chisel
chisel copied to clipboard
jpillora
UDP
Hello sir UDP version for chisel is possible please that would be nice as it would be faster connection
web-sockets is inherently a TCP protocol and this application is tunneling all traffic through it. I can see a couple of options.
- Tunnel traffic through web-socket (TCP) and output via binary UDP
- Use web-socket as control channel to establish a second UDP transport pipe.
I would like to see option 1 natively supported in chisel.
ie allow the client to do something like:
-
U:53(forward UDP port 53 from client to server) -
U:R:53(reverse forward UDP port 53 from server to client) -
U:5060:sip.example.com:5060(forward UDP received on client port 5060 to sip.example.com:5060)
I don't know if the "U:" makes sense like this, but something to mark the remote as a UDP remote would be good.
Hmm, I just came across https://github.com/erebe/wstunnel which also tunnels over websockets. For that, there's a -u or --udp option. That might be a clear way to separate TCP vs UDP handling. Then, if UDP is needed, separate server and client instances would be needed to handle the UDP traffic.
Or maybe only the client would need to do strictly TCP or UDP because it specifies the ports to forward.
Would supporting UDP also require a protocol change between the client and server?
hmm there is a problem with Erebe/wstunnel I did try that i got thread blocked indefinitely in an MVar operation.And other issue is the timeout Client doesn't try to connect to server when there is a timeout So i'm unable to use their Wstunnel.Thank you for your message sir
Chisel fits what I need to do better than erebe/wstunnel so I haven't even tried it.
I was suggesting that, once chisel gets this feature, maybe chisel could have a similar interface to the one advertised by erebe/wstunnel. And of course, I hope chisel does not hang as you say erebe/wstunnel does. /shrug
Thank you sir .Waiting for the update hope it happens soon . "U:" makes sense on Client side which is clear that its UDP instead of TCP default is TCP when -U its UDP Thanks again for the software
+1 I also need Socks5 UDP ASSOCIATE method and UDP port fowrarding via web sockets with back UDP stream support in chisel.
Hey guys, I've implemented preliminary UDP support. Could you please test https://github.com/jpillora/chisel/releases/tag/v1.7.0-rc5
It's currently undocumented on the main README during this testing phase. I had a fairly long think about the API, I considered U: however I ended up going with the common <host>:<port>/<protocol> pattern. This has 2 benefits:
- It's possible (though not currently supported) to tunnel cross-protocol UDP->TCP, TCP->UDP
- It's extensible, so in future, we could add more protocols, beyond TCP and UDP
To use it, download the new binary
curl https://i.jpillora.com/[email protected]! | bash
and then, for example, tunnel UDP iperf:
# linux server tab 1
$ chisel server -p 51080 -v
# linux server tab 2
$ iperf -s -u -p 4444
# macbook tab 1
$ chisel client -v <server-ip>:51080 3333:4444/udp
# macbook tab 2
$ iperf -c localhost -u -p 3333 -b 100m
You can get iperf from homebrew/apt. Over my home wifi, iperf is showing speeds up to 394 Mbits/sec
Thanks a lot!
I've built it from source and used it as a wireguard proxy - it works just fine!
# wg server:
$ ./chisel server -p 51080 -v
# wg client:
$ ./chisel client -v vpn.example.com:51080 3333:51820/udp
# put 127.0.0.1:3333 as a Endpoint in [Peer] section & restart wireguard
Is it possible to listen on TCP and UDP on the same port?
For example:
./chisel client website.com:80 1000:127.0.0.1:2080 1000:127.0.0.1:2080/udp
Should be but haven’t tested
On Mon, 3 Aug 2020 at 6:49 pm Josh [email protected] wrote:
Is it possible to listen on TCP and UDP on the same port?
For example:
./chisel client website.com:80 1000:127.0.0.1:2080 1000:127.0.0.1:2080/udp
— You are receiving this because you commented.
Reply to this email directly, view it on GitHub https://github.com/jpillora/chisel/issues/158#issuecomment-667895765, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAE2X4ZG727M5DIS4VFYE5LR6Z2YHANCNFSM4MYDJEUA .
I was curious, how does it work? is it QUIC protocol or is it tcp/udp conversion?
hi @rrozestw can you detailed you setup as while i m doing the same with wg server on ubuntu and my wg windows client , the handshake is not happening what am i doing wrong?
Thanks a lot!
I've built it from source and used it as a wireguard proxy - it works just fine!
# wg server: $ ./chisel server -p 51080 -v # wg client: $ ./chisel client -v vpn.example.com:51080 3333:51820/udp # put 127.0.0.1:3333 as a Endpoint in [Peer] section & restart wireguard
Hey - I'll try to dig out some sample on Monday.
I suggest that you debug it step by step - e.g. is the wireguard working, try using linux client, check if the udp chisel tunnel working by using some other tool - like socat.
First step is critical, as wg should be working first with an existing external endpoint - make sure it connects. Only then attempt to replace Endpoint with the one provided by chisel.
In other words, I suggest investigating if the problem is with wireguard or udp tunnel first.
Regards!
Hey just to compliemnt @rrozestw and @rafal-rozestwinski, I stumbled on chisel looking for wireguard over TLS / TCP solutions, and it worked really well first go.
One troubleshooting step, use netcat to send single UDP packets over the tunnel.
e.g. in @rrozestw example nc -u 127.0.0.1:3333
if the chisel tunnel is established, this will translate to a UDP packet on port 51820 INPUT on the destination server. In a tcpdump on server:
tcpdump -nni any port 51820
18:27:07.299173 IP 127.0.0.1.46399 > 127.0.0.1.51820: UDP, length 4
Hope that helps.
