wstunnel icon indicating copy to clipboard operation
wstunnel copied to clipboard

Published 20 hours ago verified publisher icon mhzed

Nginx reverse proxy with TLS

Open alzhyganshal opened this issue 1 year ago • 0 comments

Thanks for your websocket tunnel implementation!

I've wanted to run it behind NGINX reverse proxy with TLS.

nginx config part:

location /ws_proxy/ {
            proxy_pass http://127.0.0.1:8080;
            proxy_buffering off;
            proxy_http_version 1.1;
            proxy_set_header Upgrade $http_upgrade;
            proxy_set_header Connection $connection_upgrade;
            proxy_set_header        Host            $host;
            proxy_set_header        X-Real-IP       $remote_addr;
            proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header        X-Forwarded-Proto $scheme;
#access_log off;
        }

TLS is enabled, and it's running on 443 standard HTTPS port.

wstunnel server is running like this: wstunnel server --restrict-http-upgrade-path-prefix ws_proxy ws://[::]:8080. Logs:

2023-11-12T11:34:18.437083Z  INFO wstunnel: WsServerConfig { socket_so_mark: None, bind: [::]:8080, restrict_to: None, websocket_ping_frequency: None, timeout_connect: 10s, websocket_mask_frame: false, tls: false }
2023-11-12T11:34:18.437139Z  INFO wstunnel::tunnel::server: Starting wstunnel server listening on [::]:8080

wstunnel client is running like this: wstunnel.exe client -L socks5://0.0.0.0:8888 --http-upgrade-path-prefix ws_proxy wss://myserver.com/ Logs:

2023-11-10T20:42:28.938420Z  INFO wstunnel::tls: Doing TLS handshake using sni DnsName("myserver.com") with the server myserver.com:443
2023-11-10T20:42:31.231458Z  INFO wstunnel::tcp: Opening TCP connection to myserver.com:443
2023-11-10T20:42:31.247044Z  INFO wstunnel::tcp: Opening TCP connection to myserver.com:443
2023-11-10T20:42:31.333049Z  INFO wstunnel::tls: Doing TLS handshake using sni DnsName("myserver.com") with the server myserver.com:443
2023-11-10T20:42:31.359116Z  INFO wstunnel::tls: Doing TLS handshake using sni DnsName("myserver.com") with the server myserver.com:443
2023-11-10T20:42:35.853700Z  INFO wstunnel::tcp: Opening TCP connection to myserver.com:443
2023-11-10T20:42:35.992473Z  INFO wstunnel::tls: Doing TLS handshake using sni DnsName("myserver.com") with the server myserver.com:443

There is nothing on Nginx access or error logs. Long story short it is not working behind Nginx. Am I missing something?

alzhyganshal avatar Nov 12 '23 11:11 alzhyganshal