wstunnel
wstunnel | standards-positions | |
---|---|---|
14 | 180 | |
3,086 | 598 | |
- | 1.0% | |
9.6 | 7.6 | |
4 days ago | 2 months ago | |
Rust | Python | |
GNU General Public License v3.0 or later | Mozilla Public License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
wstunnel
-
List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.
wstunnel - Proxies over WebSockets. Focus on proxying from behind networks that block certain protocols. Written in Rust with executables provided.
-
Russia has started indiscriminately blocking all OpenVPN/WireGuard connections
Shameless plug, there is also wstunnel (i am its author) https://github.com/erebe/wstunnel/, hope you enjoy.
- Tunnel all your traffic over WebSocket protocol
-
SSH3: SSH using HTTP/3 and QUIC
If you want to tunnel UDP (WireGuard) or TCP (SSH) over WebSocket protocol, check out https://github.com/erebe/wstunnel
-
Russia starts blocking VPN at the protocol (WireGuard, OpenVPN) level
While working in an environment where VPN connections were pretty much all blocked⁰ a friend of mine had success using https://guacamole.apache.org/ to access a remote machine¹. Not quite the same as a direct VPN connection but worth a try if nothing else functions, it looks enough like normal HTTPS traffic that he got away with it.
To keep your wireguard setup more as-is, you could try https://kirill888.github.io/notes/wireguard-via-websocket/ to tunnel that via a web server. In fact https://github.com/erebe/wstunnel which that uses could be used just as well with any other UDP based VPN.
I once tinkered with https://github.com/yarrick/iodine and successfully connected to resources over the wireless on a train, bypassing its traffic capture and sign-up requirement, so that might be an option, though I think fully blocking external DNS is more common now so this is less likely to work²³.
--
[0] practically only HTTP(S) permitted, not even SSH, DPI in use that detected just using SSH or OpenVPN over port 443
[1] NOTE: be careful breaching restrictions like this, you are at risk of an insta-sacking if discovered, or worse if operating in some securiry environments!
[2] and the latency when it does work is significant!
[3] and that much traffic over port 53 might get noticed by the heuristics of data exfiltration scanner, encouraging sysadmins to notice and implement a way to block it
- Wireguard over WebSocket Tunnel
-
Requesting Help bypassing CGNAT with Wireguard - Connecting Plex to a VPS and then to a domain.
You can try with this project, https://github.com/erebe/wstunnel.
- wstunnel - Tunneling over websocket protocol
- GoodbyeDPI: Deep Packet Inspection circumvention utility
-
Wireguard over Websockets over Cloudfare Tunnel
There are projects out there (like this) which run wireguard traffic through websocket.
standards-positions
-
Firefox Webserial Addon
You can read through the conversations to understand more of the context
https://github.com/mozilla/standards-positions/issues/100#is...
https://github.com/mozilla/standards-positions/issues/95#iss...
https://github.com/mozilla/standards-positions/issues/336
The main struggle is around giving informed consent that explains the risks. Understandably, browsers don't want to ship a "Set my printer on fire" button.
-
iOS404
You can check why Mozilla and Apple have opted to not support this.
https://github.com/mozilla/standards-positions/issues/154
https://github.com/WebKit/standards-positions/issues/28
Neither Mozilla or Webkit are satisfied that the proposal is safe by default, and contains footguns for the user that can be pretty destructive.
-
Show HN: DualShock calibration in the browser using WebHID
FWIW Mozilla updated their position on Web Serial API to "neutral" and clarified that they might be okay with enabling the API with an add-on.
https://mozilla.github.io/standards-positions/#webserial
Allowing serial but not HID would be really strange. With HID you get standard identifiers that let you filter out devices that are too dangerous for the web. With serial you get nothing. Even if you know a device is dangerous, there's no way to protect users from it.
-
Tailwind CSS v4.0.0 Alpha
Hasn't FireFox been dragging their asses on @scope? https://github.com/mozilla/standards-positions/issues/472
It took years to just convince them of the need for it. And I'm not sure anyone got convinced vs Chrome had already shipped it and Safari has it planned so they caved in.
