Tun2socks in Qube Whonix or Debian VM

Ted · December 28, 2024, 4:31pm

Hey !
I just wondered if it is possible to run tun2socks in a qubes whonix VM ?

It would need a 2nd network device tun0 and a gateway for eth0 ?

Can someone help me to get it running ? E.g. it should be:

ip route add default via 10.152.152.10 dev eth0 metric 10
Because this is the sys whonix gateway ?

Instructions for tun2socks:

Linux

Create TUN interface tun0 and assign an IP address for it.

ip tuntap add mode tun dev tun0
ip addr add 198.18.0.1/15 dev tun0
ip link set dev tun0 up

Configure the default route table with different metrics. Let’s say the primary interface is eth0 and gateway is 172.17.0.1.

ip route del default
ip route add default via 198.18.0.1 dev tun0 metric 1
ip route add default via 172.17.0.1 dev eth0 metric 10

Start tun2socks and bind it to the primary interface.

tun2socks -device tun0 -proxy socks5://host:port -interface eth0

Note: sometimes we need to disable rp_filter for the corresponding interface so that it can receive packets from other interfaces.

sysctl net.ipv4.conf.all.rp_filter=0
sysctl net.ipv4.conf.eth0.rp_filter=0

Source:

DVM · December 28, 2024, 5:06pm

I’m not sure what the end goal is here. Do you want a permanent exit point for your traffic? If that’s the case, it will limit a lot of Tor features and make you stand out more.

solene · December 28, 2024, 5:17pm

just run this thing in a qube using sys-whonix as a netvm

Ted · December 28, 2024, 5:57pm

The goal is:
Using a socks5 for the whole User VM and route all the traffic through the SYS Whonix VM.

When I try the steps in a debian 12 template VM I get this error:
Error: Nexthop has invalid gateway.
after this step:
ip route add default via 172.17.0.1 dev eth0 metric 10

DVM · December 28, 2024, 6:03pm

Make sure it’s using the correct gateway, which is the IP of the net qube that the app qube is currently connected to. If you haven’t deleted the default route rule yet, it will appear in the default line. You can also check in Qubes manager.

Ted · December 28, 2024, 6:42pm

still dont get a connection…
Maybe I need to adapt the DNS config I think.
In the log I get the this info:
INFO[0005] [UDP] 198.18.0.1:56774 ↔ 10.139.1.2:53

198.18.0.1 is the TUN IP Adress
10.139.1.2 is the qubes whonix dns ?

DVM · December 28, 2024, 6:51pm

Can you reach an IP with your current setup? Like curl -IL 1.1.1.1 ?
Also, open Onion Circuits in sys-whonix and see if you can see your proxy IP there.