{"id":20388384,"url":"https://github.com/nickjfree/goose","last_synced_at":"2025-04-12T10:40:33.511Z","repository":{"id":37474546,"uuid":"375960631","full_name":"nickjfree/goose","owner":"nickjfree","description":"very tunnel","archived":false,"fork":false,"pushed_at":"2025-02-26T14:23:29.000Z","size":347807,"stargazers_count":30,"open_issues_count":1,"forks_count":6,"subscribers_count":8,"default_branch":"master","last_synced_at":"2025-03-26T05:33:12.681Z","etag":null,"topics":["decentralized","edge-network","iot","libp2p","mesh-networks","p2p-network","proxy","quic","tunnel"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/nickjfree.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2021-06-11T08:42:44.000Z","updated_at":"2025-02-26T14:23:32.000Z","dependencies_parsed_at":"2024-02-28T14:49:44.882Z","dependency_job_id":"6284d11f-15cf-4def-97fd-bb96f1a87b13","html_url":"https://github.com/nickjfree/goose","commit_stats":{"total_commits":220,"total_committers":7,"mean_commits":"31.428571428571427","dds":0.4636363636363636,"last_synced_commit":"0fcba80b5cb723c53289c20be0d4e7799c15c073"},"previous_names":[],"tags_count":14,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjfree%2Fgoose","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjfree%2Fgoose/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjfree%2Fgoose/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/nickjfree%2Fgoose/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/nickjfree","download_url":"https://codeload.github.com/nickjfree/goose/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248556573,"owners_count":21124141,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["decentralized","edge-network","iot","libp2p","mesh-networks","p2p-network","proxy","quic","tunnel"],"created_at":"2024-11-15T03:09:34.601Z","updated_at":"2025-04-12T10:40:33.486Z","avatar_url":"https://github.com/nickjfree.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"\r\n\u003ch2 align=\"center\"\u003e\r\n# Decentralized Tunnel Network - Goose\r\n\r\n[![Build](https://github.com/nickjfree/goose/actions/workflows/build.yml/badge.svg)](https://github.com/nickjfree/goose/actions/workflows/build.yml/badge.svg)\r\n[![Go Report Card](https://goreportcard.com/badge/github.com/nickjfree/goose)](https://goreportcard.com/report/github.com/nickjfree/goose)\r\n\r\n\u003c/h2\u003e\r\n\r\n\r\n\r\n## Features\r\n\r\n- **Config-Free Node Discovery**: Eliminates the need for manual configuration by automatically discovering peers in the network. It uses the libp2p network and is bootstrapped via the IPFS network, making the setup hassle-free.\r\n\r\n- **Protocol Support**: Offers flexibility by supporting multiple protocols, including QUIC and WireGuard. This allows users to choose the protocol that best suits their needs.\r\n\r\n- **Virtual Private Network**: Creates a virtual network interface named `goose`, enabling secure and private communication channels over the internet.\r\n\r\n- **Fake-IP**:  Utilizes the `fake-ip` method to selectively route traffic either through the secure tunnel interface or directly to the real network interface. This feature allows for more granular control over traffic routing. Users can write custom scripts to handle the selection of routing, making it highly customizable.\r\n\r\n\r\n## Usage [🤖](https://chat.openai.com/g/g-CMQzJ1mTq-goose-grid-commander)\r\n\r\nRun the following command to see the available options:\r\n\r\n```bash\r\ngoose -h\r\nUsage of goose:\r\n  -e string\r\n\r\n        comma separated remote endpoints.\r\n        eg. ipfs/QmVCVa7RfutQDjvUYTejMyVLMMF5xYAM1mEddDVwMmdLf4,ipfs/QmYXWTQ1jTZ3ZEXssCyBHMh4H4HqLPez5dhpqkZbSJjh7r\r\n\r\n  -f string\r\n        forward networks, comma separated CIDRs\r\n  -g string\r\n        geoip db file\r\n  -l string\r\n\r\n        virtual ip address to use in CIDR format.\r\n        local ipv4 address to set on the tunnel interface.\r\n         (default \"192.168.32.166/24\")\r\n  -n string\r\n        namespace\r\n  -name string\r\n        domain name to use, namespace must be set\r\n  -p string\r\n        fake ip range\r\n  -r string\r\n        rule script\r\n  -wg string\r\n        wireguard config file\r\n```\r\n\r\n\r\n## Examples\r\n\r\n### Simple Connection\r\n\r\n1. On Computer A, run:\r\n\r\n```bash\r\n    goose -n my-network -name a\r\n```\r\n\r\n2. On Computer B, run:\r\n\r\n```bash\r\n    goose -n my-network -name b\r\n```\r\n\r\n3. After a few minutes, they will connect. You can ping B from A using:\r\n\r\n```bash\r\nping a.my-network\r\n\r\n64 bytes from a.goose.my-network(192.168.0.4): icmp_seq=1 ttl=63 time=188 ms\r\n64 bytes from a.goose.my-network(192.168.0.4): icmp_seq=2 ttl=63 time=206 ms\r\n64 bytes from a.goose.my-network(192.168.0.4): icmp_seq=3 ttl=63 time=748 ms\r\n64 bytes from a.goose.my-network(192.168.0.4): icmp_seq=4 ttl=63 time=562 ms\r\n```\r\n\r\n### Network Forwarding\r\n\r\n1. Assume Computer A is connected to a private network `10.1.1.0/24`.\r\n\r\n2. On Computer A, run:\r\n\r\n```bash\r\n    goose -n my-network -name a -f 10.1.1.0/24\r\n```\r\n\r\n3. On Computer B, run:\r\n\r\n```bash\r\n    goose -n my-network -name b\r\n```\r\n\r\n4. Now you can access any host in `10.1.1.0/24` from Computer B using:\r\n\r\n```bash\r\nping 10.1.1.1\r\n\r\n64 bytes from 10.1.1.1: icmp_seq=1 ttl=63 time=188 ms\r\n64 bytes from 10.1.1.1: icmp_seq=2 ttl=63 time=206 ms\r\n64 bytes from 10.1.1.1: icmp_seq=3 ttl=63 time=748 ms\r\n64 bytes from 10.1.1.1: icmp_seq=4 ttl=63 time=562 ms\r\n```\r\n\r\n### Fake-IP Example\r\n\r\n1. On Computer A, run:\r\n\r\n```bash\r\n    goose -n my-network -name a -f 0.0.0.0/0\r\n```\r\n\r\n2. On Computer B:\r\n\r\n####  Custom Script for Routing (Optional)\r\n\r\nUse `rule.js` to define custom routing rules.\r\n\r\nThe custom script must define a `matchDomain(domain)` function. Any traffic that matches the criteria set in this function will bypass the tunnel and be routed directly to the real network interface.\r\n\r\nThe scripts should be written in ES5\r\n\r\nHere's an example:\r\n\r\n```javascript\r\n// rule.js\r\nvar filters = ['baidu', 'shifen', 'csdn', 'qq', 'libp2p'];\r\nvar filterRegions = ['CN'];\r\n\r\nfunction isIPv4(str) {\r\n  var ipv4Regex = /^(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)\\.(25[0-5]|2[0-4][0-9]|[01]?[0-9][0-9]?)$/;\r\n  return ipv4Regex.test(str);\r\n}\r\n\r\n// Define the main function to match a domain\r\nfunction matchDomain(domain) {\r\n  if (isIPv4(domain)) {\r\n    var country = getCountry(domain); \r\n    return filterRegions.indexOf(country) !== -1\r\n  }\r\n  else if (filters.some(function(name) {\r\n    return domain.indexOf(name) !== -1;\r\n  })) {\r\n    return true;\r\n  }\r\n  return false;\r\n}\r\n```\r\nRun the following command to apply the custom rules:\r\n\r\n```bash\r\ngoose -n my-network -name b -g geoip-country.mmdb -r rule.js -p 11.0.0.0/16\r\n```\r\n\r\nExplanation: This command applies the custom routing rules defined in rule.js and sets up a fake-ip range of 11.0.0.0/16.\r\n\r\n\r\nTesting\r\n\r\n```bash\r\nping www.google.com\r\n\r\nPING www.google.com (11.0.0.133) 56(84) bytes of data.\r\n64 bytes from 10.0.0.133 (10.0.0.133): icmp_seq=1 ttl=59 time=188 ms\r\n64 bytes from 10.0.0.133 (10.0.0.133): icmp_seq=2 ttl=59 time=189 ms\r\n64 bytes from 10.0.0.133 (10.0.0.133): icmp_seq=3 ttl=59 time=188 ms\r\n64 bytes from 10.0.0.133 (10.0.0.133): icmp_seq=4 ttl=59 time=188 ms\r\n\r\nping www.baidu.com\r\n\r\nPING www.wshifen.com (104.193.88.123) 56(84) bytes of data.\r\n64 bytes from 104.193.88.123 (104.193.88.123): icmp_seq=1 ttl=50 time=150 ms\r\n64 bytes from 104.193.88.123 (104.193.88.123): icmp_seq=2 ttl=50 time=149 ms\r\n64 bytes from 104.193.88.123 (104.193.88.123): icmp_seq=3 ttl=50 time=149 ms\r\n```\r\n\r\n### WireGuard Example\r\n\r\nWireGuard is a modern, secure, and fast VPN tunnel that aims to be easy to use and lean.\r\n\r\n#### Example WireGuard Config File\r\n\r\nBelow is an example of a WireGuard configuration file that can be used with Goose:\r\n\r\n```bash\r\n[Interface]\r\nPrivateKey = mIz7fpuVMc4p1S3e3D4sifkq1fGtgzRJs/kgcuYARWE=\r\nListenPort = 51820\r\n\r\n[Peer]  \r\nPublicKey = CdjruGQqzRC5zUUQEPNjXRPlbmj5t/C0VzF+g93wGkM=\r\nAllowedIPs = 10.0.0.1/32\r\nPersistentKeepalive = 25\r\n\r\nPublicKey = x0BPthZpWvmt+KagQgX1zdCQtAHi1Rv6PhcHkOb1cjA=\r\nAllowedIPs = 10.0.0.2/32\r\nPersistentKeepalive = 25\r\n\r\nPublicKey = CNx+uklxUet6JQASvh315s1zKqsXh8n1sm3PYUNgeiU=\r\nAllowedIPs = 10.0.0.3/32\r\nPersistentKeepalive = 25\r\n```\r\n\r\n#### Running the WireGuard Command\r\n\r\nTo integrate WireGuard with Goose, run the following command:\r\n\r\n```bash\r\ngoose -n my-network -name a -wg /etc/wg.conf\r\n```\r\n\r\nThis command does the following:\r\n\r\n- `-n my-network`: Specifies the virtual network name as `my-network`.\r\n- `-name a`: Sets the node name to `a`.\r\n- `-wg /etc/wg.conf`: Points to the WireGuard configuration file located at `/etc/wg.conf`.\r\n\r\n#### Connecting to the Virtual Network\r\n\r\nAfter running this command, you can connect to the virtual `my-network` using any WireGuard client implementation.\r\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnickjfree%2Fgoose","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnickjfree%2Fgoose","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnickjfree%2Fgoose/lists"}