purgatory/pingtunnel
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

delete

Browse Source
This commit is contained in:
esrrhs 2022-10-06 21:56:15 +08:00
parent 8d63ad5334
commit 7970b38a68
13 changed files with 0 additions and 485 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
.gitignore vendored
View File

@ -1,12 +0,0 @@
# Binaries for programs and plugins
*.exe
*.exe~
*.dll
*.so
*.dylib
# Test binary, build with `go test -c`
*.test
# Output of the go coverage tool, specifically when used with LiteIDE
*.out

10
Dockerfile
View File

@ -1,10 +0,0 @@
FROM golang AS build-env
RUN GO111MODULE=off go get -u github.com/esrrhs/pingtunnel
RUN GO111MODULE=off go get -u github.com/esrrhs/pingtunnel/...
RUN GO111MODULE=off go install github.com/esrrhs/pingtunnel
FROM debian
COPY --from=build-env /go/bin/pingtunnel .
COPY GeoLite2-Country.mmdb .
WORKDIR ./

BIN
GeoLite2-Country.mmdb
View File

Binary file not shown.

21
LICENSE
View File

@ -1,21 +0,0 @@
MIT License
Copyright (c) 2018 zhao xin
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:
The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

73
README.md
View File

@ -1,73 +0,0 @@
# Pingtunnel
[<img src="https://img.shields.io/github/license/esrrhs/pingtunnel">](https://github.com/esrrhs/pingtunnel)
[<img src="https://img.shields.io/github/languages/top/esrrhs/pingtunnel">](https://github.com/esrrhs/pingtunnel)
[![Go Report Card](https://goreportcard.com/badge/github.com/esrrhs/pingtunnel)](https://goreportcard.com/report/github.com/esrrhs/pingtunnel)
[<img src="https://img.shields.io/github/v/release/esrrhs/pingtunnel">](https://github.com/esrrhs/pingtunnel/releases)
[<img src="https://img.shields.io/github/workflow/status/esrrhs/pingtunnel/Go">](https://github.com/esrrhs/pingtunnel/actions)
Pingtunnel is a tool that send TCP/UDP traffic over ICMP.
## Note: This tool is only to be used for study and research, do not use it for illegal purposes
![image](network.jpg)
## Usage
### Install server
- First prepare a server with a public IP, such as EC2 on AWS, assuming the domain name or public IP is www.yourserver.com
- Download the corresponding installation package from [releases](https://github.com/esrrhs/pingtunnel/releases), such as pingtunnel_linux64.zip, then decompress and execute with **root** privileges
```
sudo wget (link of latest release)
sudo unzip pingtunnel_linux64.zip
sudo ./pingtunnel -type server
```
- (Optional) Disable system default ping
```
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
```
### Install the client
- Download the corresponding installation package from [releases](https://github.com/esrrhs/pingtunnel/releases), such as pingtunnel_windows64.zip, and decompress it
- Then run with **administrator** privileges. The commands corresponding to different forwarding functions are as follows.
- If you see a log of ping pong, the connection is normal
#### Forward sock5
```
pingtunnel.exe -type client -l: 4455 -s www.yourserver.com -sock5 1
```
#### Forward tcp
```
pingtunnel.exe -type client -l: 4455 -s www.yourserver.com -t www.yourserver.com:4455 -tcp 1
```
#### Forward udp
```
pingtunnel.exe -type client -l: 4455 -s www.yourserver.com -t www.yourserver.com:4455
```
### Use Docker
It can also be started directly with docker, which is more convenient. Same parameters as above
- server:
```
docker run --name pingtunnel-server -d --privileged --network host --restart=always esrrhs/pingtunnel ./pingtunnel -type server -key 123456
```
- client:
```
docker run --name pingtunnel-client -d --restart=always -p 1080: 1080 esrrhs/pingtunnel ./pingtunnel -type client -l: 1080 -s www.yourserver.com -sock5 1 -key 123456
```
## Thanks for free JetBrains Open Source license
<img src="https://resources.jetbrains.com/storage/products/company/brand/logos/GoLand.png" height="200"/></a>

