Encapsulate TCP connections inside HTTP WebSockets
tcp
Go to file
2022-09-01 17:05:13 +02:00
src Check the case with invalid token 2022-09-01 17:05:13 +02:00
.gitignore Can specify custom server root certificate for client 2022-08-31 10:59:07 +02:00
Cargo.lock Start to write e2e tests 2022-09-01 15:03:20 +02:00
Cargo.toml Start to write e2e tests 2022-09-01 15:03:20 +02:00
README.MD Update README 2022-09-01 10:16:02 +02:00

TCP over HTTP

This project aims to provide an easy-to-setup TCP forwarding solution:

|--------|              |--------|                     |--------|              | -------|
|        |              | Client |                     | Server |              |        |
| Client | -- TCP xx -- |        | -- HTTP 80 / 443 -- |        | -- TCP xx -- | Server |
|        |              |  Relay |                     |  Relay |              |        |
|--------|              |--------|                     |--------|              |--------|

This project can be used especially to bypass firewalls that blocks traffics from ports others than the HTTP / HTTPS ports. The TCP traffic is encapsulated inside an HTTP WebSocket between the client and the server relays.

Authentication

The client can authenticate against the server relays through two different means:

  • Using a token (the server relay can have several tokens at the same time)
  • Using a client TLS certificate. In this case, the server relay must act as a HTTPS server, and you must provide the server the required certificates / key files in PEM format. It is also possible to provide the server a CRL file.

Binary

This repository contains a single binary which can be used as a server or a client, depending of command line arguments:

  • Server mode: Act as a server relay. In case of token authentication (NOT TLS authentication), it can be put behind a reverse proxy.
  • Client mode: Act as a client relay. It basically does three things:
    • Fetch the list of forwared ports configuration from the server
    • Listen to these port locally
    • When a connection occurs on one of these ports, it forward the data exchanged by the socket to and from the server.

A single server - client relay pair can relay multiple ports simultaneously from the same machine.