Yesterday, I upgraded openwrt to 18.06.1,and installed shadowsocks-libev series components. The ss-local and ss-tunnel is running correctly, but ss-redir is not working as I expected. The versions of the mentioned components are as following:
luci-app-shadowsocks-libev - git-18.247.71242-9541751-1
shadowsocks-libev-config - 3.1.3-2
shadowsocks-libev-ss-local - 3.1.3-2
shadowsocks-libev-ss-redir - 3.1.3-2
shadowsocks-libev-ss-rules - 3.1.3-2
shadowsocks-libev-ss-tunnel - 3.1.3-2
Is the openwrt 18.06.1 is not compatible with ss-redir/ss-rules 3.1.3-2 ?
Any help is appreciated.
Hey fasthorse, it's been 25d since you posted, did you get it working?
I'm using the same versions as you and ss-redir is working fine for me.
I'm just having some trouble getting the DNS traffic to go through the VPN. Please let me know if you figured that one out
I met the same problem, too. The transparent proxy doesn't work on some HTTPS sites(e.g. Google, facebook). I even tried https://github.com/shadowsocks/luci-app-shadowsocks, which I used in earlier versions. All the settings are the same, but it doesn't work, same situation.
I am not sure if it is an OpenWrt bug or shadowsocks-libev bug
I got the same exact problem too. Most of the https sites work, but Facebook, Twitter, Google and etc. don't. My OpenWrt is 18.06.2. shadowsocks-libev-ss-tunnel - 3.1.3-3.
But if I don't use the transparent proxy ss-redir and use ss-local, all these sites work. I suspect it's due to the DNS pollution problem, and something is over-writing the ss-tunnel.
Very likely a DNS issue, but not likely that something is hijacking ss-tunnel. There are a few things to check and try
- Does it work if you add 8.8.8.8 to list of
dst_ips_forward
and configure your host to use static dns 8.8.8.8 - How do you configure /etc/config/dhcp to tell dnsmasq to use the tunneled dns service
- What the result of doing
dig twitter.com
- What the result of doing
dig @ss-tunnel-listen-ip -p ss-tunnel-listen-port twitter.com