Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
  • Loading branch information
wangyu- committed Aug 17, 2017
2 parents 8356b45 + 1ca79a0 commit eea016c
Show file tree
Hide file tree
Showing 8 changed files with 33 additions and 23 deletions.
20 changes: 9 additions & 11 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -40,14 +40,7 @@ For example, if you use UDP2RAW + OpenVPN, OpenVPN won't lose connection after a
* **OpenWRT Support** No dependencies, easy to build. Binary for ar71xx are included in release.

### Keywords
* UDP QoS Bypass
* UDP Blocking Bypass
* OpenVPN TCP over TCP problem
* OpenVPN over ICMP
* UDP to ICMP tunnel
* UDP to TCP tunnel
* UDP over ICMP
* UDP over TCP
`UDP QoS Bypass` `UDP Blocking Bypass` `OpenVPN TCP over TCP problem` `OpenVPN over ICMP` `UDP to ICMP tunnel` `UDP to TCP tunnel` `UDP over ICMP` `UDP over TCP`

# Getting Started
### Installing
Expand All @@ -57,14 +50,19 @@ Download binary release from https://github.com/wangyu-/udp2raw-tunnel/releases
Assume your UDP is blocked or being QOS-ed or just poorly supported. Assume your server ip is 44.55.66.77, you have a service listening on udp port 7777.

```bash
# Run at client side
./udp2raw_amd64 -c -l0.0.0.0:3333 -r44.55.66.77:4096 -a -k "passwd" --raw-mode faketcp

# Run at server side:
./udp2raw_amd64 -s -l0.0.0.0:4096 -r 127.0.0.1:7777 -a -k "passwd" --raw-mode faketcp

# Run at client side
./udp2raw_amd64 -c -l0.0.0.0:3333 -r44.55.66.77:4096 -a -k "passwd" --raw-mode faketcp
```
###### Server Output:
![](images/output_server.PNG)
###### Client Output:
![](images/output_client.PNG)

Now,an encrypted raw tunnel has been established between client and server through TCP port 4096. Connecting to UDP port 3333 at the client side is equivalent to connecting to port 7777 at the server side. No UDP traffic will be exposed.

### Note
to run on Android, see [Android_Guide](/doc/android_guide.md)

Expand Down
15 changes: 11 additions & 4 deletions doc/README.zh-cn.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,10 @@
Udp2raw-tunnel
![image2](/images/image2.PNG)
udp2raw tunnel,通过raw socket给UDP包加上TCP或ICMP header,进而绕过UDP屏蔽或QoS,或在UDP不稳定的环境下提升稳定性。支持心跳保活、自动重连,重连后会恢复上次连接,在底层掉线的情况下可以保持上层不掉线。同时有加密、防重放攻击、信道复用的功能。**欢迎任何形式的转载**
udp2raw tunnel,通过raw socket给UDP包加上TCP或ICMP header,进而绕过UDP屏蔽或QoS,或在UDP不稳定的环境下提升稳定性。可以有效防止在使用kcptun或者finalspeed的情况下udp端口被运营商限速。

支持心跳保活、自动重连,重连后会恢复上次连接,在底层掉线的情况下可以保持上层不掉线。同时有加密、防重放攻击、信道复用的功能。

**欢迎任何形式的转载**

[English](/README.md)

Expand Down Expand Up @@ -63,13 +67,16 @@ https://github.com/wangyu-/udp2raw-tunnel/releases
假设你有一个server,ip为44.55.66.77,有一个服务监听在udp 7777端口。 假设你本地的主机到44.55.66.77的UDP流量被屏蔽了,或者被qos了

```
在client端运行:
./udp2raw_amd64 -c -l0.0.0.0:3333 -r44.55.66.77:4096 -a -k "passwd" --raw-mode faketcp
在server端运行:
./udp2raw_amd64 -s -l0.0.0.0:4096 -r 127.0.0.1:7777 -a -k "passwd" --raw-mode faketcp
在client端运行:
./udp2raw_amd64 -c -l0.0.0.0:3333 -r44.55.66.77:4096 -a -k "passwd" --raw-mode faketcp
```
###### Server端输出:
![](/images/output_server.PNG)
###### Client端输出:
![](/images/output_client.PNG)

现在client和server之间建立起了,tunnel。想要在本地连接44.55.66.77:7777,只需要连接 127.0.0.1:3333。来回的所有的udp流量会被经过tunneling发送。在外界看起来是tcp流量,不会有udp流量暴露到公网。

