Hi, On Sun, Sep 20, 2015 at 08:58:06PM +0200, Marc Haber wrote: > > > This unfortunately does not work as expected. socat seems to change > > > the UDP source port of the relayed packets every once in a while. The > > > OpenVPN serve does not like that. > > > > Fascinating. Seems socat dies after a while, and when re-starting, it > > gets a new port number... > > ... and keeps its PID, which contradicts your "dies" assumption. I > just guess that it's not geared to forward long lasting UDP > communications.
Now that is weird... if it doesn't restart, why is it rebinding the
socket...
[..]
> > Another option would be to just run a SOCKS proxy on the intermediate
> > box - you can use "--proto udp4 --socks-proxy $server $port" from
> > within OpenVPN. "--proto udp6" *should* work, though I have not found
> > a SOCKS server yet that can actually do UDP+IPv6... (ssh -D can do
> > IPv6, but only TCP...)
>
> Socks will use TCP as tunnel transport, right? I would like to avoid
> that.
I'm far from a SOCKS expert, but what I've gathered from staring at
Arne's socket.c rewrite patches :-) is that SOCKS uses a TCP control
connection, and data passes over a "second socket".
I just checked one of my setups with tcpdumps, and saw it happily talk
UDP to the SOCKS proxy after me pressing <return> in a OpenVPN'ed SSH
session... so it seems to be UDP all right.
("danted" on Ubuntu used on the proxy server)
gert
--
USENET is *not* the non-clickable part of WWW!
//www.muc.de/~gert/
Gert Doering - Munich, Germany g...@greenie.muc.de
fax: +49-89-35655025 g...@net.informatik.tu-muenchen.de
pgpyRXAfITP_I.pgp
Description: PGP signature
------------------------------------------------------------------------------
_______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
