check_interval: 30s
check_tolerance: 50ms
dial_mode: domain
allow_insecure: false
sniffing_timeout: 100ms
tls_implementation: tls
utls_imitate: chrome_auto
}
node {
squid: 'http://[<ipv6 public ip>]:3128'
}
dns {
upstream {
alidns: 'udp://dns.alidns.com:53'
googledns: 'tcp+udp://dns.google.com:53'
}
routing {
request {
# fallback is also called default.
fallback: alidns
}
response {
upstream(googledns) -> accept
!qname(geosite:cn) && ip(geoip:private) -> googledns
fallback: accept
}
}
}
# Node group (outbound).
group {
my_group {
policy: min_moving_avg
}
}
routing {
pname(systemd-resolved) -> direct
dip(224.0.0.0/3, 'ff00::/8') -> direct
dip(geoip:private) -> direct
dip(geoip:cn) -> direct
domain(geosite:cn) -> direct
fallback: my_group
}
Environment
- Dae version (use
dae --version
): - dae version v0.2.2
- OS (e.g
cat /etc/os-release
): - NAME="Amazon Linux"
VERSION="2023"
ID="amzn"
ID_LIKE="fedora"
VERSION_ID="2023"
PLATFORM_ID="platform:al2023"
PRETTY_NAME="Amazon Linux 2023"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2023"
HOME_URL="https://aws.amazon.com/linux/"
BUG_REPORT_URL="https://github.com/amazonlinux/amazon-linux-2023"
SUPPORT_END="2028-03-15" - Kernel (e.g.
uname -a
): - Linux ip-172-31-35-133.eu-west-2.compute.internal 6.1.66-93.164.amzn2023.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Jan 2 23:50:53 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
- Others:
Anything else?
No response
Thanks for opening this issue!
Hi @lukebakare, thanks for raising this. Would you like to try out the latest version, v0.5.1?
https://github.com/daeuniverse/dae/blob/main/docs/en/proxy-protocols.md
pname(squid)->must_direct
Thanks for the suggestion, upgrading to the latest version fixed the issue. Out of interest what are subscriptions? I am not able to find information on this.
Thanks for the suggestion, upgrading to the latest version fixed the issue. Out of interest what are subscriptions? I am not able to find information on this.
Usage is defined in https://github.com/daeuniverse/dae/blob/main/example.dae#L101-L102
However, in terms of how to generate a subscription link, unfortunately, we cannot provide help. You may need to do your own research on that.