Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

glider 0.4.2 dns queries error #17

Closed
epizza opened this issue Dec 19, 2017 · 10 comments
Closed

glider 0.4.2 dns queries error #17

epizza opened this issue Dec 19, 2017 · 10 comments
Labels
bug

Comments

@epizza
Copy link

epizza commented Dec 19, 2017
edited
Loading

There is a proxy server run with glider in private network. With glider 4.1 everything goes well, I can connect from outside, glider can forward dns queries to dnsmasq.

with glider 4.1:

glider logs:

Dec 19 10:15:10 go glider[5155]: 2017/12/19 10:15:10 proxy-ss 122.96.*.*:44042 <-> docker.local.ht:443
Dec 19 10:15:17 go glider[5155]: 2017/12/19 10:15:17 proxy-redir 10.20.30.1:46190 <-> *.17.222.*:443
Dec 19 10:15:21 go glider[5155]: 2017/12/19 10:15:21 proxy-ss 122.96.*.*:44043 <-> nas.local.ht:5001

dnsmasq logs

Dec 19 09:41:21 dnsmasq[3691]: query[AAAA] docker.local.ht from 127.0.0.1
Dec 19 09:41:21 dnsmasq[3691]: config docker.local.ht is NODATA-IPv6
Dec 19 09:41:21 dnsmasq[3691]: query[A] docker.local.ht from 127.0.0.1
Dec 19 09:41:21 dnsmasq[3691]: config docker.local.ht is 10.20.30.33

Dec 19 09:43:49 dnsmasq[3691]: config plex.local.ht is NODATA-IPv6
Dec 19 09:43:49 dnsmasq[3691]: query[A] plex.local.ht from 127.0.0.1
Dec 19 09:43:49 dnsmasq[3691]: config plex.local.ht is 10.20.30.33
Dec 19 09:43:49 dnsmasq[3691]: query[A] plex.local.ht from 127.0.0.1
Dec 19 09:43:49 dnsmasq[3691]: config plex.local.ht is 10.20.30.33
Dec 19 09:43:49 dnsmasq[3691]: query[AAAA] plex.local.ht from 127.0.0.1
Dec 19 09:43:49 dnsmasq[3691]: config plex.local.ht is NODATA-IPv6

with glider 4.2:

no relevant logs in dnsmasq
glider logs

Dec 19 09:48:05 go glider[4482]: 2017/12/19 09:48:05 proxy-ss 122.96.*.*:43578 <-> py.local.ht:443
Dec 19 09:48:05 go glider[4482]: 2017/12/19 09:48:05 relay error: EOF
Dec 19 09:48:05 go glider[4482]: 2017/12/19 09:48:05 proxy-ss 122.96.*.*:43579 <-> py.local.ht:443
Dec 19 09:48:05 go glider[4482]: 2017/12/19 09:48:05 relay error: EOF
Dec 19 09:48:05 go glider[4482]: 2017/12/19 09:48:05 proxy-ss 122.96.*.*:43580 <-> py.local.ht:443
Dec 19 09:48:05 go glider[4482]: 2017/12/19 09:48:05 relay error: EOF
@nadoo
Copy link
Owner

nadoo commented Dec 19, 2017

Hi @epizza , did you:

  1. set up a glider dnstun or dns forwarding server, and listen on an udp port for dns querying?
    or
  2. just set up a glider ss server, and connect your private domain address remotely?

In the second case, there's no dns query forwarded by glider, can you please check you dnsmasq's config, whether the domain py.local.ht can be correctly resolved?

@epizza
Copy link
Author

epizza commented Dec 19, 2017
edited
Loading

I didn't set up the dns in glider.
*.local.ht are only for my private network.

dnsmasq conf:

address=/docker.local.ht/py.local.ht/10.20.30.33

; <<>> DiG 9.9.7-P3 <<>> @10.20.30.11 py.local.ht
; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51255
;; flags: qr aa rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;py.local.ht.			IN	A

;; ANSWER SECTION:
py.local.ht.		0	IN	A	10.20.30.33

;; Query time: 18 msec
;; SERVER: 10.20.30.11#53(10.20.30.11)
;; WHEN: Tue Dec 19 12:09:06 CST 2017
;; MSG SIZE  rcvd: 42

@nadoo
Copy link
Owner

nadoo commented Dec 19, 2017

On the server where glider is running, execute nslookup py.local.ht in shell, any results?

