Connecting to a proxy through an SSH tunnel in a GL-AXT1800

Sopesquete · December 16, 2024, 5:45am

Hello

I've been trying to setup this router (used as a repeater connected to a wireless network) to connect to a proxy through an SSH tunnel but I can't get it to work.
What I basically do is connecting to the router through ssh, and subsequently from the router ssh to the proxy.
When checking netstat I can see the port I set up for the socks on LISTEN, but somehow all the LAN devices connected to the router don't go through the tunnel.
I did some experiments with redsocks and got nothing. Also setting up firefox to socks proxy nothing happened, so I suspect the tunnel is not open although the port is on listen (?).
When I open the tunnel in the operating system of a LAN device I am able to connect to the proxy, so the proxy is working. But I want all the traffic from the LAN to go through the tunnel

What am I doing wrong? is it not possible to do with this router?
any idea?
Thanks very much for your time

bruce · December 16, 2024, 8:00am

What program/protocol is the proxy based on you use?

If it proxied all traffic, the router be supposed to ssh to others router via proxy, and actually all traffic.

Can try to capture the network packets by the plugins tcpdump on the router SSH to check the traffic.

Sopesquete · December 16, 2024, 12:22pm

They offer ssh access link, it's in linode.
I'm going to start from scratch and try something else, I'll try to post what tcpdump throws with the plugins
More ideas?
thanks

Sopesquete · December 16, 2024, 5:41pm

Nothing else so far.
The last thing I tried was to establish the tunnel from the router:
ssh -N -C -D 1080 root@*******
I set up redsocks in the router as follows:
base {
log_debug = off;
log_info = on;
daemon = on;
redirector = iptables;
}

redsocks {
local_ip = 127.0.0.1;
local_port = 1080; # Match the SOCKS proxy port
ip = 127.0.0.1;
port = 1080;
type = socks5;
}
I restarted it:
/etc/init.d/redsocks restart
Redirecting LAN:
iptables -t nat -A PREROUTING -i br-lan -p tcp -j REDIRECT --to-port 1080
Creating a firewall rule:
iptables -t nat -A PREROUTING -i br-lan -p tcp -j DNAT --to-destination 127.0.0.1:1080
I added previous two rules to /etc/firewall.user
And NOTHING. Actually I lost connection to router after all that. With slight changes I get connected but traffic doesn't go through any tunnel.

tcpdump with grep 1080 nothing is thrown
¿??
Thanks for your help

Sopesquete · December 17, 2024, 10:32pm

Anyone knows how to connect the router to the proxy routing all LAN traffic through it and leaving the configuration persistent?
Thanks, I'm swamped with so much routersandproxy_things by now