- server-side daemon to accept TCP/TLS connections from multiple clients and pipe data to and from the specified UDP port
- client-side daemon that accepts UDP packets on a local port from a single client, connects to a single remote TCP/TLS port, and pipes data between them
```
$ wireguard-proxy -h
usage: wireguard-proxy [options...]
Client Mode (requires --tcp-target):
-tt, --tcp-target <ip:port> TCP target to send packets to, where
wireguard-proxy server is running
-uh, --udp-host <ip:port> UDP host to listen on, point wireguard
-ut, --udp-target <ip:port> UDP target to send packets to, where
wireguard server is running,
default: 127.0.0.1:51820
-ur, --udp-bind-host-range <ip:low-high> UDP host and port range to bind to,
one port per TCP connection, to
listen on for UDP packets to send
back over the TCP connection,
default: 127.0.0.1:30000-40000
-tk, --tls-key <ip:port> TLS key to listen with,
requires --tls-cert also
-tc, --tls-cert <ip:port> TLS cert to listen with,
requires --tls-key also
Common Options:
-h, --help print this usage text
-st, --socket-timeout <seconds> Socket timeout (time to wait for data)
before terminating, default: 0
```
Binaries:
- [releases](https://github.com/moparisthebest/wireguard-proxy/releases) has static builds for most platforms performed by travis-ci and appveyor courtesy of [trust](https://github.com/japaric/trust)
- Arch Linux AUR [wireguard-proxy](https://aur.archlinux.org/packages/wireguard-proxy/) and [wireguard-proxy-git](https://aur.archlinux.org/packages/wireguard-proxy-git/)
Building:
-`cargo build --release` - minimal build without TLS support, no dependencies
-`cargo build --release --feature tls` - links to system openssl
-`cargo build --release --feature openssl_vendored` - compiles vendored openssl and link to it
-`udp-test` is a utility to send a UDP packet and then receive a UDP packet and ensure they are the same, this verifies packets sent through proxy server/client are unmolested
-`udp-test -s` runs udp-test against itself through proxy server/client by spawning actual binaries
-`udp-test -is` runs udp-test against itself through proxy server/client in same executable by using library, so does not test command line parsing etc
-`test.sh` runs udp-test against itself, the udp-test self tests above, and through proxy server/client in the shell script