-
Hi, sorry for the late response. Actually changing the last line:
socat tcp-listen:$PORT,reuseaddr,fork,range=127.0.0.1/32 tcp-connect:10.100.0.2:$PORT &
tosocat tcp-listen:$PORT,reuseaddr,fork,range=192.168.1.0/24 tcp-connect:10.100.0.2:$PORT &
should be sufficient as long iptables allows $PORT.In the past I used nginx to proxy to localhost, this was on a remote machine. Meanwhile I switched to rtorrent and Flood/rutorrent. Since rtorrent does the socket stuff out of the box I don't need the last line anymore.
Edited by MatFi -
Where do you think a problem can be?
no idea but maybe we will find out. When this happens what is about other dns-servers? you can test in with:
ip netns exec vpn drill gitlab.com @1.1.1.1 ip netns exec vpn drill gitlab.com @8.8.8.8
If a DNS server is provided by the wireguard config file, comment out the following lines to use the VPN-providers DNS.
#mkdir -p /etc/netns/vpn #echo "nameserver 1.1.1.1" > /etc/netns/vpn/resolv.conf #echo "nameserver 1.0.0.1" >> /etc/netns/vpn/resolv.conf
some dns-servers may block traffic from VPN endpoints because of DNS amplification attacks
Edited by MatFi -
Thanks. I ran some tests and got myself even more confused. My wireguard conf provides DNS and i commented out creation of resolv.conf before. Command
ip netns exec vpn dig gitlab.com @1.1.1.1
works fine, but in the same time qBittorrent instantly says "Not working" for every tracker which require name resolution and not just straigth IP, but after reboot it starts working again. I will try and launch qbittorrent regularly without vpn, netns and see what is going to happend.
Please register or sign in to comment