1
_config.yml
View File

@ -1 +0,0 @@
theme: jekyll-theme-cayman

2
docker-compose/.env
View File

@ -1,2 +0,0 @@
KEY=123456
SERVER=www.yourserver.com

16
docker-compose/Readme.md
View File

@ -1,16 +0,0 @@
Deploy with docker-compose
===========================
**First** edit `.env` file in this directory to your appropriate value.
**Then** run stack with these commands:
- in the server
```
docker-compose -f server.yml up -d
```
- in client machine
```
docker-compose -f client.yml up -d
```
**Now** use socks5 proxy at port `1080` of your client machine

9
docker-compose/client.yml
View File

@ -1,9 +0,0 @@
version: "3.7"
services:
pingtunnelServer:
image: esrrhs/pingtunnel:latest
restart: always
ports:
- 1080:1080
command: "./pingtunnel -type client -l 0.0.0.0:1080 -s ${SERVER} -sock5 1 -key ${KEY}"

8
docker-compose/server.yml
View File

@ -1,8 +0,0 @@
version: "3.7"
services:
pingtunnelServer:
image: esrrhs/pingtunnel:latest
restart: always
network_mode: host
command: "./pingtunnel -type server -key ${KEY}"

269
main.go
View File

@ -1,269 +0,0 @@
package main
import (
"flag"
"fmt"
"github.com/esrrhs/go-engine/src/common"
"github.com/esrrhs/go-engine/src/geoip"
"github.com/esrrhs/go-engine/src/loggo"
"github.com/esrrhs/go-engine/src/pingtunnel"
"net"
"net/http"
_ "net/http/pprof"
"strconv"
"time"
)
var usage = `
通过伪造ping把tcp/udp/sock5流量通过远程服务器转发到目的服务器上用于突破某些运营商封锁TCP/UDP流量
By forging ping, the tcp/udp/sock5 traffic is forwarded to the destination server through the remote server. Used to break certain operators to block TCP/UDP traffic.
Usage:
// server
pingtunnel -type server
// client, Forward udp
pingtunnel -type client -l LOCAL_IP:4455 -s SERVER_IP -t SERVER_IP:4455
// client, Forward tcp
pingtunnel -type client -l LOCAL_IP:4455 -s SERVER_IP -t SERVER_IP:4455 -tcp 1
// client, Forward sock5, implicitly open tcp, so no target server is needed
pingtunnel -type client -l LOCAL_IP:4455 -s SERVER_IP -sock5 1
-type 服务器或者客户端
client or server
服务器参数server param:
-key 设置的密码默认0
Set password, default 0
-nolog 不写日志文件只打印标准输出默认0
Do not write log files, only print standard output, default 0 is off
-noprint 不打印屏幕输出默认0
Do not print standard output, default 0 is off
-loglevel 日志文件等级默认info
log level, default is info
-maxconn 最大连接数默认0不受限制
the max num of connections, default 0 is no limit
-maxprt server最大处理线程数默认100
max process thread in server, default 100
-maxprb server最大处理线程buffer数默认1000
max process thread's buffer in server, default 1000
-conntt server发起连接到目标地址的超时时间默认1000ms
The timeout period for the server to initiate a connection to the destination address. The default is 1000ms.
客户端参数client param:
-l 本地的地址发到这个端口的流量将转发到服务器
Local address, traffic sent to this port will be forwarded to the server
-s 服务器的地址流量将通过隧道转发到这个服务器
The address of the server, the traffic will be forwarded to this server through the tunnel
-t 远端服务器转发的目的地址流量将转发到这个地址
Destination address forwarded by the remote server, traffic will be forwarded to this address
-timeout 本地记录连接超时的时间单位是秒默认60s
The time when the local record connection timed out, in seconds, 60 seconds by default
-key 设置的密码默认0
Set password, default 0
-tcp 设置是否转发tcp默认0
Set the switch to forward tcp, the default is 0
-tcp_bs tcp的发送接收缓冲区大小默认1MB
Tcp send and receive buffer size, default 1MB
-tcp_mw tcp的最大窗口默认20000
The maximum window of tcp, the default is 20000
-tcp_rst tcp的超时发送时间默认400ms
Tcp timeout resend time, default 400ms
-tcp_gz 当数据包超过这个大小tcp将压缩数据0表示不压缩默认0
Tcp will compress data when the packet exceeds this size, 0 means no compression, default 0
-tcp_stat 打印tcp的监控默认0
Print tcp connection statistic, default 0 is off
-nolog 不写日志文件只打印标准输出默认0
Do not write log files, only print standard output, default 0 is off
-noprint 不打印屏幕输出默认0
Do not print standard output, default 0 is off
-loglevel 日志文件等级默认info
log level, default is info
-sock5 开启sock5转发默认0
Turn on sock5 forwarding, default 0 is off
-profile 在指定端口开启性能检测默认0不开启
Enable performance detection on the specified port. The default 0 is not enabled.
-s5filter sock5模式设置转发过滤默认全转发设置CN代表CN地区的直连不转发
