hex/wstunnel
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
590 commits 1 branch 0 tags 1.7 MiB
Commit graph

53 commits

Author SHA1 Message Date
Jasper Siepkes
c09c349610
Add option to map (force) port use on the server for reverse tunnels. (#274) 
This change adds a `port_mapping` option to the `ReverseTunnel` definition in the (YAML) restriction file.

It maps ports on the server side from X to Y (X:Y). Where X is the originally requested port by the client and Y is the port which will be used to listen on server-side.

For example with `10001:8080` configured and a client which connects using `-R tcp://10001:localhost:80` the server will listen on port 8080 instead of 10001. The originally requested ports (NOT the mapped ports) still needs to be allowed via the `ports` directive.

This is for example useful when dealing with lots of clients and you don't want to coordinate port use on all the clients but centrally on the server.
 2024-05-22 16:13:58 +02:00
erebe
9b82006c6e
Improve stdio tunnel on windows 
- Handle CTRL+C to exit properly
- Restore terminal mode at exit
- Use logger to stderr
 2024-05-18 16:02:28 +02:00
Σrebe - Romain GERARD
246862a6da
Reduce allocation when using client certificate 2024-05-16 09:05:04 +02:00
Jasper Siepkes
ddebdfd3d2
When mTLS is used force path to match client certificate CN (#272) 
This change makes the server verify the client's path prefix matches the common name (CN) in the certificate the client presented when mTLS is used. This makes it impossible for the client to spoof the path prefix specified in the `restrictions.yaml` file.
 2024-05-16 08:39:30 +02:00
Σrebe - Romain GERARD
69c372490a
feat(server): Add tcp-keepalive on in-coming server connections 2024-05-01 15:13:00 +02:00
Σrebe - Romain GERARD
421a5a230c
feat(restriction): Avoid re-creating a config reload notifier each time 2024-05-01 15:00:46 +02:00
Σrebe - Romain GERARD
5ef14d1a8c
feat(restriction): Auto-reload restriction file 2024-05-01 12:07:18 +02:00
Σrebe - Romain GERARD
368f6657fd
Turn match in restriction config into a list 2024-05-01 09:17:37 +02:00
Σrebe - Romain GERARD
3c84c59a11
Allow multiple ports in restriction file 2024-04-29 08:43:08 +02:00
Σrebe - Romain GERARD
135fcb5127
Increase reverse tunnel timeout to 3min 2024-04-28 00:11:41 +02:00
Σrebe - Romain GERARD
8a228248d7
Add config file for restrictions 2024-04-28 00:07:57 +02:00
Σrebe - Romain GERARD
727e92902c
Add log when closing remote tunnel 2024-04-25 21:22:38 +02:00
Σrebe - Romain GERARD
70b5a216b0
Add support for mTLS 2024-04-19 09:36:14 +02:00
Σrebe - Romain GERARD
94d9a14c81
fix: Avoid stopping accepting new connection on error 2024-03-27 08:30:43 +01:00
Σrebe - Romain GERARD
365ddd7875
Add default content type 2024-01-17 09:16:35 +01:00
Σrebe - Romain GERARD
27df033448
Add more logs 2024-01-17 00:20:54 +01:00
Σrebe - Romain GERARD
459a0667b1
Add suport for http2 as transport for tunnel 2024-01-16 22:25:36 +01:00
Σrebe - Romain GERARD
ebd7591b34
cleanup transport addr and scheme 2024-01-13 23:31:54 +01:00
Σrebe - Romain GERARD
3eef03d8c4
Add custom trait for tunnel transport 2024-01-13 21:06:57 +01:00
Σrebe - Romain GERARD
56543696b7
fix imports for non unix target 2024-01-12 18:03:11 +01:00
Σrebe - Romain GERARD
10f15d1225
Add support for unix socket 2024-01-12 17:42:24 +01:00
Σrebe - Romain GERARD
dc4eadb8f9
Support proxy protocol for tcp connection 2024-01-11 09:19:32 +01:00
Σrebe - Romain GERARD
ade9a19315
improve logs 2024-01-07 21:47:29 +01:00
Σrebe - Romain GERARD
b9bf0f005d
cleanup 2024-01-07 21:27:59 +01:00
Σrebe - Romain GERARD
ac76f52f6d
fix reverse socks5 proxy for udp association 2024-01-07 17:04:45 +01:00
Σrebe - Romain GERARD
bdf88d0e89
Add Socks5 Udp Associate 2024-01-07 16:52:23 +01:00
Σrebe - Romain GERARD
23a38fced0
preparation work for udp association 2024-01-07 16:52:22 +01:00
Σrebe - Romain GERARD
bffd2470e7
fix dns-resolver cmd line parsing 2024-01-02 13:15:04 +01:00
Σrebe - Romain GERARD
ace649a8a1
TlsReloader cleanup 2023-12-30 23:38:05 +01:00
Σrebe - Romain GERARD
5c7bc03e5f
TlsReloader cleanup 2023-12-29 19:03:40 +01:00
Σrebe - Romain GERARD
7ad36709bc
cleanup tls reloader 2023-12-29 18:06:28 +01:00
Σrebe - Romain GERARD
640102f82e
Support auto-reload of tls certificate 2023-12-29 09:56:47 +01:00
Σrebe - Romain GERARD
259da14d4d
Pass tunnel info into sec-websocket-protocol header 2023-12-26 21:16:34 +01:00
Σrebe - Romain GERARD
f19efa37f1
cleanup code 2023-12-25 18:06:44 +01:00
Σrebe - Romain GERARD
d456c67f19
Add support for custom dns resolver on server 2023-12-19 22:52:03 +01:00
Σrebe - Romain GERARD
d1de41646f
Bump to hyper 1.x 2023-12-15 09:59:10 +01:00
Σrebe - Romain GERARD
8495870bff
cleanup 2023-12-04 08:50:47 +01:00
Σrebe - Romain GERARD
3eba7d8771
support multiple --restrict-http-upgrade-path-prefix 2023-12-03 22:32:05 +01:00
Σrebe - Romain GERARD
592fab9406
Add tproxy udp 2023-12-03 21:41:52 +01:00
Σrebe - Romain GERARD
91f9a84e89
Add reverse socks5 tunnel 2023-12-01 22:25:01 +01:00
Σrebe - Romain GERARD
33ca736a73
Add transparent tcp proxy on linux 2023-12-01 20:20:33 +01:00
Σrebe - Romain GERARD
6e0386c416
Correctly close reverse tunnel server 2023-11-27 20:24:45 +01:00
Σrebe - Romain GERARD
f48b156542
Add udp reverse tunneling 2023-11-26 18:23:23 +01:00
Σrebe - Romain GERARD
87cf422489
Add tcp reverse tunneling 2023-11-26 15:57:45 +01:00
Σrebe - Romain GERARD
297176293c
cleanup 2023-11-03 09:17:56 +01:00
Σrebe - Romain GERARD
8a5d89885a
fmt 2023-10-31 08:43:24 +01:00
Σrebe - Romain GERARD
48b18293a5
chore(udp): Make udp connection on server side more flexible 2023-10-31 08:33:56 +01:00
Σrebe - Romain GERARD
466cb425bc
Cleanup 2023-10-30 08:50:35 +01:00
Σrebe - Romain GERARD
bab2c36f8a
cleanup 2023-10-29 01:33:22 +02:00
Σrebe - Romain GERARD
a9d3cf0ab5
Bump versions 2023-10-28 18:21:32 +02:00