You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hello!
I've been trying so hard in the last few days to route all web traffic made from an openwrt router through the xray server I have on the cloud, with little success. My config is a little different from the standard china gfw circumvention. I can access only some ips from the main router on 192.168.0.0/24 and thankfully some of them are hosted by cloudfront, so I can access the web using HTTPUpgrade transport + Shadowsocks for encryption via plain http domain fronting (my fw network does not check for Host header and absolute privacy is not a concern here, just fw circumvention).
Config in v2rayN on macos works flawlessly, reaching almost-native speeds and ipleaks gives whatever my aws cloud instance has as dns servers. xray-core binary on openwrt works as well, and I am able to curl any website using curl -x socks5h://127.0.0.1:10808 https://any.website.com/
Note i used socks5h, because that's the deal. The default dns got from 192.168.0.1 resolves only a few hostnames, including the cloudfront one. All the other dns traffic has to be routed through proxy.
After many days of trial and error with iptables, nft, fw4 on openwrt, I've been able to forward tcp+udp traffic through tproxy but not dns traffic. So at some point wifi clients were able to curl https://1.1.1.1/ for instance, but not https://one.one.one.one. I tried anything, from disabling dnsmasq on router and exposing the local :53 dns server from xray to dns config in config.json but either the local dns (which should resolve the cdn hostname) gets overridden by 1.1.1.1 with no connection or it did just not resolve.
I don't need any geospecific routing or all the features that comes with luci apps tailored for china users. Is there a way to resolve the cdn hostname via 192.168.0.1 and everything else via proxy? This should also be able to expose a dns server at 192.168.1.1:53.
reacted with thumbs up emoji reacted with thumbs down emoji reacted with laugh emoji reacted with hooray emoji reacted with confused emoji reacted with heart emoji reacted with rocket emoji reacted with eyes emoji
Uh oh!
There was an error while loading. Please reload this page.
-
Hello!
I've been trying so hard in the last few days to route all web traffic made from an openwrt router through the xray server I have on the cloud, with little success. My config is a little different from the standard china gfw circumvention. I can access only some ips from the main router on 192.168.0.0/24 and thankfully some of them are hosted by cloudfront, so I can access the web using HTTPUpgrade transport + Shadowsocks for encryption via plain http domain fronting (my fw network does not check for Host header and absolute privacy is not a concern here, just fw circumvention).
Config in v2rayN on macos works flawlessly, reaching almost-native speeds and ipleaks gives whatever my aws cloud instance has as dns servers. xray-core binary on openwrt works as well, and I am able to curl any website using curl -x socks5h://127.0.0.1:10808 https://any.website.com/
Note i used socks5h, because that's the deal. The default dns got from 192.168.0.1 resolves only a few hostnames, including the cloudfront one. All the other dns traffic has to be routed through proxy.
After many days of trial and error with iptables, nft, fw4 on openwrt, I've been able to forward tcp+udp traffic through tproxy but not dns traffic. So at some point wifi clients were able to curl https://1.1.1.1/ for instance, but not https://one.one.one.one. I tried anything, from disabling dnsmasq on router and exposing the local :53 dns server from xray to dns config in config.json but either the local dns (which should resolve the cdn hostname) gets overridden by 1.1.1.1 with no connection or it did just not resolve.
I don't need any geospecific routing or all the features that comes with luci apps tailored for china users. Is there a way to resolve the cdn hostname via 192.168.0.1 and everything else via proxy? This should also be able to expose a dns server at 192.168.1.1:53.
Thanks to everyone that will help me
Beta Was this translation helpful? Give feedback.
All reactions