DSM-G600, DNS-3xx and NSA-220 Hack Forum

bodbod · 2008-03-19 20:40:46

Hi guys,

Would it be possible to install a Proxy/bouncer/socks5 on the DNS-323 ?
I want to be able to do a private proxy or redirection with a similar soft than this one under windows :

Bouncer 1.0 RC6 betaPublisher's Description:
Bouncer is a network tool which allows you to bypass proxy restrictions and obtain outside connections from an internal LAN. It uses SSL tunnelling, which allows you to obtain a constant streaming connection out of a proxy. If you are restricted behind a proxy and can access secure online ordering sites, then you can get out to whatever host on whatever port you want. It also supports a lot of other features including socks 5, basic authentication, access control lists, and Web-based administration.

I have tried to find a linux version of this one and i did but i do not know if it is fake or not, anyway it does not work (http://www.nagilum.net/bouncer/). If we are using the busybox, I think we have to pass through ipkg for installing but I couldn't find too much documentation on Nylon (nylon - 1.2-4 - Nylon is a small socks4/socks5 proxy server) for helping me to set ip up (http://monkey.org/~marius/pages/?page=nylon).

Any idee or another simple solution with the element below ? :

-identification (login/pass)
-crypting option (if possible)
-socks5
-simplicity in the configuration for a non star in unix commands

thx a million

Last edited by bodbod (2008-03-19 21:02:03)

jules · 2008-03-20 13:30:58

bodbod wrote:
Hi guys,
Would it be possible to install a Proxy/bouncer/socks5 on the DNS-323 ?

Yes it can be done, you can find some precompiled packages for some bouncers in the optware repository, i haven't tried them though.

bodbod · 2008-03-20 18:40:20

Hey Jules,

If you try Nylon, could you let me know the procedure please ?
I am just a bit worried about the configuration file of Nylon and the installation on the DNS-323.

Thx for that

bzhou · 2008-03-20 19:35:40

Once you installed nylon with ipkg, use

Code:

/opt/bin/nylon -h

To see all the options.

I ran it under dtach

Code:

/opt/bin/dtach -A nylon.socks /opt/bin/nylon -v -v -a 192.168.1.0/24 -f

That's it.

(I tested it under other optware platforms, not dns-323)

Last edited by bzhou (2008-03-20 19:36:21)

bodbod · 2008-03-21 01:07:32

ok cool, thx a million bzhou, i ll test that asap

bodbod · 2008-03-21 02:37:46

BusyBox v1.4.2 (2008-01-02 02:11:59 CET) Built-in shell (ash)
Enter 'help' for a list of built-in commands.

xxx@DUBLIN:~# cd ../../mmc
xxx@DUBLIN:/mmc# ipkg -d mmc install nylon_1.21-2_powerpc.ipk
Unpacking nylon...Done.
Configuring nylon...

A template configuration file has been installed in /opt/etc/nylon.conf
Don't forget to edit it according to your needs then run /opt/etc/init.d/S10nylon

Done.
xxx@DUBLIN:/mmc# cd opt/etc/init.d/
xxx@DUBLIN:/mmc/opt/etc/init.d# S10nylon
-sh: S10nylon: not found
xxx@DUBLIN:/mmc/opt/etc/init.d#

Jules, I have tried to run nylon software but it gives me this error message : not found ...
In the package version I have downloaded, it gives me another path for starting the program, I tried to run it from my router which has a 1Go SD card, running under a busybox as well, it should be the same than on the DNS-323... If you know the solution, I would appreciate your point of view.

Thx in advance

Last edited by bodbod (2008-03-21 02:39:16)

bzhou · 2008-03-21 03:14:17

Why is nylon ipk for powerpc?

If you're using optware packages, you better bind mount or symlink /opt. This is very important.

Usually the current directory is not in your PATH, so you need to use ./S10nylon to invoke it. Or use the full path /opt/etc/init.d/S10nylon.

S10nylon is just a shell script, it assumes the actual binary is at /opt/bin/nylon.

To test, you can just invoke /opt/bin/nylon directly.

jules · 2008-03-21 15:58:59

Bodbod, looking at the busybox version it looks like that the code block you posted refers to your attempts on the router that is ppc based.
If you want to install optware on the dns you must use the arm feed.
This post contains all the info you need to make it work: http://dns323.kood.org/forum/t1797-%5Ba … k%27s.html look for instructions post by oxygen and mine on the 2nd page.
The packages you need are: nylon, dtach and the librt lib.
install them and launch nylon with this command:

Code:

/opt/bin/dtach -A nylon.socks /opt/bin/nylon -v -a 192.168.1.0/24 -f -i egiga0 -I egiga0

This will launch nylon in foreground, useful while testing, when you are done kill all the processes and relaunch without the -f.
Does it works? I've tested it only briefly, tried to make a simple connection configuring firefox for using the dns as http proxy. A message reporting "negotiation failed" is always reported. Maybe is just a configuration issue.
There are many other proxies that you can try, if you don't want to compile yourself one you can try srelay contained in the optware feed.
Back to your initial post bodbod, what you need is to access your dns in a secure way and the proxy will handle the rest.
For the first one i can suggest a simple ssh tunneling (on windows you can use putty) or to install openvpn.

bzhou · 2008-03-21 17:52:03

nylon is a socks proxy. So the configuration in firefox should use it as a socks proxy.
There're other http proxy ipk's in the feed.

jules · 2008-03-21 18:00:00

bzhou wrote:
nylon is a socks proxy. So the configuration in firefox should use it as a socks proxy.

