tcpproxy
henk
tcpproxy | henk | |
---|---|---|
3 | 1 | |
1,236 | 1 | |
1.1% | - | |
3.1 | 10.0 | |
about 1 month ago | over 3 years ago | |
Go | Go | |
Apache License 2.0 | BSD Zero Clause License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
tcpproxy
-
I'm Using SNI Proxying and IPv6 to Share Port 443 Between Webapps
Neat. Kind of like a highly configurable https://github.com/inetaf/tcpproxy
> You can route raw TCP connections by using higher layer protocol matching logic like HTTP properties, SSH, TLS ClientHello info, and more, in composable routes that let you do nearly anything.
How do you foresee such a setup handle QUIC? The encrypted connection-ids, 0RTT handshakes, and roaming client-ip and server-ips make it non trivial to proxy connections transparently.
-
Roll your own Ngrok with Nginx, Letsencrypt, and SSH reverse tunnelling
Not sure if it has a name, but I've seen it called "reverse dialing": https://github.com/inetaf/tcpproxy/issues/8
-
Where and how to deploy Go API?
I run multiple services this way, behind a tcproxy, in a pair of Scaleway Stardust
henk
-
Roll your own Ngrok with Nginx, Letsencrypt, and SSH reverse tunnelling
I also built something similar once when I needed something like ngrok but wanted to use open source:
https://github.com/tweedegolf/henk
It has a very similar approach, but uses about a hundred lines of Go instead of nginx. It's based on unix sockets created by SSH reverse tunneling, whose names are used to select the desired subdomain. This makes it possible to add more reverse proxies with just an ssh command, without changing anything on the server. It's also small enough that it's easy to add custom logic such as request logging.
What are some alternatives?
caddy-oidc - OpenId Connect plugin for Caddy Server
rathole - A lightweight and high-performance reverse proxy for NAT traversal, written in Rust. An alternative to frp and ngrok.
caddy-security - 🔐 Authentication, Authorization, and Accounting (AAA) App and Plugin for Caddy v2. 💎 Implements Form-Based, Basic, Local, LDAP, OpenID Connect, OAuth 2.0 (Github, Google, Facebook, Okta, etc.), SAML Authentication. MFA/2FA with App Authenticators and Yubico. 💎 Authorization with JWT/PASETO tokens. 🔐
sish - HTTP(S)/WS(S)/TCP Tunnels to localhost using only SSH.
caddy-l4 - Layer 4 (TCP/UDP) app for Caddy
sdk-golang - Ziti SDK for Golang
frp - A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
website - The Caddy website