Skip to content
This repository has been archived by the owner on Aug 22, 2021. It is now read-only.

How does the tun2socks support iOS? #90

Open
made-by-love opened this issue Jan 9, 2020 · 10 comments
Open

How does the tun2socks support iOS? #90

made-by-love opened this issue Jan 9, 2020 · 10 comments

Comments

@made-by-love
Copy link

made-by-love commented Jan 9, 2020
edited
Loading

Hello,

I need tun2socks feature on iOS, how to build it for iOS app?

Did someone builds it for iOS before?
@ambrop72
Copy link
Owner

ambrop72 commented Jan 9, 2020

It's not supported in this project. It can probably be coded by utilizing the iOS VPN API. I can't offer any help with Apple support.

@made-by-love
Copy link
Author

OK, thank you, I'll try to build the tun2socks into an iOS app.

@made-by-love
Copy link
Author

It's not supported in this project. It can probably be coded by utilizing the iOS VPN API. I can't offer any help with Apple support.

Hello @ambrop72 , I have a question, what's the difference between SocksUdpGwClient.c and udpGw?

On client side, do I need to compile the udgGw folder? Why not forward UDP directly to a socks5 server which supports UDP also? It doesn't need a udpGw running on server side then.

I found the shadowsocks project is using badvpn tun2socks module to forward tcp/udp packets to shadowsocks server directly, no need of updGw.

https://github.com/shadowsocks/tun2socks-iOS/tree/experiment/tun2socks
and
https://github.com/shadowsocks/badvpn/tree/shadowsocks-android/tun2socks

@ambrop72
Copy link
Owner

Not all SOCKS servers support UDP and SOCKS UDP performance is often subpar. The existing solution is to do it through a custom TCP protocol with a helper program on the remote side (udpgw).

SocksUdpGwClient is the code in tun2socks which implements the client side of this protocol, and udpgw is the remote program which proxies between tun2socks and actual UDP.

SOCKS UDP support was implemented in pull request #71 which I plan to merge soon after I fix of its some limitations.

@made-by-love
Copy link
Author

I find the code in #71 , it's not good idea to use the UDP_ASSOCIATE command to remote, it's better to send UDP packet direct to the local UDP socks server, like shadowsocks.

        // Record the address of the new socket bound by the server.
        // For a CONNECT command, this is the address of the TCP client socket to dest_addr.
        // Knowing this address is usually not important.
        // For a UDP_ASSOCIATE command, this is the UDP address to which to send SOCKS UDP.
        // Recording this address is a prerequisite to send traffic on a SOCKS-UDP association.

@bemasc
Copy link
Contributor

bemasc commented Jan 16, 2020

@yzou shadowsocks-libev implements SOCKS5-UDP in a simplified way that allows the behavior you describe. However, SOCKS5 servers in general are not required to offer a fixed UDP server on a known port. For tun2socks to be compatible with SOCKS5 servers other than shadowsocks-libev, it needs to use UDP_ASSOCIATE.

@made-by-love
Copy link
Author

made-by-love commented Jan 16, 2020
edited
Loading

@bemasc I'll try to port the shadowsocks modified badvpn/tun2socks to iOS then, that's only for Android I found on shadowsocks' repo

@abwizeline
Copy link

@yzou Did you manage to support tun2socks in IOS ?

@made-by-love
Copy link
Author

@yzou Did you manage to support tun2socks in IOS ?

I'm trying to make it more stable on iOS.

@abwizeline
Copy link

@yzou Sounds cool. Tun2Socks required fileDescriptor. How did you fetch it from VPN (I belive NEPacketTunnelProvider) ?

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@bemasc @made-by-love @ambrop72 @abwizeline