redsocks icon indicating copy to clipboard operation
redsocks copied to clipboard
verified publisher icon darkk

Feature request: Remote DNS resolution

Open oakaigh opened this issue 6 years ago • 1 comments

@darkk Since TLS1.2 extension exposes SNI hostname it’s still possible to do packet inspection on TCP HTTP/2 traffic and pass the domain name through the tunnel.

Here’s an example, sniproxy, a reverse proxy based on domain name.

http://librelist.com/browser/redsocks/2012/5/15/transparent-proxy-dns-without-public-dns-server/

This is an ancient post that addressed a similar issue on remote DNS resolution. Fake IP addresses are obviously NOT the best solution.

oakaigh avatar Mar 24 '19 23:03 oakaigh

https://github.com/Lochnair/xt_tls/issues/5

oakaigh avatar Mar 27 '19 12:03 oakaigh