How to proxy a specific network ( or interface )

rnq0x · October 1, 2024, 6:30pm

Hi all, it's been 9 hours since I've been able to solve an issue with proxying a specific network

For example I have two networks - X-5G and X-SURF.

I need all traffic on the X-SURF network to go through SOCKS5 proxy, and on the X-5G network to go through SOCKS5 proxy, and on the X-5G network normally, without proxy.

trendy · October 1, 2024, 6:39pm

We have discussed it before and the conclusion was that it is not possible.

rnq0x · October 1, 2024, 6:53pm

I still think it is possible, I came up with a solution, but its implementation does not allow my skill in Openwrt.

in v2raya plugin it is possible to configure with RoutingA that if from a certain mask, for example (192.168.5.x), the request will be proxied.

I tried to give different masks for each interface, but no result yet

Does anyone know how to give different masks to interfaces?

trendy · October 1, 2024, 6:57pm

I'm pretty sure that masks don't matter and it can work with the same /24 on all interfaces.
In any case you can change it by editing the network interface.

lleachii · October 1, 2024, 6:57pm

Just edit the interface and change the mask. But I don't understand how changing the network numbering solved the issue.

rnq0x · October 1, 2024, 8:44pm

This is the problem, I put on the interface to issue addresses like 192.168.5.X ( for proxy interface ), everything worked, but if I go to another network, which is issued addresses like 192.168.1.X, it also gives the address of 192.168.5.X

trendy · October 1, 2024, 9:07pm

By "issue" you probably mean the addresses leased by dhcp. And the leased addresses must be limited to the network defined in the interface, otherwise it won't work.

rnq0x · October 1, 2024, 9:11pm

Can I know a little more about it, I don't quite understand you, I'm still a newbie

trendy · October 1, 2024, 9:15pm

If interfaceA has IP 192.168.1.1/24 then the valid IPs which can be leased by dhcp are from 192.168.1.2-254.
Same for interfaceB 192.168.5.1/24, dhcp leases can be .5.2-254/

rnq0x · October 1, 2024, 9:24pm

Okay, well, I'm limiting it, but the problem doesn't go away, it's still 5.X on all networks.

trendy · October 2, 2024, 8:07am

You cannot use the same subnet in different interfaces.

codemarauder · October 2, 2024, 11:17am

What if you divide your /24 into two /25 subnets?

lleachii · October 2, 2024, 11:21am

Or just use two /24's. The point is (as you highlighted also) the networks cannot be the same.

rnq0x · October 2, 2024, 3:05pm

I understand perfectly well how it should work in theory, but in practice I get random IPs.

it can be that I connect to X-PROXY (192.168.5.X) and I get an IP ( 192.168.2.X ) and vice versa.

I have created two interfaces for two wireless networks (the interfaces are connected to br_lan (I tried to connect to LAN as well, the problem remains) and configured them to give out addresses accordingly.

rnq0x · October 2, 2024, 3:39pm

I did this, now on a separate wifi network I have proxying requests going through

I did it with v2raya.

Proxying a single network:

I created a separate interface and gave the IP of 192.168.5.X to the proxied network.

For the regular network the IP is 192.168.1.X

I entered two lines in the RoutingA settings
source(192.168.5.1/24)->proxy
source(192.168.1.1/24)->direct

They mean that if the request was from the 192.168.5.X subnet, the request will be proxied, and if it was from 192.168.1.X, it will not be proxied

Proxying multiple networks to different proxy servers:

It is also possible to make several networks with proxying ( different proxy servers for each network )

Create a separate interface with different subnet masks for each network
For example, for network
X-1 - 192.168.2.X
X-2 - 192.168.3.X
and so on

Next, in the RoutingA configuration of the v2raya plug-in
Preliminarily delete everything from the configuration except for the line - default: proxy
Write the following:
outbound:socks1=socks(address: ..., port: ..., user: '...',pass: '...')

And so you can create several so-called outbound interfaces, changing the name (from above in the example the name is “socks1”, for the next network we make “socks2”, etc.).

Then, at the end of the file, write the following lines
source(192.168.1.1/24) -> direct
source(192.168.2.1/24) -> socks1
source(192.168.3.1/24) -> socks2
etc.

In these lines we bind routing based on which subnet the request was from (by default on routers the subnet 192.168.1.X is global, so if a request comes from this subnet we route it to direct, i.e. we don't proxy it).
If a request comes from subnets 2.X or 3.X etc. we proxy this request to a specific proxy server.

Well run it and test it, hope this helps you!

system · October 12, 2024, 3:39pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.