# TCP over HTTP [](https://drone.communiquons.org/pierre/tcp-over-http) This project aims to provide an easy-to-setup TCP forwarding solution: ``` |--------| |--------| |--------| | -------| | | | Client | | Server | | | | Client | -- TCP xx -- | | -- HTTP 80 / 443 -- | | -- TCP xx -- | Server | | | | Relay | | Relay | | | |--------| |--------| |--------| |--------| ``` This project can be used especially to bypass firewalls that blocks traffics from ports others than the HTTP / HTTPS ports. The TCP traffic is encapsulated inside an HTTP WebSocket between the client and the server relays. ## Authentication The client can authenticate against the server relays through two different means: * Using a token (the server relay can have several tokens at the same time) * Using a client TLS certificate. In this case, the server relay must act as a HTTPS server, and you must provide the server the required certificates / key files in PEM format. It is also possible to provide the server a CRL file. ## Binary This repository contains a single binary which can be used as a server or a client, depending of command line arguments: * Server mode: Act as a server relay. In case of token authentication (NOT TLS authentication), it can be put behind a reverse proxy. * Client mode: Act as a client relay. It basically does three things: * Fetch the list of forwared ports configuration from the server * Listen to these port locally * When a connection occurs on one of these ports, it forward the data exchanged by the socket to and from the server. A single server - client relay pair can relay multiple ports simultaneously from the same machine.