Our great sponsors
-
openvpn-tuna
OpenVPN with ocproxy/tunsocks/VPN-to-proxy/socks2tun support, as well as AWS VPC. Ported from https://github.com/ValdikSS/openvpn-tunpipe and https://github.com/samm-git/aws-vpn-client
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
InfluxDB
Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
-
Xray-core
Xray, Penetrates Everything. Also the best v2ray-core, with XTLS support. Fully compatible configuration.
-
soks
A minimalistic SOCKS5 proxy over a network interface (like a VPN or a second physical network device)
-
pproxy
HTTP/Socks4/Socks5/Shadowsocks/ShadowsocksR/Redirect asynchronous tunnel proxy implemented in Python 3 asyncio.
-
python-proxy
HTTP/HTTP2/HTTP3/Socks4/Socks5/Shadowsocks/ShadowsocksR/SSH/Redirect/Pf TCP/UDP asynchronous tunnel proxy implemented in Python 3 asyncio.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
https://github.com/bendlas/openvpn-tuna
Otherwise you may be able to use SSH's SOCKS proxy mode if you can directly SSH, e.g. ssh -D 3128 user@host .. will listen on port 3128 as a SOCKS proxy.
Maybe https://github.com/cloudflare/boringtun or https://github.com/WireGuard/wireguard-go ?
Maybe https://github.com/cloudflare/boringtun or https://github.com/WireGuard/wireguard-go ?
https://github.com/noisysockets/noisysockets
With that, you can replace a Dialer in Go that connects sockets, effectively wrapping sockets with Wireguard. Since it does that in userspace, you get no tun/tap. This is all open-sourced by @dpeckett
With those things, he also built a userspace wireguard gateway that includes DNS resolution. https://github.com/noisysockets/gateway
https://news.ycombinator.com/user?id=dpeckett
https://github.com/noisysockets/noisysockets
With that, you can replace a Dialer in Go that connects sockets, effectively wrapping sockets with Wireguard. Since it does that in userspace, you get no tun/tap. This is all open-sourced by @dpeckett
With those things, he also built a userspace wireguard gateway that includes DNS resolution. https://github.com/noisysockets/gateway
https://news.ycombinator.com/user?id=dpeckett
Several multi-protocol proxy clients support this functionality, some notable open-source examples include:
- [sing-box](https://github.com/SagerNet/sing-box)
- [clash-meta](https://github.com/muink/Clash.Meta) and other clash-based clients
- [xray](https://github.com/xtls/xray-core)
https://github.com/dariost/soks works better for what I needed to do with wireguard. It does more or less the same thing but it reuses an existing wireguard interface. I detailed my use in this blog post https://www.nicoco.fr/blog/2023/09/10/wireguard/ (yes, shameless plug).
Neat!
If you want something like this specifically for Mullvad VPN, I've had a good experience with https://github.com/imiric/mullvad-proxy (not my project, just forked it for some updates). What I like is that it embeds the Mullvad CLI tool, so switching servers is trivial, and it's all isolated from the host machine.
Neat! This is a great replacement for my SSH tunnels when I need a different IP.
Somewhat related tool: pproxy, can, among many other things, "convert" different tunnel protocols into each other. Also features routing capabilities. I used it to turn an SSH SOCKS5 into an HTTP proxy. https://github.com/moreati/pproxy
FWIW, that fork is 6 years out of date, forked from https://github.com/qwj/python-proxy.
Related posts
- Russia starts blocking VPN at the protocol (WireGuard, OpenVPN) level
- Show HN: Tunwg – open-source E2E encrypted TLS tunnel to local servers
- How to get Mullvad working when it is blocked
- Guide: Remote Access to Jellyfin and Other Services Made Easy
- A VPN provider that offers both manual wireguard configuration and socks5 proxy service