From b867164902415c2d8dc04191686bf070af22672d Mon Sep 17 00:00:00 2001
From: "Philip (a-0)" <@ph:a-0.me>
Date: Wed, 27 Jul 2022 11:30:37 +0200
Subject: [PATCH] Attempted fix for udp forwarding

---
 tasks/local.yml  | 13 +++++++++++--
 tasks/remote.yml | 31 ++++++++++---------------------
 2 files changed, 21 insertions(+), 23 deletions(-)

diff --git a/tasks/local.yml b/tasks/local.yml
index 8cafe6c..fdd4a5c 100644
--- a/tasks/local.yml
+++ b/tasks/local.yml
@@ -1,7 +1,9 @@
 ---
-- name: Install autossh
+- name: Install required packages
   apt:
-    name: autossh
+    pkg: 
+      - autossh
+      - socat
     state: present
     update_cache: yes
 
@@ -32,6 +34,13 @@
     owner: "{{ ssh_tunnel_autossh_system_user }}"
     mode: 0644
 
+#- name: Re-convert udp sent over ssh to udp packets
+#  become: yes
+#  shell:
+#    command: "socat tcp4-listen:8000,reuseaddr,fork udp:server02:53"
+#  loop: "{{ tunneled_ports }}"
+#  when: "'udp' in item.protocols"
+
 - name: Set systemd service file
   become: yes
   template:
diff --git a/tasks/remote.yml b/tasks/remote.yml
index 167401e..83b6c6a 100644
--- a/tasks/remote.yml
+++ b/tasks/remote.yml
@@ -1,4 +1,9 @@
 ---
+- name: Install required packages
+  apt:
+    name: socat
+    state: present
+
 - name: Ensure unprivileged ssh user exists
   user:
     name: "{{ ssh_tunnel_sshd_unprivileged_user }}"
@@ -81,18 +86,10 @@
 
 - name: Forward privileged ports to ephemeral localhost ports (IPv4, UDP)
   become: yes
-  iptables:
-    ip_version: ipv4
-    table: nat
-    chain: PREROUTING
-    in_interface: eth0
-    protocol: udp
-    destination_port: "{{ item.exposed_port }}"
-    jump: DNAT
-    to_destination: "127.0.0.1:{{ item.ephemeral_port }}"
+  shell:
+    command: "socat -T10 udp4-recvfrom:{{ item.exposed_port }},fork tcp:127.0.0.1:{{ item.ephemeral_port }}"
   loop: "{{ tunneled_ports }}"
   when: "'udp' in item.protocols"
-  notify: persist iptables
 
 - name: Forward privileged ports to ephemeral localhost ports (IPv6, TCP)
   become: yes
@@ -111,15 +108,7 @@
 
 - name: Forward privileged ports to ephemeral localhost ports (IPv6, UDP)
   become: yes
-  iptables:
-    ip_version: ipv6
-    table: nat
-    chain: PREROUTING
-    in_interface: eth0
-    protocol: udp
-    destination_port: "{{ item.exposed_port }}"
-    jump: DNAT
-    to_destination: "[::1]:{{ item.ephemeral_port }}"
+  shell:
+    command: "socat -T10 udp6-recvfrom:{{ item.exposed_port }},fork tcp:[::1]:{{ item.ephemeral_port }}"
   loop: "{{ tunneled_ports }}"
-  when: "'udp' in item.protocols"
-  notify: persist iptables
\ No newline at end of file
+  when: "'udp' in item.protocols"
\ No newline at end of file