Route Traffic to a SOCKS Proxy Using a Net Qube
2026-06-05T00:08:03+08:00
DISCLAIMER: I wrote this guide after things ‘seem’ to work. I am not responsible for traffic leaks or other unexpected issues.
This article explains how to route traffic to a SOCKS proxy from specific qubes using a net qube.
Step 1: Install the required packages
You will need screen and redsocks.
# apt install screen redsocks
Step 2: Create a net qube
Do this in your Qube Manager.
Step 3: Configure redsocks
Create /rw/config/redsocks.conf in the new net qube:
base {
log_info = on;
log_debug = on;
log = stderr;
daemon = on;
redirector = iptables;
}
redsocks {
local_ip = 0.0.0.0;
local_port = 12345;
ip = <changeme>;
port = <changeme>;
type = <changeme>;
login = "<changeme>";
password = "<changeme>";
}
Step 4: Configure autostart
Add these lines to /rw/config/rc.local in the new net qube:
systemctl stop redsocks
nft add table ip nat 2>/dev/null || true
nft 'add chain ip nat prerouting { type nat hook prerouting priority -100; policy accept; }' 2>/dev/null || true
nft add set ip nat bypass4 '{ type ipv4_addr; flags interval; elements = {
0.0.0.0/8,
10.0.0.0/8,
100.64.0.0/10,
127.0.0.0/8,
169.254.0.0/16,
172.16.0.0/12,
192.168.0.0/16,
224.0.0.0/4,
240.0.0.0/4
} }' 2>/dev/null || true
nft add rule ip nat prerouting ip daddr @bypass4 accept
nft add rule ip nat prerouting meta l4proto tcp redirect to :12345
nft add rule ip qubes custom-input iifgroup 2 tcp dport 12345 ct state new,established,related counter accept
cp /rw/config/redsocks.conf /etc/redsocks.conf
systemctl start redsocks
Step 5: Restart and configure
Restart the net qube, then set the net qube of the qubes whose traffic you want to route through that proxy to this net qube.
You are all set. Enjoy :-)
Issue: Sometimes redsocks receives the SIGABRT signal and crashes. Workaround: run systemctl start redsocks to restart it.
