badvpn icon indicating copy to clipboard operation
badvpn copied to clipboard
verified publisher icon ambrop72

How does the tun2socks support iOS?

Open codebylove opened this issue 5 years ago • 10 comments

Hello,

I need tun2socks feature on iOS, how to build it for iOS app?

Did someone builds it for iOS before?

codebylove avatar Jan 09 '20 17:01 codebylove

It's not supported in this project. It can probably be coded by utilizing the iOS VPN API. I can't offer any help with Apple support.

ambrop72 avatar Jan 09 '20 18:01 ambrop72

OK, thank you, I'll try to build the tun2socks into an iOS app.

codebylove avatar Jan 10 '20 10:01 codebylove

It's not supported in this project. It can probably be coded by utilizing the iOS VPN API. I can't offer any help with Apple support.

Hello @ambrop72 , I have a question, what's the difference between SocksUdpGwClient.c and udpGw?

On client side, do I need to compile the udgGw folder? Why not forward UDP directly to a socks5 server which supports UDP also? It doesn't need a udpGw running on server side then.

I found the shadowsocks project is using badvpn tun2socks module to forward tcp/udp packets to shadowsocks server directly, no need of updGw.

https://github.com/shadowsocks/tun2socks-iOS/tree/experiment/tun2socks and https://github.com/shadowsocks/badvpn/tree/shadowsocks-android/tun2socks

codebylove avatar Jan 14 '20 16:01 codebylove

Not all SOCKS servers support UDP and SOCKS UDP performance is often subpar. The existing solution is to do it through a custom TCP protocol with a helper program on the remote side (udpgw).

SocksUdpGwClient is the code in tun2socks which implements the client side of this protocol, and udpgw is the remote program which proxies between tun2socks and actual UDP.

SOCKS UDP support was implemented in pull request #71 which I plan to merge soon after I fix of its some limitations.

ambrop72 avatar Jan 14 '20 17:01 ambrop72

I find the code in #71 , it's not good idea to use the UDP_ASSOCIATE command to remote, it's better to send UDP packet direct to the local UDP socks server, like shadowsocks.

        // Record the address of the new socket bound by the server.
        // For a CONNECT command, this is the address of the TCP client socket to dest_addr.
        // Knowing this address is usually not important.
        // For a UDP_ASSOCIATE command, this is the UDP address to which to send SOCKS UDP.
        // Recording this address is a prerequisite to send traffic on a SOCKS-UDP association.

codebylove avatar Jan 16 '20 16:01 codebylove

@yzou shadowsocks-libev implements SOCKS5-UDP in a simplified way that allows the behavior you describe. However, SOCKS5 servers in general are not required to offer a fixed UDP server on a known port. For tun2socks to be compatible with SOCKS5 servers other than shadowsocks-libev, it needs to use UDP_ASSOCIATE.

bemasc avatar Jan 16 '20 17:01 bemasc

@bemasc I'll try to port the shadowsocks modified badvpn/tun2socks to iOS then, that's only for Android I found on shadowsocks' repo

codebylove avatar Jan 16 '20 18:01 codebylove

@yzou Did you manage to support tun2socks in IOS ?

abwizeline avatar Feb 05 '20 10:02 abwizeline

@yzou Did you manage to support tun2socks in IOS ?

I'm trying to make it more stable on iOS.

codebylove avatar Feb 05 '20 14:02 codebylove

@yzou Sounds cool. Tun2Socks required fileDescriptor. How did you fetch it from VPN (I belive NEPacketTunnelProvider) ?

abwizeline avatar Feb 06 '20 08:02 abwizeline