Device: TP-Link RE200 rev4 OpenWrt 22.03.2 r19803-9a599fee93
setup as a wifi repeater in AP+STA mode using travelmate and working as expected....
internet<------(BSSID1)<------ OpenWrt AP+STA(BSSID2) <------wifi devices
the problem:
trying to get a transparent proxy kind of setup on openwrt to forward all traffic to a remote personal shadowsocks server bypassing local blocks and for privacy
note: openvpn and wireguard are not an option due to local DPI blocks... only some vpn services work (eg. Psiphon Pro app) but no openwrt support
i can connect normallly (for now anyways) to shadowsocks server directly with my pc and phone...etc
followed the wiki and the recipe at github. com/openwrt/packages/blob/master/net/shadowsocks-libev/README.md#recipes
I followed the instructions to the letter but cant get it to work....
DNS is not resolving
but i can ping 8.8.8.8, however traceroute first hop is the gateway at BSSID1
I tried to add a static dns 8.8.8.8, the dns resolve but still traceroute going normally through BSSID1
after countless factory resets, fresh sysupgrades and starting over, still cant figure it out....
> config server 'sss0'
> option server '----------removed--------'
> option server_port '8388'
> option method 'chacha20-ietf-poly1305'
> option password '--------removed--------'
> option disabled '1'
>
> config ss_tunnel
> option server 'sss0'
> option local_port '8053'
> option tunnel_address '8.8.8.8:53'
> option mode 'tcp_and_udp'
>
> config ss_redir 'ssr0'
> option disabled '0'
> option server 'sss0'
> option local_address '0.0.0.0'
> option local_port '1100'
> option mode 'tcp_and_udp'
> option reuse_port '1'
>
> config ss_rules 'ss_rules'
> option disabled '0'
> option redir_tcp 'ssr0'
> option redir_udp 'ssr0'
> option src_default 'checkdst'
> option dst_default 'forward'
> option local_default 'forward'
> config dnsmasq
> option domainneeded '1'
> option localise_queries '1'
> option rebind_protection '1'
> option rebind_localhost '1'
> option local '/lan/'
> option domain 'lan'
> option expandhosts '1'
> option authoritative '1'
> option readethers '1'
> option leasefile '/tmp/dhcp.leases'
> option localservice '1'
> option ednspacket_max '1232'
> option noresolv '1'
> option localuse '1'
> list server '127.0.0.1#8053'
> list server '8.8.8.8'
the sys log is flooded by this error
daemon.err /usr/bin/ss-redir[2352]: accept: No file descriptors available
I am admittedly a copy-paster n00b when it comes to anything linux and I cant figure out what's going on after days of researching i find myself at a block ....
maybe I am missing a dependency?
opkg list-installed
> base-files - 1494-r19803-9a599fee93
> busybox - 1.35.0-4
> ca-bundle - 20211016-1
> cgi-io - 2022-08-10-901b0f04-21
> curl - 7.86.0-2
> dnsmasq - 2.86-14
> dropbear - 2022.82-2
> firewall4 - 2022-10-18-7ae5e14b-1
> fstools - 2022-06-02-93369be0-2
> fwtool - 2019-11-12-8f7fe925-1
> getrandom - 2021-08-03-205defb5-2
> hostapd-common - 2022-01-16-cff80b4f-13.1
> ip-tiny - 5.15.0-3
> ipset - 7.15-2
> iptables-mod-tproxy - 1.8.7-7
> iw - 5.16-1
> iwinfo - 2022-08-19-0dad3e66-1
> jansson4 - 2.13.1-2
> jshn - 2022-05-15-d2223ef9-1
> jsonfilter - 2018-02-04-c7e938d6-1
> kernel - 5.10.146-1-e9666887a64a360789aa6721f73945bc
> kmod-cfg80211 - 5.10.146+5.15.58-1-1
> kmod-crypto-aead - 5.10.146-1
> kmod-crypto-ccm - 5.10.146-1
> kmod-crypto-cmac - 5.10.146-1
> kmod-crypto-crc32c - 5.10.146-1
> kmod-crypto-ctr - 5.10.146-1
> kmod-crypto-gcm - 5.10.146-1
> kmod-crypto-gf128 - 5.10.146-1
> kmod-crypto-ghash - 5.10.146-1
> kmod-crypto-hash - 5.10.146-1
> kmod-crypto-hmac - 5.10.146-1
> kmod-crypto-manager - 5.10.146-1
> kmod-crypto-null - 5.10.146-1
> kmod-crypto-rng - 5.10.146-1
> kmod-crypto-seqiv - 5.10.146-1
> kmod-crypto-sha256 - 5.10.146-1
> kmod-gpio-button-hotplug - 5.10.146-3
> kmod-ipt-core - 5.10.146-1
> kmod-ipt-ipset - 5.10.146-1
> kmod-ipt-tproxy - 5.10.146-1
> kmod-leds-gpio - 5.10.146-1
> kmod-lib-crc32c - 5.10.146-1
