ntunnel ======= The ntunnel program is designed to tunnel Unix domain sockets over TCP, using the [Noise Protocol](https://noiseprotocol.org/). The goal is to be secure and simple to use and setup. Due to the flexibility, it can forward any standard stream socket to another stream socket, including TCP sockets. Example ------- Generate the keys: ``` python ntunnel.py genkey serverkey python ntunnel.py genkey clientkey ``` Create the target for the pass through: ``` nc -lU finalsock ``` Start the server and client: ``` python ntunnel.py server serverkey unix:$(pwd)/servsock unix:$(pwd)/finalsock python ntunnel.py client clientkey serverkey.pub unix:$(pwd)/clientsock unix:$(pwd)/servsock ``` Attach to the client: ``` nc -U clientsock ``` Now when you type text into either of the nc windows, you should see the same text come out the other side. Running Tests ------------- Currently ntunnel requires Python 3.7 or later. If the default virtualenv is not 3.7 or later, you can set the VIRTUALENV variable to specify which one to use, such as: `make env VIRTUALENV=virtualenv-3.7` If you want to use an alternate version of python, you can specify VIRTUALENVARGS, such as: `make env VIRTUALENV=virtualenv-3.7 VIRTUALENVARGS="-p $(which pypy3)"` Note that I have not been able to test this w/ pypy3, as when compiling the cryptography libraries, it would pick the wrong ones, despite setting CFLAGS and LDFLAGS. Known Issues ------------ - Code coverage appears to be worse than it is. When launching the subprocesses, their coverage does not get measured. Patches to fix this would be greatly appreciated. - Possible memory leak for each connection Error message is: Task exception was never retrieved See the commented out assertion at the end of test_clientkeymismatch TODO/Future Features -------------------- - DoS protection. Limiting number of connections. Limit resource consumption by opening connection and starting negotiation but not completing it, etc. - Select forwarding destination based upon client key.