proxy wireguard over TCP/TLS
Go to file
2019-12-16 19:12:02 -05:00
ci CI: depending on platform build without, with system, or with vendored TLS 2019-12-16 19:12:02 -05:00
src CI: depending on platform build without, with system, or with vendored TLS 2019-12-16 19:12:02 -05:00
.gitignore Initial Commit 2019-07-12 01:02:41 -04:00
.travis.yml CI: depending on platform build without, with system, or with vendored TLS 2019-12-16 19:12:02 -05:00
appveyor.yml CI: depending on platform build without, with system, or with vendored TLS 2019-12-16 19:12:02 -05:00
Cargo.lock CI: depending on platform build without, with system, or with vendored TLS 2019-12-16 19:12:02 -05:00
Cargo.toml CI: depending on platform build without, with system, or with vendored TLS 2019-12-16 19:12:02 -05:00
LICENSE-APACHE Initial Commit 2019-07-12 01:02:41 -04:00
LICENSE-MIT Initial Commit 2019-07-12 01:02:41 -04:00
README.md Merge proxy/proxyd into single binary, make command line parsing more robust 2019-12-15 18:44:56 -05:00
test.sh Implement TLS server side, refactor to allow conditional TLS support at compile time 2019-12-16 11:52:17 -05:00

wireguard-proxy

Proxy wireguard UDP packets over TCP/TLS

wireguard-proxy has 2 modes:

  • server-side daemon to accept TCP connections from multiple clients and pipe data to and from the specified UDP port
  • client-side daemon that accepts UDP packets on a local port from a single client, connects to a single remote TCP port, and pipes data between them

Testing:

  • udp-test is a utility to send a UDP packet and then receive a UDP packet and ensure they are the same, this verifies packets sent through proxy server/client are unmolested
  • udp-test -s runs udp-test against itself through proxy server/client by spawning actual binaries
  • udp-test -is runs udp-test against itself through proxy server/client in same executable by using library, so does not test command line parsing etc
  • test.sh runs udp-test against itself, the udp-test self tests above, and through proxy server/client in the shell script

Testing with GNU netcat:

  • nc -vulp 51820 listen on udp like wireguard would
  • nc -u -p 51821 127.0.0.1 51820 connect directly to local udp wireguard port to send data to 51820 from port 51821
  • nc -vlp 5555 listen on tcp like wireguard-proxy would
  • nc 127.0.0.1 5555 connect directly to local tcp wireguard-proxy port to send/recieve data
  • so to test through wireguard-proxy run first and last command while it's running, type in both places

License

This project is licensed under either of

at your option.

Contribution

Unless you explicitly state otherwise, any contribution intentionally submitted for inclusion in die by you, as defined in the Apache-2.0 license, shall be dual licensed as above, without any additional terms or conditions.