sshuttle on OSX [Mountain Lion]

[jh3]

Hello--

I am on OSX 10.8.1 attempting to get sshuttle working. I have installed it through homebrew if that matters.

I am attempting to connect a Linux machine running Debian. A bunch of stuff is spit out after running the example command, but I do not think it is actually working. My IP is the same regardless of sshuttle running.

I've executed it with and without sudo. With and without the --dns flag. I have only tried the example command on the github page.

sudo shuttle --dns -vvvr user@server 0/0

shuttle --dns -vvvr user@server 0/0

shuttle -vvvr user@server 0/0

I've also tried using the -H flag, but that doesn't get me anywhere either. And yes, I've rebooted my machine.

Am I just missing something or does sshuttle not function correctly from OSX 10.8.x -> Linux?

Thanks!

Joe

[phl...@gmail.com]

I'm in the same boat...

[Avery Pennarun]

It works for me :) Are you sure it's not just working fine and you
didn't notice? Please post the output of sshuttle.

[Jari Fredriksson]

Tried again, nothing happens. Shuttle does not "see" the connection attempts in another windows, and it does not print anything besides the initial.

gladiator:~ jarif$ sshuttle --dns -vvvr ja...@host.example.com 0/0

Starting sshuttle proxy.

Binding: 12300

Listening on ('127.0.0.1', 12300).

DNS listening on ('127.0.0.1', 12300).

firewall manager ready.

c : connecting to server...

c : executing: ['ssh', 'ja...@host.example.com', '--', 'P=python2; $P -V 2>/dev/null || P=python; exec "$P" -c \'import sys; skip_imports=1; verbosity=3; exec compile(sys.stdin.read(764), "assembler.py", "exec")\'']

c :  > channel=0 cmd=PING len=7 (fullness=0)

server: assembling 'cmdline_options.py' (29 bytes)

server: assembling 'helpers.py' (914 bytes)

server: assembling 'ssubprocess.py' (13673 bytes)

server: assembling 'ssnet.py' (5446 bytes)

server: assembling 'hostwatch.py' (2270 bytes)

server: assembling 'server.py' (2370 bytes)

 s: latency control setting = True

 s: available routes:

 s:   10.60.70.0/24

 s:  > channel=0 cmd=PING len=7 (fullness=0)

 s:  > channel=0 cmd=ROUTES len=14 (fullness=7)

 s: Waiting: 1 r=[4] w=[5] x=[] (fullness=21/0)

c : connected.

Connected.

c : Waiting: 3 r=[3, 5, 9] w=[9] x=[] (fullness=7/0)

c :   Ready: 3 r=[] w=[9] x=[]

c : mux wrote: 15/15

c : Waiting: 3 r=[3, 5, 9] w=[] x=[] (fullness=7/0)

 s:   Ready: 1 r=[] w=[5] x=[]

 s: mux wrote: 15/15

 s: mux wrote: 22/22

 s: Waiting: 1 r=[4] w=[] x=[] (fullness=21/0)

c :   Ready: 3 r=[9] w=[] x=[]

c : <  channel=0 cmd=PING len=7

c :  > channel=0 cmd=PONG len=7 (fullness=7)

c : <  channel=0 cmd=ROUTES len=14

firewall manager: starting transproxy.

>> ipfw -q add 12300 check-state ip from any to any

>> ipfw -q add 12300 skipto 12301 tcp from any to 127.0.0.0/8

>> ipfw -q add 12300 fwd 127.0.0.1,12300 tcp from any to 0.0.0.0/0 not ipttl 42 keep-state setup

 s:   Ready: 1 r=[4] w=[] x=[]

 s: <  channel=0 cmd=PING len=7

 s:  > channel=0 cmd=PONG len=7 (fullness=21)

 s: mux wrote: 15/15

 s: Waiting: 1 r=[4] w=[] x=[] (fullness=28/0)

>> ipfw -q add 12300 divert 12300 udp from any to 10.123.29.119/32 53 not ipttl 42

>> ipfw -q add 12300 divert 12300 udp from any 12300 to any not ipttl 42

c : mux wrote: 15/15

c : <  channel=0 cmd=PONG len=7

c : received PING response

c : Waiting: 3 r=[3, 5, 9] w=[] x=[] (fullness=0/0)

 s:   Ready: 1 r=[4] w=[] x=[]

 s: <  channel=0 cmd=PONG len=7

 s: received PING response

 s: Waiting: 1 r=[4] w=[] x=[] (fullness=0/0)

Then, nothing.

[Jari Fredriksson]

I just tested sshuttle on my MacBook Air with Mountain Lion. It just works!

Aparently some latest update from Apple has fixed the problem, what ever it was.

--jarif

[kor...@midwinter.com]

I see similar behavior under 10.8.2 on my system, but with a possibly interesting twist. None of the locally generated traffic from my Mac gets sent over sshuttle. But if I turn on Internet sharing, the traffic from other computers connecting through my Mac *does* get sent over sshuttle. So basically my computer becomes a VPN router that isn't on its own VPN. It doesn't appear to matter whether I run sshuttle before or after turning on Internet sharing.

It seems like locally generated traffic is bypassing whatever part of the network stack would ordinarily redirect it to sshuttle.

For now I run sshuttle for my other devices and a SOCKS tunnel plus Proxifier for my Mac's traffic. Obviously it'd be nice to dispense with the second tunnel, but I haven't yet found a way to make it start working.

-Steve

[jonatha...@gmail.com]

I was seeing similar behavior until I turned off the firewall in System Preferences. Might want to give that a try.

[niko....@gmail.com]

I had the exact same issue and turning off the firewall fixed it for me.