From 6a79ef6d4f15621fff6f314a00829fd68152c403 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=CE=A3rebe=20-=20Romain=20GERARD?= Date: Wed, 6 Dec 2023 20:53:08 +0100 Subject: [PATCH] Update README.md --- README.md | 18 +++++++++++++++--- 1 file changed, 15 insertions(+), 3 deletions(-) diff --git a/README.md b/README.md index 63b1a50..04e40b0 100644 --- a/README.md +++ b/README.md @@ -9,11 +9,13 @@

+## Summary + * [Description](#description) -* [Note](#note) * [Command line](#cmd) -* [Release](#release) * [Examples](#examples) +* [Release](#release) +* [Note](#note) * [How to build](#build) @@ -195,12 +197,16 @@ curl -x socks5h://127.0.0.1:8888 http://google.com/ #Please note h after the 5, it is to avoid curl resolving DNS name locally ``` +--- + ### As proxy command for SSH You can specify `stdio` as source port on the client side if you wish to use wstunnel as part of a proxy command for ssh ```bash -ssh -o ProxyCommand="wstunnel client -L stdio://%h:%p ws://localhost:8080" my-server +ssh -o ProxyCommand="wstunnel client -L stdio://%h:%p ws://myRemoteHost:8080" my-server ``` +--- + ### When behind a corporate proxy An other useful example is when you want to bypass an http proxy (a corporate proxy for example) The most reliable way to do it is to use wstunnel as described below @@ -227,6 +233,7 @@ You may now access your server from your local machine on ssh by using ssh -p 9999 login@127.0.0.1 ``` +--- ### Wireguard and wstunnel @@ -289,6 +296,8 @@ FAQ - If wstunnel cannot connect to server while wireguard is on, be sure you have added a static route via your main gateway for the ip of wstunnel server. Else if you forward all the traffic without putting a static route, you will endup looping your traffic wireguard interface -> wstunnel client -> wireguard interface +--- + ### Transparent proxy (linux only) Start wstunnel with @@ -301,6 +310,8 @@ use this project to route traffic seamlessly https://github.com/NOBLES5E/cproxy. cproxy --port 1080 --mode tproxy -- curl https://google.com ``` +--- + ### How to secure the access of your wstunnel server Generate a secret, let's say `h3GywpDrP6gJEdZ6xbJbZZVFmvFZDCa4KcRd` @@ -317,6 +328,7 @@ wstunnel client --http-upgrade-path-prefix h3GywpDrP6gJEdZ6xbJbZZVFmvFZDCa4KcRd Now your wstunnel server, will only accept connection if the client specify the correct path prefix during the upgrade request. +--- ## How to Build Install the Rust https://www.rust-lang.org/tools/install or if you are a believer