-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
1 changed file
with
8 additions
and
5 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,29 @@ | ||
## Forwarder | ||
Lightweight udp forwarder, Forward udp packets via udp, icmp sockets to another port or host | ||
Mostly used it to combat [DPI](https://en.wikipedia.org/wiki/Deep_packet_inspection) | ||
Lightweight UDP forwarder and UDP over ICMP software | ||
Mostly used it to combat [DPI](https://en.wikipedia.org/wiki/Deep_packet_inspection) when using popular VPN protocols such as **Wireguard** and **OpenVPN** | ||
|
||
### Usage | ||
Simply forwarding single local port to another: | ||
```bash | ||
forwarder -l 0.0.0.0:1001 -r 127.0.0.1:1002 | ||
``` | ||
--- | ||
Forwarding udp and encrypting packets via xor encryption: | ||
Forwarding UDP and encrypting packets via XOR encryption | ||
(*i'm using forwarder on top of other protocols such as Wireguard that already has strong encryption so the xor is only for confusing DPI*): | ||
```sh | ||
forwarder -l 0.0.0.0:1001 -r 127.0.0.1:1050 -p some_secret | ||
``` | ||
now, packets delivered to port `1050` are also encrypted via a secret so you need also another forwarder to decrypt packets and forwarder it to actual port (1002): | ||
now, packets delivered to port `1050` are also encrypted via a secret so you need also another forwarder to decrypt packets and forward it to the actual port (1002): | ||
```sh | ||
forwarder -l 127.0.0.1:1050 -r 127.0.0.1:1002 -p some_secret | ||
``` | ||
![Screenshot_2024-01-19_1705682795](https://github.com/Arian8j2/forwarder/assets/56799194/09433d44-48bc-4a27-a7ab-19bd5990a9b6) | ||
--- | ||
Forwarding udp packets via icmp: | ||
Forwarding UDP packets over ICMP: | ||
```sh | ||
forwarder -l 0.0.0.0:1001/udp -r 127.0.0.1:1050/icmp | ||
forwarder -l 127.0.0.1:1050/icmp -r 127.0.0.1:1002/udp | ||
``` | ||
![Screenshot_2024-01-19_1705683004](https://github.com/Arian8j2/forwarder/assets/56799194/bafe0681-abec-48cb-8ea7-1651d983c9e6) | ||
> [!WARNING] | ||
> UDP over ICMP currently may not work behind NAT or NAPT, because forwarder doesn't try to simulate real icmp handshake (request, reply) and only sends echo request and also the sequence and id of icmp packet is used as source and destination port to avoid further MTU issues, also i'm using forwarder only on servers so the main reason for this behavior is that. |