> kmod-mac80211 - 5.10.146+5.15.58-1-1
> kmod-mt76-core - 5.10.146+2022-09-06-d7054646-4
> kmod-mt7603 - 5.10.146+2022-09-06-d7054646-4
> kmod-mt76x0-common - 5.10.146+2022-09-06-d7054646-4
> kmod-mt76x02-common - 5.10.146+2022-09-06-d7054646-4
> kmod-mt76x0e - 5.10.146+2022-09-06-d7054646-4
> kmod-nf-conntrack - 5.10.146-1
> kmod-nf-conntrack6 - 5.10.146-1
> kmod-nf-flow - 5.10.146-1
> kmod-nf-ipt - 5.10.146-1
> kmod-nf-log - 5.10.146-1
> kmod-nf-log6 - 5.10.146-1
> kmod-nf-nat - 5.10.146-1
> kmod-nf-reject - 5.10.146-1
> kmod-nf-reject6 - 5.10.146-1
> kmod-nf-tproxy - 5.10.146-1
> kmod-nfnetlink - 5.10.146-1
> kmod-nft-core - 5.10.146-1
> kmod-nft-fib - 5.10.146-1
> kmod-nft-nat - 5.10.146-1
> kmod-nft-offload - 5.10.146-1
> kmod-nft-tproxy - 5.10.146-1
> libblobmsg-json20220515 - 2022-05-15-d2223ef9-1
> libc - 1.2.3-4
> libcap - 2.63-1
> libconfig11 - 1.7.3-1
> libcurl4 - 7.86.0-2
> libev - 4.33-1
> libgcc1 - 11.2.0-4
> libipset13 - 7.15-2
> libiwinfo-data - 2022-08-19-0dad3e66-1
> libiwinfo-lua - 2022-08-19-0dad3e66-1
> libiwinfo20210430 - 2022-08-19-0dad3e66-1
> libjson-c5 - 0.15-2
> libjson-script20220515 - 2022-05-15-d2223ef9-1
> liblua5.1.5 - 5.1.5-10
> liblucihttp-lua - 2022-07-08-6e68a106-1
> liblucihttp0 - 2022-07-08-6e68a106-1
> libmbedtls12 - 2.28.1-1
> libmnl0 - 1.0.5-1
> libnftnl11 - 1.2.1-2
> libnghttp2-14 - 1.44.0-1
> libnl-tiny1 - 2021-11-21-8e0555fb-1
> libpcre - 8.45-3
> libpcre2 - 10.37-1
> libpthread - 1.2.3-4
> libsodium - 1.0.18-4
> libubox20220515 - 2022-05-15-d2223ef9-1
> libubus-lua - 2022-06-01-2bebf93c-1
> libubus20220601 - 2022-06-01-2bebf93c-1
> libuci20130104 - 2021-10-22-f84f49f0-6
> libuclient20201210 - 2021-05-14-6a6011df-1
> libucode20220812 - 2022-10-18-00af0650-1
> libustream-wolfssl20201210 - 2022-01-16-868fd881-2
> libwolfssl5.5.1.ee39414e - 5.5.1-stable-3
> libxtables12 - 1.8.7-7
> logd - 2021-08-03-205defb5-2
> lua - 5.1.5-10
> luci - git-20.074.84698-ead5e81
> luci-app-firewall - git-22.089.67563-7e3c1b4
> luci-app-opkg - git-22.273.29004-9f6876b
> luci-app-shadowsocks-libev - git-22.066.30464-cea4277
> luci-app-travelmate - git-22.232.72147-7971fe0
> luci-base - git-22.304.65171-ec905e6
> luci-lib-base - git-20.232.39649-1f6dc29
> luci-lib-ip - git-20.250.76529-62505bd
> luci-lib-jsonc - git-22.097.61921-7513345
> luci-lib-nixio - git-20.234.06894-c4a4e43
> luci-mod-admin-full - git-19.253.48496-3f93650
> luci-mod-network - git-22.300.51227-e076071
> luci-mod-status - git-22.302.42268-2878b35
> luci-mod-system - git-22.264.46172-b6b7da4
> luci-proto-ipv6 - git-21.148.48881-79947af
> luci-proto-ppp - git-21.158.38888-88b9d84
> luci-theme-bootstrap - git-22.288.45147-96ec0cd
> mtd - 26
> netifd - 2022-08-25-76d2d41b-1
> nftables-json - 1.0.2-2.1
> openwrt-keyring - 2022-03-25-62471e69-3
> opkg - 2022-02-24-d038e5b6-1
> procd - 2022-06-01-7a009685-1
> procd-seccomp - 2022-06-01-7a009685-1
> procd-ujail - 2022-06-01-7a009685-1
> resolveip - 2
> rpcd - 2022-09-21-8c852b65-1
> rpcd-mod-file - 2022-09-21-8c852b65-1
> rpcd-mod-iwinfo - 2022-09-21-8c852b65-1
> rpcd-mod-luci - 20210614
> rpcd-mod-rrdns - 20170710
> shadowsocks-libev-config - 3.3.5-7
> shadowsocks-libev-ss-local - 3.3.5-7
> shadowsocks-libev-ss-redir - 3.3.5-7
> shadowsocks-libev-ss-rules - 3.3.5-7
> shadowsocks-libev-ss-tunnel - 3.3.5-7
> sslh - v1.22c-1
> swconfig - 12
> travelmate - 2.1.0-1
> ubox - 2021-08-03-205defb5-2
> ubus - 2022-06-01-2bebf93c-1
> ubusd - 2022-06-01-2bebf93c-1
> uci - 2021-10-22-f84f49f0-6
> uclient-fetch - 2021-05-14-6a6011df-1
> ucode - 2022-10-18-00af0650-1
> ucode-mod-fs - 2022-10-18-00af0650-1
> ucode-mod-ubus - 2022-10-18-00af0650-1
> ucode-mod-uci - 2022-10-18-00af0650-1
> uhttpd - 2022-08-12-e3395cd9-1
> uhttpd-mod-ubus - 2022-08-12-e3395cd9-1
> urandom-seed - 3
> urngd - 2020-01-21-c7f7b6b6-1
> usign - 2020-05-23-f1f65026-1
> wireless-regdb - 2022.08.12-1
> wpad-wolfssl - 2022-01-16-cff80b4f-13.1
> zlib - 1.2.11-6
your help would be highly appreciated....