Set the forwarding filter in the sock5 mode. The default is full forwarding. For example, setting the CN indicates that the Chinese address is not forwarded.
-s5ftfile sock5模式转发过滤的数据文件默认读取当前目录的GeoLite2-Country.mmdb
The data file in sock5 filter mode, the default reading of the current directory GeoLite2-Country.mmdb
`
func main() {
defer common.CrashLog()
t := flag.String("type", "", "client or server")
listen := flag.String("l", "", "listen addr")
target := flag.String("t", "", "target addr")
server := flag.String("s", "", "server addr")
timeout := flag.Int("timeout", 60, "conn timeout")
key := flag.Int("key", 0, "key")
tcpmode := flag.Int("tcp", 0, "tcp mode")
tcpmode_buffersize := flag.Int("tcp_bs", 1*1024*1024, "tcp mode buffer size")
tcpmode_maxwin := flag.Int("tcp_mw", 20000, "tcp mode max win")
tcpmode_resend_timems := flag.Int("tcp_rst", 400, "tcp mode resend time ms")
tcpmode_compress := flag.Int("tcp_gz", 0, "tcp data compress")
nolog := flag.Int("nolog", 0, "write log file")
noprint := flag.Int("noprint", 0, "print stdout")
tcpmode_stat := flag.Int("tcp_stat", 0, "print tcp stat")
loglevel := flag.String("loglevel", "info", "log level")
open_sock5 := flag.Int("sock5", 0, "sock5 mode")
maxconn := flag.Int("maxconn", 0, "max num of connections")
max_process_thread := flag.Int("maxprt", 100, "max process thread in server")
max_process_buffer := flag.Int("maxprb", 1000, "max process thread's buffer in server")
profile := flag.Int("profile", 0, "open profile")
conntt := flag.Int("conntt", 1000, "the connect call's timeout")
s5filter := flag.String("s5filter", "", "sock5 filter")
s5ftfile := flag.String("s5ftfile", "GeoLite2-Country.mmdb", "sock5 filter file")
flag.Usage = func() {
fmt.Printf(usage)
}
flag.Parse()
if *t != "client" && *t != "server" {
flag.Usage()
return
}
if *t == "client" {
if len(*listen) == 0 || len(*server) == 0 {
flag.Usage()
return
}
if *open_sock5 == 0 && len(*target) == 0 {
flag.Usage()
return
}
if *open_sock5 != 0 {
*tcpmode = 1
}
}
if *tcpmode_maxwin*10 > pingtunnel.FRAME_MAX_ID {
fmt.Println("set tcp win to big, max = " + strconv.Itoa(pingtunnel.FRAME_MAX_ID/10))
return
}
level := loggo.LEVEL_INFO
if loggo.NameToLevel(*loglevel) >= 0 {
level = loggo.NameToLevel(*loglevel)
}
loggo.Ini(loggo.Config{
Level: level,
Prefix: "pingtunnel",
MaxDay: 3,
NoLogFile: *nolog > 0,
NoPrint: *noprint > 0,
})
loggo.Info("start...")
loggo.Info("key %d", *key)
if *t == "server" {
s, err := pingtunnel.NewServer(*key, *maxconn, *max_process_thread, *max_process_buffer, *conntt)
if err != nil {
loggo.Error("ERROR: %s", err.Error())
return
}
loggo.Info("Server start")
err = s.Run()
if err != nil {
loggo.Error("Run ERROR: %s", err.Error())
return
}
} else if *t == "client" {
loggo.Info("type %s", *t)
loggo.Info("listen %s", *listen)
loggo.Info("server %s", *server)
loggo.Info("target %s", *target)
if *tcpmode == 0 {
*tcpmode_buffersize = 0
*tcpmode_maxwin = 0
*tcpmode_resend_timems = 0
*tcpmode_compress = 0
*tcpmode_stat = 0
}
if len(*s5filter) > 0 {
err := geoip.Load(*s5ftfile)
if err != nil {
loggo.Error("Load Sock5 ip file ERROR: %s", err.Error())
return
}
}
filter := func(addr string) bool {
if len(*s5filter) <= 0 {
return true
}
taddr, err := net.ResolveTCPAddr("tcp", addr)
if err != nil {
return false
}
ret, err := geoip.GetCountryIsoCode(taddr.IP.String())
if err != nil {
return false
}
if len(ret) <= 0 {
return false
}
return ret != *s5filter
}
c, err := pingtunnel.NewClient(*listen, *server, *target, *timeout, *key,
*tcpmode, *tcpmode_buffersize, *tcpmode_maxwin, *tcpmode_resend_timems, *tcpmode_compress,
*tcpmode_stat, *open_sock5, *maxconn, &filter)
if err != nil {
loggo.Error("ERROR: %s", err.Error())
return
}
loggo.Info("Client Listen %s (%s) Server %s (%s) TargetPort %s:", c.Addr(), c.IPAddr(),
c.ServerAddr(), c.ServerIPAddr(), c.TargetAddr())
err = c.Run()
if err != nil {
loggo.Error("Run ERROR: %s", err.Error())
return
}
} else {
return
}
if *profile > 0 {
go http.ListenAndServe("0.0.0.0:"+strconv.Itoa(*profile), nil)
}
for {
time.Sleep(time.Hour)
}
}

