[Bug Report] Does not work with forward proxy

Question

[Bug Report] Does not work with forward proxy

lukebakare opened this issue 5 months ago · comments

Checks

I have searched the existing issues
I have read the documentation
Is it your first time sumbitting an issue

Current Behavior

I am running dae with squid configured as a forward proxy. While running dae I'm not able to connect to anything on the internet.
I have read the documentation and don't understand what a subscription is so have left that out of my config, there's no mention of how to configure it anywhere in this repo.

Log output:
[Jan 26 03:40:33] INFO Include config files: [config.dae]
[Jan 26 03:40:33] INFO Loading eBPF programs and maps into the kernel...
[Jan 26 03:40:33] INFO The loading process takes about 120MB free memory, which will be released after loading. Insufficient memory will cause loading failure.
[Jan 26 03:40:37] INFO Loaded eBPF programs and maps
[Jan 26 03:40:37] INFO Bind to WAN: enX0
[Jan 26 03:40:37] INFO Group "my_group" node list:
[Jan 26 03:40:37] INFO squid
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=tcp4
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=tcp6
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=udp4(DNS)
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=udp6(DNS)
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=tcp4(DNS)
[Jan 26 03:40:37] INFO Group selects dialer dialer=squid group=my_group network=tcp6(DNS)
[Jan 26 03:40:37] INFO Routing match set len: 6/64
[Jan 26 03:40:37] INFO ALIVE --udp4(DNS)-> NOT ALIVE: dialer=squid group=my_group
[Jan 26 03:40:37] INFO Group has no dialer alive group=my_group network=udp4(DNS)
[Jan 26 03:40:37] INFO ALIVE --udp6(DNS)-> NOT ALIVE: dialer=squid group=my_group
[Jan 26 03:40:37] INFO Group has no dialer alive group=my_group network=udp6(DNS)

Expected Behavior

To connect to the the internet, for instance curl cloudflare.com

Steps to Reproduce

I'm running on Amazon Linux 2023, my config is below:

global {
    tproxy_port: 12345
    tproxy_port_protect: true
    so_mark_from_dae: 0
    log_level: info
    disable_waiting_network: false
    wan_interface: auto
    auto_config_kernel_parameter: true

    tcp_check_url: 'http://cp.cloudflare.com,1.1.1.1,2606:4700:4700::1111'
    tcp_check_http_method: HEAD

    udp_check_dns: 'dns.google.com:53,8.8.8.8,2001:4860:4860::8888'

    check_interval: 30s

    check_tolerance: 50ms


    dial_mode: domain

    allow_insecure: false

    sniffing_timeout: 100ms

    tls_implementation: tls
    utls_imitate: chrome_auto
}

node {
    squid: 'http://[<ipv6 public ip>]:3128'
}

dns {

    upstream {

        alidns: 'udp://dns.alidns.com:53'
        googledns: 'tcp+udp://dns.google.com:53'
    }
    routing {
        request {
            # fallback is also called default.
            fallback: alidns
        }
        response {
            upstream(googledns) -> accept
            !qname(geosite:cn) && ip(geoip:private) -> googledns
            fallback: accept
        }
    }
}

# Node group (outbound).
group {
    my_group {
        policy: min_moving_avg
    }

}

routing {
    pname(systemd-resolved) -> direct

    dip(224.0.0.0/3, 'ff00::/8') -> direct

    dip(geoip:private) -> direct
    dip(geoip:cn) -> direct
    domain(geosite:cn) -> direct

    fallback: my_group
}

Environment

Dae version (use dae --version):
dae version v0.2.2
OS (e.g cat /etc/os-release):
NAME="Amazon Linux"
VERSION="2023"
ID="amzn"
ID_LIKE="fedora"
VERSION_ID="2023"
PLATFORM_ID="platform:al2023"
PRETTY_NAME="Amazon Linux 2023"
ANSI_COLOR="0;33"
CPE_NAME="cpe:2.3:o:amazon:amazon_linux:2023"
HOME_URL="https://aws.amazon.com/linux/"
BUG_REPORT_URL="https://github.com/amazonlinux/amazon-linux-2023"
SUPPORT_END="2028-03-15"
Kernel (e.g. uname -a):
Linux ip-172-31-35-133.eu-west-2.compute.internal 6.1.66-93.164.amzn2023.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Jan 2 23:50:53 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
Others:

Anything else?

No response

dae-prow · Answer 1 · Fri Jan 26 2024 11:58:08 GMT+0800 (China Standard Time)

Thanks for opening this issue!

Sumire (菫) · Answer 2 · Fri Jan 26 2024 12:31:43 GMT+0800 (China Standard Time)

Hi @lukebakare, thanks for raising this. Would you like to try out the latest version, v0.5.1?

mzz · Answer 3 · Fri Jan 26 2024 12:35:00 GMT+0800 (China Standard Time)

https://github.com/daeuniverse/dae/blob/main/docs/en/proxy-protocols.md

pname(squid)->must_direct

lukebakare · Answer 4 · Fri Jan 26 2024 13:00:24 GMT+0800 (China Standard Time)

Thanks for the suggestion, upgrading to the latest version fixed the issue. Out of interest what are subscriptions? I am not able to find information on this.

Hiroto · Answer 5 · Fri Jan 26 2024 14:51:08 GMT+0800 (China Standard Time)

Thanks for the suggestion, upgrading to the latest version fixed the issue. Out of interest what are subscriptions? I am not able to find information on this.

Usage is defined in https://github.com/daeuniverse/dae/blob/main/example.dae#L101-L102

However, in terms of how to generate a subscription link, unfortunately, we cannot provide help. You may need to do your own research on that.