https://github.com/koho/nat1
Expose your local service to Internet in NAT1 network.
https://github.com/koho/nat1
Last synced: about 1 month ago
JSON representation
Expose your local service to Internet in NAT1 network.
- Host: GitHub
- URL: https://github.com/koho/nat1
- Owner: koho
- License: mit
- Created: 2023-08-06T08:48:35.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2025-11-28T13:04:42.000Z (7 months ago)
- Last Synced: 2025-12-17T09:12:34.359Z (7 months ago)
- Language: Go
- Homepage:
- Size: 73.2 KB
- Stars: 1
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# nat1
Expose your local service to Internet in NAT1 network.
* Maintain the mapped address automatically.
* Bind the mapped address to SVCB record.
* Support both TCP and UDP.
## Single mapping
Install the command line tool:
```shell
go install github.com/koho/nat1/cmd/nat1@latest
```
### Zero config
A NAT entry is automatically created on gateway.
Note: The gateway needs to have UPnP enabled.
```shell
# export local port 3389
nat1 tcp 3389
```
### Manual config
Create a public address mapping only. You need to manually configure the local address mapping on gateway (See [Port forwarding](#port-forwarding)).
```shell
# random local port
nat1 tcp
# fixed local port
nat1 tcp -l :5000
```
## Multiple mappings
Bind the mapped address to DNS SVCB record. Currently only `dnspod` is supported.
Install the command line tool:
```shell
go install github.com/koho/nat1/cmd/nat1s@latest
```
An example config file:
```json
{
"dns": "xxx.dnspod.net:53",
"dnspod": {
"secret_id": "",
"secret_key": ""
},
"service": [
{
"domain": "svc1.example.com",
"local": "0.0.0.0:50000",
"alpn": ["wg"],
"network": "udp"
},
{
"domain": "svc2.example.com",
"local": "0.0.0.0:50001",
"alpn": ["h2"],
"hint": true,
"network": "tcp"
}
]
}
```
Run the service with the following command:
```shell
nat1s config.json
```
### Port forwarding
For each service, add corresponding forwarding rules to the router.
```shell
sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 50001 -j DNAT --to-destination 192.168.1.55:443
```
### Lookup domain
Your can find your mapped address using `dig` or https://www.nslookup.io/svcb-lookup/.