go-any-proxy
go-any-proxy copied to clipboard
ryanchapman
Failed to proxy
2021/07/29 18:10:56 any_proxy.go:705: : INFO : handleConnection(): can not handle this connection, error occurred in getting original destination ip address/port: protocol not $ 2021/07/29 18:10:56 any_proxy.go:485: : INFO : GETORIGINALDST|MyIpHere:36895->?->FAILEDTOBEDETERMINED|ERR: getsocketopt(SO_ORIGINAL_DST) failed: protocol not available
I tried to do minecraft proxy setup :/
Sounds like you are missing a -j REDIRECT rule in iptables.
What does iptables -L -nv look like on the router/firewall machine running any-proxy?
root@ocelotmc:~/go-any-proxy# iptables -L -nv Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination
What rules should i add?
./any_proxy -l 0.0.0.0:25565 -d MinecraftServerIp:25565
Thats command im using
Yep, there isn't a REDIRECT rule in there.
What are you trying to use any-proxy for? Curious if it's the best tool for what you are trying to accomplish. Typically, you have a situation where an application is not proxy aware, and there is no direct access to the internet on the network. You see this in older corporate networks (think a company like a soft drink maker in America). They have no routes to the internet from the internal network and force all traffic through a web proxy like McAfee Web Gateway.
any-proxy (along with iptables) is able to take packets intended to go through a direct route to the internet and instead redirect them to a web proxy that has internet access. Before I wrote any-proxy, other programs like squid could do something similar, but they all required decrypting the data first. I wanted a program that didn't decrypt the data, and could redirect any tcp protocol.
I want to simply use it to make something like ddos protection for my minecraft server i mean:
Proxy > Minecraft Server
But the problem with other tools that make something like this (minecraft-relay-server for example) is that it's nearly impossible to forward real player's ip to minecraft server with this tool.
So when im using minecraft-relay-server and player join my minecraft server thro this proxy i only have PROXY IP not player public ip adress, so for example IPBanning wouldnt work :/
I thinked that transparent proxying would give me simillar effect like minecraft-relay-server but fix problem with users IP
I'm afraid any-proxy isn't designed for this purpose. Usually any-proxy assumes it is talking to a proxy, not a server. For example, if a packet was originally destined for 1.2.3.4 on port 443, the first thing any-proxy will do when it connects to the next hop (-p)is to send CONNECT 1.2.3.4:443.
That being said, the direct (-d) option might work, but I doubt it. You'll first need to get a iptables redirect rule on the machine where any-proxy is running. The machine where any-proxy is running usually needs to be the router (default route) on your network. any-proxy is only intended to accept connections from iptables, not from a client program (or from clients on the internet).
You may need to modify the source code to get what you're looking for, but not sure.
Wish I had more time to help, because this sounds interesting. But unfortunately my day job consumes most of my time these days.
Sadly i spent like 5 days already to find solution about this problem :/
And i did very big research about it and No solutions So far.
czw., 29 lip 2021, 18:45 użytkownik Ryan A. Chapman < @.***> napisał:
I'm afraid any-proxy isn't designed for this purpose. Usually any-proxy assumes it is talking to a proxy, not a server. For example, if a packet was originally destined for 1.2.3.4 on port 443, the first thing any-proxy will do when it connects to the next hop (-p)is to send CONNECT 1.2.3.4:443.
That being said, the direct (-d) option might work, but I doubt it. You'll first need to get a iptables redirect rule on the machine where any-proxy is running. The machine where any-proxy is running usually needs to be the router (default route) on your network. any-proxy is only intended to accept connections from iptables, not from a client program (or from clients on the internet).
You may need to modify the source code to get what you're looking for, but not sure.
Wish I had more time to help, because this sounds interesting. But unfortunately my day job consumes most of my time these days.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/ryanchapman/go-any-proxy/issues/32#issuecomment-889301209, or unsubscribe https://github.com/notifications/unsubscribe-auth/ATSISN7UFGUIGHC2L2IZFMTT2GAT3ANCNFSM5BGZKEDQ .