GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → AdrianVollmer → htun

AdrianVollmer / htun

Licence: MIT license
htun tunnels IP traffic transparently over HTTP or TCP

Programming Languages

python
139335 projects - #7 most used programming language

Labels

http-tunneltunnelingipoverhttp

Projects that are alternatives of or similar to htun

vex
reverse HTTP proxy tunnel via secure SSH connections.
Stars: ✭ 20 (-71.83%)
Mutual labels:  http-tunnel
tunman
Comprehensive solution for SSH tunnels - respawning, healthchecking/monitoring
Stars: ✭ 43 (-39.44%)
Mutual labels:  tunneling
NakovForwardServer
TCP port forwarding software, written in Java: forwards a local TCP port (e.g. 127.0.0.1:1521) to external port (e.g. 0.0.0.0:1522)
Stars: ✭ 41 (-42.25%)
Mutual labels:  tunneling
ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (+488.73%)
Mutual labels:  tunneling
SpooferBT
Relay torrent tracker communication via TCP to bypass a blocked UDP network.
Stars: ✭ 18 (-74.65%)
Mutual labels:  tunneling
forwardingproxy
A HTTP/S forwarding proxy in Go
Stars: ✭ 55 (-22.54%)
Mutual labels:  tunneling
wotop
Web on top of any protocol
Stars: ✭ 118 (+66.2%)
Mutual labels:  http-tunnel
aiotunnel
HTTP tunnel on top of aiohttp and asyncio
Stars: ✭ 29 (-59.15%)
Mutual labels:  http-tunnel
Ngrok
Expose your localhost to the web. Node wrapper for ngrok.
Stars: ✭ 1,897 (+2571.83%)
Mutual labels:  tunneling
tunneldigger
L2TPv3 VPN tunneling solution
Stars: ✭ 68 (-4.23%)
Mutual labels:  tunneling
soxy-driver
A docker networking driver that transparently tunnels docker containers TCP traffic through a proxy
Stars: ✭ 25 (-64.79%)
Mutual labels:  tunneling
netunnel
A tool to create network tunnels over HTTP/S written in Python 3
Stars: ✭ 19 (-73.24%)
Mutual labels:  tunneling
reverse-tunnel
Reverse tunnel TCP and UDP
Stars: ✭ 100 (+40.85%)
Mutual labels:  tunneling

htun

htun is a transparent tunnel for transporting IP traffic over HTTP or TCP.

It was developed with situations in mind where traffic to the internet is restricted. For instance, some networks don't allow traffic to the internet at all and require you to go through an HTTP proxy. htun enables you to get full internet access in those situations (all ports, all protocols). It also supports using a SOCKS proxy.

Obviously, performance takes a huge hit. So it is meant for some light browsing or downloading small files sporadically. Expect transfer rates to be cut by a factor of up to 100.

Also, it is not encrypted by default. It is recommended to put another tunnel on top, such as Wireguard.

Since python-pytun is required, which is a non-portable module, this will only run on Linux.

Requirements

To run htun, you need Python3 and the following modules:

  • urllib3==1.24
  • python_pytun==2.2.1
  • pytun==1.0.1
  • SocksiPy_branch==1.01

Recommended:

  • hexdump==3.3

Usage

The script needs to be run with root privileges both on the server and the client. On the server, run:

./htun.py --server

On the client, run:

./htun.py --uri <SERVER URI>

By default, it uses HTTP on port 80 and the IP addresses 10.13.37.1 and 10.13.37.2 for the client and the server, respectively.

For all options, run ./htun.py --help:

usage: htun.py [-h] [--debug] [--client-addr CADDR] [--server-addr SADDR]
               [--tun-netmask TMASK] [--tun-mtu TMTU] [--tun-timeout TIMEOUT]
               [--route-subnet RSUBNET] [--proxy PROXY] [--username USERNAME]
               [--password PASSWORD] [--listen-port LPORT] [--bind-ip BINDIP]
               (--server [{http,tcp}] | --uri URI)

htun tunnels IP traffic transparently over HTTP or TCP (author: Adrian
Vollmer)

optional arguments:
  -h, --help            show this help message and exit
  --debug, -d           debug flag to true (default: False)
  --client-addr CADDR, -c CADDR
                        tunnel local address (default: 10.13.37.1)
  --server-addr SADDR, -s SADDR
                        tunnel destination address (default: 10.13.37.2)
  --tun-netmask TMASK, -m TMASK
                        tunnel netmask (default: 255.255.255.0)
  --tun-mtu TMTU        tunnel MTU (default: 1500)
  --tun-timeout TIMEOUT
                        r/w timeout in seconds (default: 1)
  --route-subnet RSUBNET, -n RSUBNET
                        subnet to be routed via tunnel (default: None)
  --proxy PROXY, -P PROXY
                        proxy URI (<proto>://<host>:<port>) (default: None)
  --username USERNAME, -u USERNAME
                        username for HTTP proxy basic authentication (default:
                        None)
  --password PASSWORD, -W PASSWORD
                        password for HTTP proxy basic authentication (default:
                        None)
  --listen-port LPORT, -p LPORT
                        listen port of the server component (default: 80)
  --bind-ip BINDIP, -b BINDIP
                        bind IP address of the server component (default:
                        0.0.0.0)
  --server [SERVER]     local port and bind address (http, tcp)
                        (default: http)
  --uri URI             remote URI (<proto>://<host>[:<port>]) (default: None)

Examples

TCP Tunnel

To use a TCP tunnel on port 443, run

./htun.py --server tcp -p 443

on the server side and

./htun.py --uri tcp://<host>:443

on the client side. Now the client can reach the server via the IP address 10.13.37.2

SOCKS Proxy

To use HTTP over a SOCKS5 proxy on port 5000, run

./htun.py --server

on the server side and

./htun.py --uri http://<host> --proxy socks5://<proxy-host>:5000

on the client side.

Proxy Authentication

Proxies using basic authentication are supported (but yet untested).

A proxy requiring NTLM authentication is not supported because python-urllib3 does not support NTLM. It is suggested to use cntlm as an additional SOCKS proxy.

Performance

Performance over a TCP tunnel is much better than over an HTTP tunnel. Expect several orders of magnitude in degradation of the connection when using HTTP.

Example downloading 713k bytes without the tunnel:

$ curl https://example.com/example.png  > /dev/null
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  713k  100  713k    0     0  2680k      0 --:--:-- --:--:-- --:--:-- 2680k

Downloading the same file with an HTTP tunnel:

$ curl https://example.com/example.png  > /dev/null
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  713k  100  713k    0     0  12177      0  0:00:59  0:00:59 --:--:-- 16590

With a TCP tunnel it's at least around 3% of the original speed:

$ curl https://example.com/example.png  > /dev/null
  % Total    % Received % Xferd  Average Speed   Time    Time     Time Current
                                 Dload  Upload   Total   Spent    Left Speed
100  713k  100  713k    0     0  37640      0  0:00:19  0:00:19 --:--:-- 41086

To do

  • Make performance improvements when using HTTP
  • Experiment with threaded requests

Disclaimer

Keep in mind that the administrator of the network most likely did not want you to bypass the restriction that were set up. The restriction is probably there for a reason and you need to respect that. Using this tool may violate terms and conditions or company rules and may possibly even get you in legal trouble and/or fired from your job.

Use this only if you know that you have permission to use it by everyone involved.

Author

Adrian Vollmer, 2018

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].