UDP tunelling port 53 (DNS) to bypass Captive portals in Wifi Hot Spots

[mx5kevin]

Describe the bug

When the user connect a public wifi Hot-Spot with a Captive portal login page what password protected then programs can not connect to the internet. This program use UDP protocoll to connect to the internet. And using UDP port 53 (DNS) programs can connect to the internet. Very few VPN and proxy services support this option and it would be useful to many people.

To Reproduce

Connect to a wifi Hot-Spot.

Screenshots Or Logs
If applicable, add screenshots or log files to help explain your problem.

Device and Operating system (please complete the following information):

• OS: [e.g. iOS, Windows, Android]
• Device: [ e.g. Mac, PC, IPhone]
• Lokinet Version number or Git commit hash:

I see the in the firewall the program use UDP protocoll.

VPN book with OpenVPN using port UDP 53 https://www.vpnbook.com/ and https://www.psiphon3.com/en/index.html when the user connect to a public Hot-Spot can access the internet using UDP port 53. Without this the user redirected to the Captive portal login page or the VPN client can not connect to the internet.

See the current details

https://gitlab.torproject.org/tpo/anti-censorship/bridgedb/-/issues/40004

The TOR team it will not work on the problem. Lokinet support TCP, UDP, and many other protocols. If the users could use it for torrent clients and many other programs it would be more useful than TOR. Most VPN services does not working with wifi Hot-Spots. It would be a very useful option.

[majestrate]

we can already do this when the exit capabilities are turned on, this mode needs to be manually enabled because automatic exit selection is not implemented and probably won't be for a while.

you can use: lokinet-vpn --exit exit.loki --up to use the exit node at exit.loki and it will route all IPv4 traffic over lokinet to the exit.

[majestrate]

oh i see, captive portal support, that will be hard.

okay, it's dns tunneling support. it could work.

[mx5kevin]

we can already do this when the exit capabilities are turned on, this mode needs to be manually enabled because automatic exit selection is not implemented and probably won't be for a while.

you can use: lokinet-vpn --exit exit.loki --up to use the exit node at exit.loki and it will route all IPv4 traffic over lokinet to the exit.

This is the first time I have tried the Lokinet program. It is not clear to me what exit nodes in Lokinet are doing. As a VPN service or TOR connecting to the open internet, but it didn't work for me with Lokinet. Using web browsers with detecting or use system proxy settings are not working. And does not have a manual setting to set it up example: 127.0.0.1 Socks 5 (port "1234") in the programs what support proxy settings.

A tried the exit.loki address but I don't really know what the function does. If that is the purpose of the (exit node) option to visit normal websites through Lokinet like Tor or VPN does using Windows 10 +Firefox or another browser it doesn't work for me at the moment. Such a function would also be useful too.

For the setting the Lokinet program need to be setup to communicate the internet using port UDP 53 or the connection are fail. Another ports and protocols are blocked to go to the internet. The First Lokinet hop when Lokinet try to connect to the Loki Network (not the last exit node) need to connect to the user using UDP 53 (DNS). What I mean the first hop when the program try to connect to the internet. Tor use TCP 80 and 443 when only specific ports are allowed. But can not use UDP 53 port so the connection are failed. VPN services what use UDP protocoll but the port cannot be set that the program which port and protocol communicate with the internet they also do not work.

Using this setup: User ->UDP port DNS 53 -> Lokinet.