Confirmed working.

MiK · 2008-08-17 01:30:21

Are there any other IRC bouncers for the DNS-323? Like perhaps Night Light IRC Proxy?

/MiK

bzhou · 2008-08-17 05:22:26

Code:

ipkg list | grep -i irc
bip - 0.7.2-1 - multi user irc proxy
bitlbee - 1.2.1-1 - A gateway between IRC and proprietary IM networks
ctrlproxy - 3.0.7-1 - An IRC server with multiserver support.
dircproxy - 1.1.0-1 - IRC proxy server
eggdrop - 1.6.17-3 - Eggdrop is a popular Open Source IRC bot
ii - 1.3-1 - ii is a minimalist FIFO and filesystem-based IRC client.
ircd-hybrid - 7.2.2-1 - IRCD Hybrid
irssi - 0.8.12-3 - A terminal based IRC client for UNIX systems.
lirc - 0.8.1-2 - Linux Infrared Remote Control (tira)
miau - 0.6.4-1 - The MIAU IRC Bouncer (Proxy)
weechat - 0.2.6-1 - (Wee Enhanced Environment for Chat) is a fast and light IRC client.
xchat - 2.6.8-1 - Gtk+ based IRC client

MiK · 2008-08-17 14:33:55

Thanks.

bodbod · 2008-11-24 00:22:34

Just like that, would it be possible to have "srelay" or "nylon" compiled for the funplug directly ?
This is the only tool which is missing in the packages I would say.
Thx

bodbod · 2008-11-24 01:19:26

I have installed srelay on the DNS-323, is there somebody who could give me a hand on the configuration, I have edited the following file srelay.conf, here is the

Code:

#
#  srelay.conf
#  $Id: srelay.conf,v 1.3 2003/03/26 20:45:16 bulkstream Exp $
#
#  dest[/mask]            port    proxy        proxy-port
; intranet
172.16.1.0/24            -    192.168.1.1
123.123.123.0/255.255.255.248    any    192.168.1.3
2001:111:1:21::/64        1080    10.1.1.1    
::                21-23    2001::240:2ff:fe3e:b2
c-wind.com            -    x
0.0.0.0                -

I just want to use it as a socks5 and to be able to connect to it from the wan, the DNS has the IP 192.168.1.203 and the router has 192.168.1.1
I would be keen for deleting all the rows and let just the 0.0.0.0

then I would run the following command : /mnt/HD_a2/ipkg/opt/bin/srelay -i :8080 -a n

but i have the following error :

Code:

no server socket prepared, exitting...
cannot init server socket(-i)

can somebody help me please ?

shipiboconibo · 2009-02-24 17:41:35

jules wrote:
bzhou wrote:
nylon is a socks proxy. So the configuration in Firefox should use it as a socks proxy.
Confirmed working.

Can you provide any further details to get this working? I have installed nylon, dtach, and librt.

I started it with this command per Jules' previous post:

Code:

/opt/bin/dtach -A nylon.socks /opt/bin/nylon -v -a 192.168.1.0/24 -f -i egiga0 -I egiga0

It starts and runs fine, but when I test with Firefox it says...

Code:

/opt/bin/nylon: Listening on NAS:1080
/opt/bin/nylon: Negotiation failed

...in Nylon, and...

Code:

Connection Interrupted
The connection to the server was reset while the page was loading.
The network link was interrupted while negotiating a connection. Please try again.

...in Firefox.

Any ideas?

I am basically just trying to set up a proxy that I can use to go on IRC at work and not worry about being the catalyst of countless DOS attacks on our in house servers, haha. It would be nice to use Firefox through the proxy as well. Fwiw, I am not testing this remotely, I'm doing it all on my local network at this point with nothing except a gigabit switch between my PC and the DNS-323.

Thanks!

DSM-G600, DNS-3xx and NSA-220 Hack Forum

Announcement

#1 2008-03-19 20:40:46

Bouncer on DNS-323

#2 2008-03-20 13:30:58

Re: Bouncer on DNS-323

bodbod wrote:

#3 2008-03-20 18:40:20

Re: Bouncer on DNS-323

#4 2008-03-20 19:35:40

Re: Bouncer on DNS-323

Code:

Code:

#5 2008-03-21 01:07:32

Re: Bouncer on DNS-323

#6 2008-03-21 02:37:46

Re: Bouncer on DNS-323

#7 2008-03-21 03:14:17

Re: Bouncer on DNS-323

#8 2008-03-21 15:58:59

Re: Bouncer on DNS-323

Code:

#9 2008-03-21 17:52:03

Re: Bouncer on DNS-323

#10 2008-03-21 18:00:00

Re: Bouncer on DNS-323

bzhou wrote:

#11 2008-08-17 01:30:21

Re: Bouncer on DNS-323

#12 2008-08-17 05:22:26

Re: Bouncer on DNS-323

Code:

#13 2008-08-17 14:33:55

Re: Bouncer on DNS-323

#14 2008-11-24 00:22:34

Re: Bouncer on DNS-323

#15 2008-11-24 01:19:26

Re: Bouncer on DNS-323

Code:

Code:

#16 2009-02-24 17:41:35

Re: Bouncer on DNS-323

jules wrote:

bzhou wrote:

Code:

Code:

Code:

Board footer