mirrors/wireproxy
1
0
Fork 0
mirror of https://github.com/whyvl/wireproxy.git synced 2025-04-29 19:01:42 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions
Wireguard client that exposes itself as a socks5 proxy
84 commits 4 branches 12 tags 446 KiB
Find a file
Jordan Webb 35071b55fc Redo Dockerfile 
- Build the currently checked-out code, instead of cloning the repo
inside the Dockerfile. This makes it much easier to build a container
for a particular branch or commit; people working on personal forks
will be able to build containers for their forks without modifying the
Dockerfile.

- Switch from Alpine to distroless; I couldn't actually get the current
version of the Dockerfile to build, it kept dying with some error about
gvisor. Aside from building with no trouble, the new Dockerfile reduces
the size of the image from 23MB to 9MB.

- Move Dockerfile into the root; this is a matter of taste, but allows
one to simply `docker build` the directory instead of having to also
specify the path to the Dockerfile. As part of this, I removed the
`config` and `Makefile` from the `docker` directory, since they seemed
specific to someone's setup and incomplete without that context.
2022-08-20 09:55:55 -05:00
.github update go version to 1.18 2022-05-20 12:25:48 +01:00
cmd/wireproxy resolve host for every new connection in static tunnels 2022-04-04 20:45:28 +01:00
.dockerignore Redo Dockerfile 2022-08-20 09:55:55 -05:00
.gitignore update go version to 1.18 2022-05-20 12:25:48 +01:00
config.go update go version to 1.18 2022-05-20 12:25:48 +01:00
Dockerfile Redo Dockerfile 2022-08-20 09:55:55 -05:00
go.mod update go version to 1.18 2022-05-20 12:25:48 +01:00
go.sum update go version to 1.18 2022-05-20 12:25:48 +01:00
LICENSE add license 2022-03-11 12:31:44 +00:00
net.go update go version to 1.18 2022-05-20 12:25:48 +01:00
README.md Update README.md 2022-04-01 01:07:50 +01:00
routine.go update go version to 1.18 2022-05-20 12:25:48 +01:00
wireguard.go update go version to 1.18 2022-05-20 12:25:48 +01:00

README.md

wireproxy

ISC licensed Build status Documentation

A wireguard client that exposes itself as a socks5 proxy or tunnels.

What is this

wireproxy is a completely userspace application that connects to a wireguard peer, and exposes a socks5 proxy or tunnels on the machine. This can be useful if you need to connect to certain sites via a wireguard peer, but can't be bothered to setup a new network interface for whatever reasons.

Why you might want this

  • You simply want to use wireguard as a way to proxy some traffic.
  • You don't want root permission just to change wireguard settings.

Currently, I'm running wireproxy connected to a wireguard server in another country, and configured my browser to use wireproxy for certain sites. It's pretty useful since wireproxy is completely isolated from my network interfaces, and I don't need root to configure anything.

Feature

  • TCP static routing for client and server
  • SOCKS5 proxy (currently only CONNECT is supported)

TODO

  • UDP Support in SOCKS5
  • UDP static routing

Usage

./wireproxy -c [path to config]

usage: wireproxy [-h|--help] -c|--config "<value>" [-d|--daemon]
                 [-n|--configtest]

                 Userspace wireguard client for proxying

Arguments:

  -h  --help        Print help information
  -c  --config      Path of configuration file
  -d  --daemon      Make wireproxy run in background
  -n  --configtest  Configtest mode. Only check the configuration file for
                    validity.

Build instruction

git clone https://github.com/octeep/wireproxy
cd wireproxy
go build ./cmd/wireproxy

Sample config file

# The [Interface] and [Peer] configurations follow the same semantics and meaning
# of a wg-quick configuration. To understand what these fields mean, please refer to:
# https://wiki.archlinux.org/title/WireGuard#Persistent_configuration
# https://www.wireguard.com/#simple-network-interface
[Interface]
Address = 10.200.200.2/32 # The subnet should be /32 and /128 for IPv4 and v6 respectively
# MTU = 1420 (optional)
PrivateKey = uCTIK+56CPyCvwJxmU5dBfuyJvPuSXAq1FzHdnIxe1Q=
DNS = 10.200.200.1

[Peer]
PublicKey = QP+A67Z2UBrMgvNIdHv8gPel5URWNLS4B3ZQ2hQIZlg=
# PresharedKey = UItQuvLsyh50ucXHfjF0bbR4IIpVBd74lwKc8uIPXXs= (optional)
Endpoint = my.ddns.example.com:51820
# PersistentKeepalive = 25 (optional)

# TCPClientTunnel is a tunnel listening on your machine,
# and it forwards any TCP traffic received to the specified target via wireguard.
# Flow:
# <an app on your LAN> --> localhost:25565 --(wireguard)--> play.cubecraft.net:25565
[TCPClientTunnel]
BindAddress = 127.0.0.1:25565
Target = play.cubecraft.net:25565

# TCPServerTunnel is a tunnel listening on wireguard,
# and it forwards any TCP traffic received to the specified target via local network.
# Flow:
# <an app on your wireguard network> --(wireguard)--> 172.16.31.2:3422 --> localhost:25545
[TCPServerTunnel]
ListenPort = 3422
Target = localhost:25545

# Socks5 creates a socks5 proxy on your LAN, and all traffic would be routed via wireguard.
[Socks5]
BindAddress = 127.0.0.1:25344

# Socks5 authentication parameters, specifying username and password enables
# proxy authentication.
#Username = ...
# Avoid using spaces in the password field
#Password = ...

Alternatively, if you already have a wireguard config, you can import it in the wireproxy config file like this:

WGConfig = <path to the wireguard config>

# Same semantics as above
[TCPClientTunnel]
...

[TCPServerTunnel]
...

[Socks5]
...

Donation

Stargazers over time

Stargazers over time