tcp-over-http/README.MD
2022-09-01 10:16:02 +02:00

34 lines
1.8 KiB
Markdown

# TCP over HTTP
This project aims to provide an easy-to-setup TCP forwarding solution:
```
|--------| |--------| |--------| | -------|
| | | Client | | Server | | |
| Client | -- TCP xx -- | | -- HTTP 80 / 443 -- | | -- TCP xx -- | Server |
| | | Relay | | Relay | | |
|--------| |--------| |--------| |--------|
```
This project can be used especially to bypass firewalls that blocks traffics
from ports others than the HTTP / HTTPS ports. The TCP traffic is encapsulated inside an
HTTP WebSocket between the client and the server relays.
## Authentication
The client can authenticate against the server relays through two different means:
* Using a token (the server relay can have several tokens at the same time)
* Using a client TLS certificate. In this case, the server relay must act as a HTTPS server, and you must provide the
server the required certificates / key files in PEM format. It is also possible to provide the server a CRL file.
## Binary
This repository contains a single binary which can be used as a server or a client, depending of command line arguments:
* Server mode: Act as a server relay. In case of token authentication (NOT TLS authentication), it can be put behind a reverse proxy.
* Client mode: Act as a client relay. It basically does three things:
* Fetch the list of forwared ports configuration from the server
* Listen to these port locally
* When a connection occurs on one of these ports, it forward the data exchanged by the socket to and from the server.
A single server - client relay pair can relay multiple ports simultaneously from the same machine.