Replies: 12 comments
-
When using TProxy, Xray needs to set the IP_TRANSPARENT socket option. Try running Xray as the root user. Additionally, the inbound port is set to 12345 instead of 122345 in the iptables rule. |
Beta Was this translation helpful? Give feedback.
-
ps shows me the following:
So yes, it runs as root. 122345 was just a typo. Of course in the config file it set to the correct value. Fixed it in my first message. Thank you! |
Beta Was this translation helpful? Give feedback.
-
Please run the command “iptables -nvL”, I want to see the iptables rules. |
Beta Was this translation helpful? Give feedback.
-
I noticed that the default rule for the INPUT chain in the iptables filter table is set to DROP. When using TProxy, the INPUT chain in the filter table receives packets where the destination IP address is not the local machine's IP address. Please allow those packets to pass through. Example: |
Beta Was this translation helpful? Give feedback.
-
Unfortunately nothing changed.
I've checked the rules for marked packages:
|
Beta Was this translation helpful? Give feedback.
-
I've checked it for IPv6 and it works!
|
Beta Was this translation helpful? Give feedback.
-
I think it can be a security problem, because anyone can mark the packages and get full access on my INPUT? Or I'm wrong? |
Beta Was this translation helpful? Give feedback.
-
Fwmark is only valid on this machine. |
Beta Was this translation helpful? Give feedback.
-
Ok, thanks for clearing. Really sorry for stupid questions :( |
Beta Was this translation helpful? Give feedback.
-
So, IPv6 operates fine.
WTF is wrong with IPv4??? |
Beta Was this translation helpful? Give feedback.
-
No one can help me... 😔 |
Beta Was this translation helpful? Give feedback.
-
Hello everybody! Ask for your help.
Can't set Xray to operate on my router in TPROXY mode.
My inbound:
netstat -ltun shows tcp and udp 12345 ports are oppened.
I've created the needed rule and route:
Then I've added the client:
Аfter these commands the client lose any IPv4 access at all :(
For checking overall Xray config I've changed inbound to:
Then I've added the client:
After this the client get IPv4 of my outbound VPS.
IPv6 stays untouched.
For routing IPv6 I can execute the similar command:
So, Xray can connect to outbound VPS and can operate in redirect mode.
What I do wrong for transparent proxy mode?
xt_TPROXY is loaded.
Please, help...
Beta Was this translation helpful? Give feedback.
All reactions