Shadowsocks with RethinkDNS #424
Comments
|
If Shadowsocks clients you use support SOCK5, then you could forward traffic to it via a SOCKS5 proxy (TCP-only, for now) by configuring it from RethinkDNS settings page.
As for native support for Shadowsocks: I am leaning towards adding support for WireGuard first (#52) and may be eventually add Shadowsocks support too. In fact, integrating Shadowsocks is likely easier of the two... |
|
Big thank you for the tutorial :) Sadly I cannot use the Firewall because Shadowsocks needs its own VPN-instance ;-( this is one of the features I cannot find in any app: Connecting to Shadowsocks, having a firewall for whitelisting and the possibility to allow local network. Would this be possible, if RethinkDNS gets native support for Shadowsocks? |
|
Is there a rough timeline where this features can be expected? I am just asking because Shadowsocks + LAN + Firewall is not possible in any constellation out there til now ;-( |
|
Shadowsocks + LAN? March 2022, but no guarantees. (: We are midway replacing our network engine in preparation for WireGuard, and so far, that has turned out to be very tricky given how the codebase is setup. |
|
please track progress here: #37 I know I said March 2022... but things got out of hand for a bit with the serverside stuff we have running. That took away at least 3 months of my time that otherwise I would have spent working on the app. But now: We're back on track to integrate WireGuard. Shadowsocks... is possible too. Let's see. But the timeline for it is way further out. |
Use other clients that support local SOCKS5 exposure, like v2rayNG or SagerNet. |
|
@PoneyClairDeLune Shadowsocks will work with your suggestion, but Wireguard is UDP by default and doesn't accept TCP. SagerNet/Matsuri offers SOCKS5 local proxy for Wireguard but Rethink only supports TCP for SOCKS5 therefore => Rethink + SagerNet (Wireguard) is a no no for now. |
Rethink, since |
|
For everyone who is interested in this thread: My solution is now using InviZible Pro.
This solution will have it's downsides but it works good for me. Only restarting the system seems to offer a weak point.... |
I have v053j but the settings still says "Setup SOCKS5 (TCP) Proxy" |
|
Anyhow, Wireguard integration into Rethink is a very welcome change considering the recent censorship of internet in Iran and given one of Rethink's goals is "circumventing censorship". |
A little background. Shadowsocks, especially with AEAD ciphers, have been officially dead in Iran. |
A label we forgot to change... :D
So: Shadowsocks doesn't work at all? There's report that V2Ray works, so that's a good sign: https://news.ycombinator.com/item?id=33025954 |
Reports are terribly wrong. I've manually diagnosed Shadowsocks packets, not going through at all. Changed encryption, changed protocol, tried several different ports, to no avail. |
Same conclusion as my own reports: Shadowsocks has been fingerprinted and dead. But no specifics as on how it was fingerprinted, maybe it targets non-identifiable high-entropy traffic. In the mean time, V2Ray with HTTPS traffic as transports should still stand. They are tested and has stood for quite some time, at least on cable Internet. Edit: How are OpenVPN and WireGuard? From my reports, they have been all dead too. |
|
Wireguard is still working hence my suggestion for Rethink integration. OpenVPN was working last I checked, but some say it's more detectable than Wireguard. |
Both OpenVPN and WireGuard are not hard to fingerprint, OpenVPN being the easiest. |
Is it possible to connect with shadowsocks while using RethinkDNS as firewall in any way? I have not found a solution or tutorial on my own for this scenario. Please help ;-(
The text was updated successfully, but these errors were encountered: