Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/dustin-decker/grpc-firewall-bypass

initiate connections to gRPC servers that live behind a firewall (https://github.com/grpc/grpc-go/issues/484)
https://github.com/dustin-decker/grpc-firewall-bypass

firewall-punching grpc grpc-firewall-bypass

Last synced: 2 months ago
JSON representation

initiate connections to gRPC servers that live behind a firewall (https://github.com/grpc/grpc-go/issues/484)

Host: GitHub
URL: https://github.com/dustin-decker/grpc-firewall-bypass
Owner: dustin-decker
License: apache-2.0
Created: 2018-05-12T16:00:52.000Z (over 6 years ago)
Default Branch: master
Last Pushed: 2018-06-13T23:40:28.000Z (over 6 years ago)
Last Synced: 2024-06-20T14:28:00.249Z (4 months ago)
Topics: firewall-punching, grpc, grpc-firewall-bypass
Language: Go
Homepage:
Size: 10.7 KB
Stars: 62
Watchers: 3
Forks: 9
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# grpc-firewall-bypass

Example of connecting to gRPC servers that live behind a firewall.

The solution is to establish a TCP connection from the endpoint behind the firewall to a public endpoint, and then dial the gRPC server behind the firewall over that TCP connection from the publicly accessible endpoint.

### Components

#### client

The client is the TCP client and gRPC server that lives behind the firwall.

The TCP client dials the publically accessable TCP server.
Its gRPC server listens on that TCP connection.

#### server

The server is the TCP server and the gRPC client that lives on a publically accessable server.

The TCP server listens to incoming connections from the TCP clients behind the firwalls.
Once there is an established incoming TCP connection, the gRPC client dials the the gRPC server that is listening on that connection.

### Security

It is expected that you would use mutually authenticated TLS (mTLS) either on the TCP or gRPC layers.

### Run it

#### Deps

`dep ensure`

#### Build

```
go build -o bin/client client/main.go
go build -o bin/server server/main.go
```

#### Run

```
./bin/server
```

```
./bin/client
```

#### Generate API code from proto definitions

The proto go code is already generated for you, but if you make changes to the proto definition, use this to generate new code:

```
protoc -I api/ \
-I${GOPATH}/src \
--go_out=plugins=grpc:api \
api/api.proto
```