BIN
network.jpg
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 14 KiB

64
pack.sh
View File

@ -1,64 +0,0 @@
#! /bin/bash
#set -x
NAME="pingtunnel"
export GO111MODULE=off
#go tool dist list
build_list=$(go tool dist list)
rm pack -rf
rm pack.zip -f
mkdir pack
go get -u -v github.com/esrrhs/pingtunnel/...
last=`pwd`
cd $GOPATH/src/golang.org/x
for dir in `ls`; do
cd $dir
git pull
cd ..
done
cd $last
for line in $build_list; do
os=$(echo "$line" | awk -F"/" '{print $1}')
arch=$(echo "$line" | awk -F"/" '{print $2}')
echo "os="$os" arch="$arch" start build"
if [ $os == "android" ]; then
continue
fi
if [ $os == "ios" ]; then
continue
fi
if [ $arch == "wasm" ]; then
continue
fi
CGO_ENABLED=0 GOOS=$os GOARCH=$arch go build -ldflags="-s -w"
if [ $? -ne 0 ]; then
echo "os="$os" arch="$arch" build fail"
exit 1
fi
if [ $os = "windows" ]; then
zip ${NAME}_"${os}"_"${arch}"".zip" $NAME".exe"
if [ $? -ne 0 ]; then
echo "os="$os" arch="$arch" zip fail"
exit 1
fi
mv ${NAME}_"${os}"_"${arch}"".zip" pack/
rm $NAME".exe" -f
else
zip ${NAME}_"${os}"_"${arch}"".zip" $NAME
if [ $? -ne 0 ]; then
echo "os="$os" arch="$arch" zip fail"
exit 1
fi
mv ${NAME}_"${os}"_"${arch}"".zip" pack/
rm $NAME -f
fi
echo "os="$os" arch="$arch" done build"
done
zip pack.zip pack/ -r
echo "all done"