WebRTC does not use proxy
Categories
(Core :: WebRTC, defect)
Tracking
()
People
(Reporter: Str1ker17, Unassigned, NeedInfo)
References
Details
Attachments
(3 files)
Firefox proxy settings
+++ This bug was initially created as a clone of Bug #1624063 +++
User Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0
Steps to reproduce:
Configure proxy setting in browser.
Both HTTP(s) and SOCKS5 proxy are configured, no auth
HTTP(s) proxy is 127.0.0.1:3121 and SOCKS5 is 127.0.0.1:1081
Then open the site that provide WebRTC-based platform to communicate with other people. For example, meet.google.com. In a real-time meeting, there is an UDP connection created.
Actual results:
WebRTC connects with Google server directly, ignoring proxy setting.
Expected results:
It should make connection via SOCKS5 proxy.
|
Reporter | |
Comment 1•2 years ago
|
||
If I set "media.peerconnection.ice.proxy_only_if_behind_proxy" to true, then WebRTC on meet.google.com does not work at all.
If I set "media.peerconnection.turn.disable" to true, that does not make sense and Firefox continue to connect directly.
I tried switching "media.peerconnection.ice.default_address_only", "media.peerconnection.ice.link_local", "media.peerconnection.ice.loopback", "media.peerconnection.ice.no_host" with no sense too.
|
|
Reporter | |
Comment 2•2 years ago
|
||
The endpoint to which the direct connection is made by Firefox WebRTC implementation is UDPv4 74.125.250.69:3478 (when using meet.google.com in my region)
|
||
Comment 3•2 years ago
|
||
I think that this probably has something to do with the use of loopback; our ICE stack pretty much disregards anything that looks like a loopback address. Does your use-case work if you set media.peerconnection.ice.loopback to true?
|
|
Reporter | |
Comment 4•2 years ago
|
||
I turned on "media.peerconnection.ice.proxy_only_if_behind_proxy" and "media.peerconnection.ice.loopback" at the same time. No effect.
I turned on "media.peerconnection.ice.link_local" as well. Does not help.
|
||
Updated•2 years ago
|
|
|
||
Comment 5•2 years ago
|
||
Could you attach a copy of about:webrtc with the config in comment 4?
|
|
Reporter | |
Comment 6•2 years ago
|
||
|
||
Comment 7•1 year ago
|
||
See also: Bug 1790270
|
||
Comment 8•1 year ago
|
||
Hi,
not sure if it is really fixed, we got similar Problem here. Firefox 136.0.1, behind a proxy, configured to "Proxy-Einstellungen des Systems verwenden" (Use System Settings) with a PAC file in the background (company settings by GPO or ini File). No direct routing to the internet, access only by proxy, name resolution for internet targets also runs over proxy.
When trying to connect to a BigBlueButton Instance, we get error 1010. If same computer is running in a network without proxy, no connection problems.
best regards
M. Baltruschat
|
|
||
Comment 9•1 year ago
|
||
It seems highly likely that this was originally filed as a dupe of bug 1922559, but whatever's going on in comment 8 must not be. Could you attach a copy of about:webrtc to this bug (or, if you prefer, open a new bug)?
|
||
Comment 10•6 months ago
|
||
Clear a needinfo that is pending on an inactive user.
Inactive users most likely will not respond; if the missing information is essential and cannot be collected another way, the bug maybe should be closed as INCOMPLETE.
For more information, please visit BugBot documentation.
|
|
Reporter | |
Comment 11•6 months ago
|
||
Hello again,
please see my attached information in the comment above:
https://bugzilla.mozilla.org/show_bug.cgi?id=1863984#c6
The problem persist in Firefox 144. I set both HTTP and SOCKS5 proxy but WebRTC still attempts to establish direct connections for its traffic and does not use proxy in any way.
The only solution that helped me is to bring up my own instance of TURN server (coturn) and configure Firefox via about:config this way:
media.peerconnection.default_iceservers = [{"urls":["turn:proxy.example.com:3478?transport=udp","turn:proxy.example.com:3478?transport=tcp"],"username":"my_coturn_username","credential":"my_coturn_password"}]
media.peerconnection.ice.relay_only = true
media.peerconnection.use_document_iceservers = false
Gladly this routes all the WebRTC traffic through TURN proxy. The drawback is requirement for an additional TURN server and setup complexity.
Is it possible to use the plain SOCKS5 / HTTP proxy for WebRTC? This would be very appreciated. Thanks Firefox team for their big work.
cc
Byron Campen [:bwc]
Jim Mathies [:jimm]
erosman [:erosman]
marcel.baltruschat
Jan-Ivar Bruaroey [:jib]
|
|
||
Comment 12•6 months ago
|
||
Is it possible to use the plain SOCKS5 / HTTP proxy for WebRTC?
The current user-interface does not have the necessary options that you require.
You can try a proxy addon that offers more options e.g. FoxyProxy
See also: bug 1947229, bug 1804693
|
|
||
Comment 13•6 months ago
|
||
There isn't really such a thing as a UDP web-proxy, and webrtc mostly uses UDP. In cases where traffic is going over TCP/TLS, we do use the configured web proxy if there is one; providing a TURN TCP server is one situation where traffic can go over TCP. Are you seeing Firefox webrtc make TCP/TLS connections that bypass a configured web proxy?
|
||
Comment 14•5 months ago
|
||
Thanks Alexey for testing this. Glad you got it working with a TURN server. The limitation covered in comment 13 appears to explain comment 11.
Could you elaborate on what behavior you'd like to see for UDP? Are other browsers faring better than Firefox in this area? How are they solving this?
Description
•