Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/julienschmidt/quictun

Hidden Tunneling using the QUIC Protocol
https://github.com/julienschmidt/quictun

proxy quic socks5 tunnel tunneling vpn

Last synced: 15 days ago
JSON representation

Hidden Tunneling using the QUIC Protocol

Host: GitHub
URL: https://github.com/julienschmidt/quictun
Owner: julienschmidt
License: mit
Created: 2017-12-10T18:05:54.000Z (almost 7 years ago)
Default Branch: master
Last Pushed: 2018-03-26T04:29:35.000Z (over 6 years ago)
Last Synced: 2024-06-20T03:54:09.735Z (5 months ago)
Topics: proxy, quic, socks5, tunnel, tunneling, vpn
Language: Go
Homepage:
Size: 51.8 KB
Stars: 49
Watchers: 6
Forks: 3
Open Issues: 3
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# quictun [![GoDoc](https://godoc.org/github.com/julienschmidt/quictun?status.svg)](http://godoc.org/github.com/julienschmidt/quictun)

quictun is a simple hidden tunnel based on the QUIC protocol.

This repository contains a proof-of-concept implementation of [quictun](https://github.com/julienschmidt/quictun-thesis).
Its purpose is to demonstrate that quictun clients and servers can be implemented with minimal effort on top of an existing QUIC and HTTP/2 over QUIC implementation.
The implementation uses the [quic-go](https://github.com/lucas-clemente/quic-go) QUIC implementation as a basis.

Note that while quictun is meant to be implemented on top of [IETF QUIC](https://datatracker.ietf.org/wg/quic/about/), this proof-of-concept implementation uses Google QUIC instead, as at the time of development no usable implementation of the (still work-in-progress) IETF version exists. Due to the limitations of the underlying QUIC implementation, this quictun implementation is neither meant for production usage, nor for performance evaluation of the approach.

## Overview

`h2quic` is a fork of [github.com/lucas-clemente/quic-go/h2quic](https://github.com/lucas-clemente/quic-go/tree/master/h2quic). It adds the upgrade mechanism to the HTTP/2 over QUIC (h2quic) implementation. The fork can be used as a drop-in replacement for the upstream package to add support for quictun.

`cmd/quictun_client` contains a very minimal client example. Actual clients MUST take care to be indistinguishable from an legitimate HTTP/2 over QUIC client, which a censor is unwilling to block, at the wire level. This could be achieved e.g. by reusing the net stack of a QUIC-capable web browser.

`cmd/quictun_server` likewise contains a minimal server example. Note that this example server is easily fingerprintable and thus blockable.

## Installation

```sh
go get -u github.com/julienschmidt/quictun
```

## Usage

Clients should use the [`quictun.Client` struct](https://godoc.org/github.com/julienschmidt/quictun#Client). An example client can be found in `cmd/quictun_client`.

Servers should either use the [`quictun.Server` struct](https://godoc.org/github.com/julienschmidt/quictun#Server) directly and manually implement the upgrade mechanism in the web server, or use the [`h2quic`](https://godoc.org/github.com/julienschmidt/quictun/h2quic) sub-package.

A valid certificate is required to operate a server, which can e.g. be acquired from [Let's Encrypt](https://letsencrypt.org/). For testing purposes, the client may be insecurely configured to allow any, possible invalid, certificate instead. The example client provides a `-invalidCerts` flag for that purpose.