[Feature] [UDP DNS] Ignore/redirect request based on port/protocol
engageub opened this issue · comments
Description
Hi,
I am using TUN_EXCLUDED_ROUTES to ignore DNS IP address. I would like to ignore all the DNS requests/UDP requests instead of specifying each IP.
Could you please let me know if there is option available to ignore all DNS requests or ignore based on port instead of IP address.
If not is there any alternate way to send DNS requests to eth adapter instead of tun adapter.
This is to ensure UDP requests are not blocked.
With respect to the code
tun2socks/docker/entrypoint.sh
Line 45 in d061f1c
Adding ip in the following line works
ip rule add to "$addr" table main
Could you please let me know how to add all ips for a particular port to be added to main.
Is there a direct command with which I can redirect all udp traffic via table main?
Thank you
Is this feature related to a specific bug?
time="2023-05-08T21:13:47Z" level=warning msg="[UDP] dial 4.2.2.4:53: client handshake: UDP ASSOCIATE: command not supported"
time="2023-05-08T21:14:47Z" level=warning msg="[UDP] dial 4.2.2.4:53: client handshake: UDP ASSOCIATE: command not supported"
time="2023-05-08T21:14:47Z" level=warning msg="[UDP] dial 4.2.2.4:53: client handshake: UDP ASSOCIATE: command not supported"
Do you have a specific solution in mind?
Providing an option similar to TUN_EXCLUDED_ROUTES should be fine. For example TUN_EXCLUDED_PORTS or TUN_EXCLUDED_PROTOCOL to ignore based on port or protocol.
This issue can be alleviated by using the fwmark on the OUTPUT chain, but the priority issue is worth discussing, such as how to verdict a request if it is both in TUN_EXCLUDED_ROUTES
and TUN_INCLUDE_PORTS
at the same time
I got this working by using ip rules. Closing this