Skip to content
/ tunelo Public
forked from mehdieidi/tunelo

Encrypt & Proxy UDP traffic (e.g. WireGuard) over a transport protocol like websocket or TCP.

License

MIT license
1 star 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

essoojay/tunelo

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

57 Commits
client
client
 
 
pkg
pkg
 
 
server
server
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

tunelo

tunelo encrypts and tunnels UDP traffic (e.g. WireGuard) over a transport protocol like websocket or TCP. Helping to use VPNs in restricted areas.

WireGuard Client Config

You can use the WireGuard Android app to apply these settings. you need to replace the PrivateKey and the PublicKey.

It needs to exclude the tunelo server IP or exclude the termux app in which the tunelo client runs on.

The Endpoint in the peer part is pointing to the tunelo client running on the phone.

[Interface]
Address = 10.8.0.2/32
DNS = 1.1.1.1
ExcludedApplications = com.termux
ListenPort = 23233
MTU = 1450
PrivateKey = 

[Peer]
AllowedIPs = 0.0.0.0/0
Endpoint = 127.0.0.1:23231
PersistentKeepalive = 25
PublicKey = D4PLMnAoDuXcgj7iTzyLs7NRptTND+z8vmxYA4Af218=

WireGuard Server Config

This is the WireGuard config you should apply in the server that the tunelo server will run.

Make sure to replace the private and public keys.

# Server
[Interface]
PrivateKey = 
Address = 10.8.0.1/24
MTU = 1450
ListenPort = 23233
SaveConfig = false
DNS = 1.1.1.1
DNS = 8.8.8.8

# Phone
[Peer]
PublicKey = r8KQuA7mtVVpHwDY6vTFmeMBcn+Y7omh6EPWroMWcD8=
AllowedIPs = 10.8.0.2/32

Configure NAT rules on Linux

This iptables command is adding a NAT rule that masquerades (changes) the source IP address of packets originating from the specified source network (10.8.0.0/24) to match the public IP address of the router/firewall when those packets are leaving the system. This is commonly used in scenarios where you have a private network behind a NAT gateway or firewall, and you want the internal devices to access the internet using the public IP address of the gateway.

After running the following command, you can install the iptables-persistent package using apt to make the rule persistent.

$ iptables -A POSTROUTING -t nat -s 10.8.0.0/24 -j MASQUERADE
...

Enable IP Forwarding on Linux

The following command is used to enable IP forwarding on a Linux system. IP forwarding is a feature that allows a Linux system to route traffic between different network interfaces or subnets.

After running the following command, you can edit the /etc/sysctl.conf and set the net.ipv4.ip_forward parameter to 1. Then run sysctl -p to make the IP forwarding persistent.

$ echo 1 > /proc/sys/net/ipv4/ip_forward
...

About

Encrypt & Proxy UDP traffic (e.g. WireGuard) over a transport protocol like websocket or TCP.

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

0 watching

Forks

1 fork
Report repository

Releases

5 tags

Packages

No packages published

Languages

  • Go 98.9%
  • Makefile 1.1%