jmg
/
ntunnel
1
0
Fork 0
Code Issues 0 Pull Requests 0 Releases 1 Wiki Activity
An stunnel like program that utilizes the Noise protocol.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
32 Commits
2 Branches
375 KiB
 
 
Tree: a78291b2a3
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'a78291b2a3'
${ noResults }
 ZIP  TAR.GZ
John-Mark Gurney a78291b2a3 include the program used to generate the handshake message lengths 5 years ago
.gitignore first code that implements a simple echo server for noise in twisted 5 years ago
LICENSE.txt add license text.. 5 years ago
Makefile don't need twisted as moving to asyncio... allow the python binary to be set to 5 years ago
NOTES.md first code that implements a simple echo server for noise in twisted 5 years ago
README.md note that ntunnel uses 3.7, there are some asyncio features that 5 years ago
makemessagelengths.py include the program used to generate the handshake message lengths 5 years ago
ntunnel.py This should make things work now! both client and server can be run... 5 years ago
requirements.txt move the function locally since it looks like this is the way forward.. 5 years ago
twistednoise.py last bit of work on the twisted version before I stopped... 5 years ago

README.md

ntunnel

The ntunnel program is designed to tunnel Unix domain sockets over TCP, using the Noise Protocol. The goal is to be secure and simple to use and setup. Due to the flexibility, it can forward any standard stream socket to another stream socket, including TCP sockets.

Example

Generate the keys:

python ntunnel.py genkey serverkey
python ntunnel.py genkey clientkey

Create the target for the pass through:

nc -lU finalsock

Start the server and client:

python ntunnel.py server serverkey unix:$(pwd)/servsock unix:$(pwd)/finalsock
python ntunnel.py client clientkey serverkey.pub unix:$(pwd)/clientsock unix:$(pwd)/servsock

Attach to the client:

nc -U clientsock

Now when you type text into either of the nc windows, you should see the same text come out the other side.

Running Tests

Currently ntunnel requires Python 3.7 or later. If the default virtualenv is not 3.7 or later, you can set the VIRTUALENV variable to specify which one to use, such as: make env VIRTUALENV=virtualenv-3.7

If you want to use an alternate version of python, you can specify VIRTUALENVARGS, such as: make env VIRTUALENV=virtualenv-3.7 VIRTUALENVARGS="-p $(which pypy3)"

Note that I have not tested this w/ pypy3, as when compiling the cryptography libraries, it would pick the wrong ones, despite setting CFLAGS and LDFLAGS. It is likely I could make this work, but do not know how to.

Known Issues

  • Server does not verify client public key.

TODO/Future Features

  • DoS protection. Limiting number of connections. Limit resource consumption by opening connection and starting negotiation but not completing it, etc.
  • Support more than one client key.
  • Select forwarding destination based upon client key.