@epizza
Copy link
Author

epizza commented Dec 19, 2017 

❯ nslookup py.local.ht
Server:		127.0.0.1
Address:	127.0.0.1#53

Name:	py.local.ht
Address: 10.20.30.33

@nadoo
Copy link
Owner

nadoo commented Dec 19, 2017

Hi @epizza, can you access py.local.ht:443 with glider v0.4.1?

@epizza
Copy link
Author

epizza commented Dec 19, 2017

Yes, tried several times with same config.

❯ cat /etc/glider/server.conf
verbose=true

listen=:8443
listen=redir://:5443
listen=ss://AEAD_CHACHA20_POLY1305:trysomepasswd@:4443

forward=ss://AEAD_CHACHA20_POLY1305: trysomepasswd@256.256.256.256:5443
forward=ss://AEAD_CHACHA20_POLY1305: trysomepasswd@257.257.257.257:5443

strategy=ha
checkwebsite=www.gstatic.com
checkduration=60

#ipset=glider

rules-dir=rules.d

❯ cat /etc/glider/rules.d/bypass.rule
# server
ip=256.256.256.256
ip=257.257.257.257

# lan
cidr=0.0.0.0/8
cidr=10.0.0.0/8
cidr=127.0.0.0/8
cidr=169.254.0.0/16
cidr=172.16.0.0/12
cidr=192.168.0.0/16
cidr=224.0.0.0/4
cidr=240.0.0.0/4

# lan
domain=local.ht

@epizza
Copy link
Author

epizza commented Dec 20, 2017
edited
Loading

OK I found the problem. In glider 4.2 direct rule doesn't work.

client ---- ss ---- glider 10 ---- direct ---- private network
                     |---- ss ---- glider 256 ---- public network

client: request py.local.ht:1043 and docker.local.ht:443
glider 10: run with config above
glider 256: add a hosts rule 127.0.0.1 py.local.ht, there is a web service on 1043 port

glider 10 logs:

Dec 20 15:01:38 vmgo glider[1237]: 2017/12/20 15:01:38 proxy-ss 49.95.*.*:38340 <-> py.local.ht:1043
Dec 20 15:09:38 vmgo glider[1237]: 2017/12/20 15:09:38 proxy-ss 49.95.*.*:38364 <-> docker.local.ht:443
Dec 20 15:09:38 vmgo glider[1237]: 2017/12/20 15:09:38 relay error: EOF

glider 256 logs:

Dec 20 15:01:38 hk-data glider[790]: 2017/12/20 15:01:38 proxy-ss 120.*.*.*:47224 <-> py.local.ht:1043
Dec 20 15:09:36 hk-data glider[790]: 2017/12/20 15:09:36 proxy-ss failed to connect to target: dial tcp: lookup docker.local.ht on dnsip:53: no such host
Dec 20 15:09:37 hk-data glider[790]: 2017/12/20 15:09:37 proxy-ss failed to connect to target: dial tcp: lookup docker.local.ht on dnsip:53: no such host
Dec 20 15:09:38 hk-data glider[790]: 2017/12/20 15:09:38 proxy-ss failed to connect to target: dial tcp: lookup docker.local.ht on 127.0.0.1:53: no such host

I can open the py.local.ht:1043 hosted on glider 256.

@nadoo nadoo closed this as completed in 36d8e05 Dec 20, 2017
@nadoo nadoo reopened this Dec 20, 2017
@nadoo
Copy link
Owner

nadoo commented Dec 20, 2017
edited
Loading

Hi @epizza , I've tested and confirmed that bypass rule not worked in the following situation:

  1. has global forwarder;
  2. has bypass rules;
  3. use ss proxy server;

Can you try with the following binary and see whether it worked?
glider.zip

@epizza
Copy link
Author

epizza commented Dec 20, 2017

Direct rule works fine now.

Dec 20 15:20:43 vmgo glider[2193]: 2017/12/20 15:20:43 proxy-ss 49.*.*.*:38018 <-> ros.local.ht:80
Dec 20 15:20:43 vmgo glider[2193]: 2017/12/20 15:20:43 proxy-ss 49.*.*.*:38021 <-> py.local.ht:443

@nadoo
Copy link
Owner

nadoo commented Dec 20, 2017

Thank you very much! 😄

@nadoo nadoo added the bug label Dec 20, 2017
@nadoo nadoo changed the title glider 4.2 dns queries error glider 0.4.2 dns queries error Dec 20, 2017
@nadoo nadoo closed this as completed Dec 22, 2017
nadoo added a commit that referenced this issue Jul 4, 2018
@nadoo
ss: fixed #17, bypass rule has no effect in the following situation: …
47022d6 
…1. has global forwarder; 2. has bypass rules; 3. use ss proxy server;
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@epizza @nadoo