hex/wstunnel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update README.md

Browse source
This commit is contained in:
Σrebe - Romain GERARD 2023-12-12 13:48:05 +01:00
parent f3df0bee40
commit 1eb1d95873
No known key found for this signature in database
GPG key ID: 7A42B4B97E0332F4
1 changed files with 11 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

11
README.md
View file

@ -175,6 +175,7 @@ docker pull ghcr.io/erebe/wstunnel:latest
* [Proxy easily any traffic with transparent proxy (linux only)](#tproxy)
* [Reverse tunneling](#reverse)
* [How to secure access of your wstunnel server](#secure)
* [Maximize your stealthiness/Make your traffic discrete](#stealth)
### Understand command line syntax <a name="syntax"></a>
@ -366,6 +367,16 @@ Now your wstunnel server, will only accept connection if the client specify the
---
### Maximize your stealthiness/Make your traffic discrete <a name="stealth"></a>
* Use wstunnel with TLS activated (wss://) and use your own certificate
* Embedded certificate is self-signed and are the same for everyone, so can be easily fingerprinted/flagged
* Use valid certificate (i.e: with Let's Encrypt), self-signed certificate are suspicious
* Use a custom http path prefix (see `--http-upgrade-path-prefix` option)
* To avoid having the same url than every other wstunnel user
* Change your tls-sni-override to a domain is known to be allowed (i.e: google.com, baidu.com, etc...)
* this will not work if your wstunnel server is behind a reverse proxy (i.e: Nginx, Cloudflare, HAProxy, ...)
## How to Build <a name="build"></a>
Install the Rust https://www.rust-lang.org/tools/install or if you are a believer
```