Hard to believe FireFox used to be a leader of the modern web.
-
An HTML Switch Control
As mentioned by others, OK idea, but not a fan that this isn't standardized. After a quick search+peruse, these seem to indicate that it's not around the corner either. Happy (/hope) to be corrected.
https://github.com/whatwg/html/issues/4180
https://github.com/mozilla/standards-positions/issues/990
-
Platform issues which disadvantage Firefox compared to first-party browsers
Mozilla's position on these specs is nicely outlined publicly and transparently as part of their standards-positions project: https://github.com/mozilla/standards-positions/issues/100
I'm kinda glad it's not implemented in my browser, to be honest, because the whole thing seems like a security nightmare.
It's a shame it impacts some hobby usecases, but I don't think this outweighs the reasoning set out on the GitHub issue.
-
What Progressive Web App (PWA) Can Do Today
This should have big warnings on it. Some of these are not web standards; they are features implemented unilaterally by Google in Blink that have been explicitly rejected by both Mozilla and Apple on privacy and security grounds.
Take Web Bluetooth, for example:
Mozilla:
> This model is unsustainable and presents a significant risk to users and their devices.
— https://mozilla.github.io/standards-positions/#web-bluetooth
Apple:
> Here are some examples of features we have decided to not yet implement due to fingerprinting, security, and other concerns, and where we do not yet see a path to resolving those concerns
— https://webkit.org/tracking-prevention/
This is Microsoft’s Embrace, Extend, and Extinguish bullshit applied to the web platform by Google. Google keeps implementing these things despite all other major rendering engines rejecting them, convinces people that they are part of the web, resulting in sites like this, then people start asking why Firefox and Safari are “missing functionality”. These are not part of the web platform, they are Google APIs that have been explicitly rejected.
-
Why Are Tech Reporters Sleeping on the Biggest App Store Story?
Is BLE a PWA requirement? I think they explained their position pretty well here, regardless of whether I agree:
https://github.com/mozilla/standards-positions/issues/95#iss...
-
Reason to Use Firefox Is Sync That Works
I took a glance at Can I Use what the difference between the last public release of Firefox and Chrome is [1] and they don't really have that big of a difference in the eyes of normal use-cases? Some of these aren't implemented purely because of privacy reasons, the proposals aren't finished yet or complexity [2].
Why would Firefox need to change to Chromium engine? The only websites I notice that don't work with Firefox is because of user-agent targetting or just putting 5-second time-outs in Youtube code on non-chrome webbrowsers [3].
Can you give some examples of websites not working on Firefox?
[1] https://caniuse.com/?compare=chrome+120%2Cfirefox+121&compar...
[2] https://mozilla.github.io/standards-positions/
[3] https://www.neowin.net/news/youtube-seemingly-intentionally-...
- Mozilla's Position on CSS Scope
What are some alternatives?
docker-wireguard
webcontainer-core - Dev environments. In your web app.
udptunnel - It allows TCP/UDP/ICMP traffic over UDP tunneling. It's useful to avoid Internet restrictions.
WHATWG HTML Standard - HTML Standard
udp2raw - A Tunnel which Turns UDP Traffic into Encrypted UDP/FakeTCP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment)
wpt - Test suites for Web platform specs — including WHATWG, W3C, and others
shadowsocks-rust - A Rust port of shadowsocks
firefox-ios - Firefox for iOS
Cloak - A censorship circumvention tool to evade detection by authoritarian state adversaries
WebKit - Home of the WebKit project, the browser engine used by Safari, Mail, App Store and many other applications on macOS, iOS and Linux.
outline-apps - Outline Client and Manager, developed by Jigsaw. Outline Manager makes it easy to create your own VPN server. Outline Client lets you share access to your VPN with anyone in your network, giving them access to the free and open internet.
Fakeflix - Not the usual clone that you can find on the web.