Tun2socks redirect all traffic

kostin · October 28, 2025, 8:10am

Cudy TR1200. OpenWrt 23.05.5 as Socks5 client

Create inteface tun0 in /etc/config/network
#curl --interface tun0 ifconfig.me work, I see Socks5 server ip
#logread -f -e tun2socks
Tue Oct 28 08:02:26 2025 daemon.info tun2socks[1414]: time="2025-10-28T08:02:26Z" level=info msg="[TCP] 172.16.250.1:51376 <-> 34.160.111.145:80"

How to redirect all trafic in tun0?

frollic · October 28, 2025, 8:42am

Same as in Setup transparent redirect of local traffic to proxy - #4 by frollic ?

23.05 is EOL, you should upgrade.

kostin · November 4, 2025, 7:17pm

I create t2socks.nft

# cat /etc/nftables.d/t2socks.nft
chain tun2socks {
        type nat hook prerouting priority dstnat; policy accept;
        # skip for local ip ranges
        ip daddr 0.0.0.0/8      return
        ip daddr 10.0.0.0/8     return
        ip daddr 100.64.0.0/10  return
        ip daddr 127.0.0.0/8    return
        ip daddr 169.254.0.0/16 return
        ip daddr 172.16.0.0/12  return
        ip daddr 192.168.0.0/16 return
        ip daddr 198.18.0.0/15  return
        ip daddr 224.0.0.0/4    return
        ip daddr 240.0.0.0/4    return
        # everything else tcp = redirect
        ip protocol tcp redirect to tun0
}

but after restart work only local trafic.
tun0 is virtual interface

# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP qlen 1000
    link/ether 80:af:ca:ca:fd:27 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::82af:caff:feca:fd27/64 scope link
       valid_lft forever preferred_lft forever
4: tun0: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UNKNOWN qlen 500
    link/[65534]
    inet 172.16.250.1/24 brd 172.16.250.255 scope global tun0
       valid_lft forever preferred_lft forever
    inet6 fe80::ac58:4bd4:4fe5:40d1/64 scope link flags 800
       valid_lft forever preferred_lft forever
8: br-lan: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether 80:af:ca:ca:fd:27 brd ff:ff:ff:ff:ff:ff
    inet 192.168.229.1/24 brd 192.168.229.255 scope global br-lan
       valid_lft forever preferred_lft forever
    inet6 fdc9:6a2c:3d94::1/60 scope global noprefixroute
       valid_lft forever preferred_lft forever
    inet6 fe80::82af:caff:feca:fd27/64 scope link
       valid_lft forever preferred_lft forever
9: eth0.1@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-lan state UP qlen 1000
    link/ether 80:af:ca:ca:fd:27 brd ff:ff:ff:ff:ff:ff
10: eth0.2@eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP qlen 1000
    link/ether 80:af:ca:ca:fd:27 brd ff:ff:ff:ff:ff:ff
    inet 192.168.188.28/24 brd 192.168.188.255 scope global eth0.2
       valid_lft forever preferred_lft forever
    inet6 fe80::82af:caff:feca:fd27/64 scope link
       valid_lft forever preferred_lft forever

What i do wrong?