Expand Down
7 changes: 4 additions & 3 deletions doc/android_guide.md
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ Copy udp2raw_arm to any dir of your **internal storage** .Copying it to **SD car
# Steps
1. run udp2raw_arm as usual, except you must change the -a option to -g
```
./udp2raw_arm -c -r 44.55.66.77:9966 0l 0.0.0.0:4000 -k1234 --cipher xor -g
./udp2raw_arm -c -r 44.55.66.77:9966 -l 0.0.0.0:4000 -k1234 --cipher xor -g
```

2. find the generated iptables rule from udp2raw's output,add it manually by running:
Expand All @@ -20,9 +20,10 @@ iptables -I INPUT -s 44.55.66.77/32 -p tcp -m tcp --sport 9966 -j DROP
3. run udp2raw_ram without -g command

```
./udp2raw_arm -c -r 44.55.66.77:9966 0l 0.0.0.0:4000 -k1234 --cipher xor -a
./udp2raw_arm -c -r 44.55.66.77:9966 -l 0.0.0.0:4000 -k1234 --cipher xor
```

# Demostration (zoom in if its not large enough)
# ScreenShot
zoom-in if not large enough

![](/images/android.png)
10 changes: 6 additions & 4 deletions doc/finalspeed_step_by_step.md
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
##### 摘要
udp2raw是一个把udp流量通过raw socket包装成tcp流量的工具。通过用udp2raw配合udp模式的 finalspeed一样可以达到在底层发tcp包,绕过QOS的效果。支持openvz,稳定性也好很多。原理上相当于在finalspeed外面再包了一层tunnel。

本教程会一步一步演示用udp2raw+kcptun加速http流量的过程。加速任何其他tcp流量也一样。
本教程会一步一步演示用udp2raw+finalspeed加速http流量的过程。加速任何其他tcp流量也一样,包括ss。本文避免讨论科学上网,所以只演示加速http流量

udp2raw也支持把udp流量包装成Icmp发送,本教程不做演示。

Expand All @@ -17,12 +17,14 @@ udp2raw也支持把udp流量包装成Icmp发送,本教程不做演示。

本地主机是windows,本地有openwrt路由器或树莓派或安装了linux虚拟机(网卡设置为桥接模式)。

(如果嫌给虚拟机安装linux麻烦,可以下载别人提供好的linux虚拟机镜像,比如https://www.kali.org/downloads/ ,不过我没有测试过这个镜像,我用的是debian 7)
(如果嫌给虚拟机安装linux麻烦,可以用release里发布的预装了udp2raw的openwrt_x86虚拟机镜像,容量4.4mb)

下面的教程按虚拟机演示,如果你有openwrt路由器或树莓派,可以直接运行再路由器或树莓派上,就不需要虚拟机了。

### 安装
下载好udp2raw的压缩包,解压分别解压到服务器和本地的虚拟机。

https://github.com/xtaci/kcptun/releases
https://github.com/wangyu-/udp2raw-tunnel/releases

在服务器端安装好finalspeed服务端,在本地windows安装好finalspeed的客户端。服务端我以前是用91yun的一键安装脚本安装的,没装过的可以去网上搜一键安装脚本。

Expand Down Expand Up @@ -52,7 +54,7 @@ netstat -nlp|grep java

记下红框中的ip,这是虚拟机的网卡ip

在server端也会显示server_reay
在server端也会显示server_ready
![image](finalspeed_step_by_step/Capture4.PNG)

4.在本地windows,按图配置好finalspeed的客户端。注意,192.168.205.8改成你刚才记下来的IP,带宽也要按实际的填。传输协议要选UDP.
Expand Down
4 changes: 3 additions & 1 deletion doc/kcptun_step_by_step.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,9 @@
本教程会一步一步演示用udp2raw+kcptun加速SSH流量的过程。加速任何其他tcp流量也一样,包括ss;本文避免涉及科学上网,所以演示ssh。

### 环境要求
两边的主机都是linux,有root权限。 可以是openwrt路由器或树莓派,windows上桥接模式的虚拟机也可用
两边的主机都是linux,有root权限。 可以是openwrt路由器或树莓派,也可以是root了的android。

(windows和mac可以用release里发布的预装了udp2raw的openwrt_x86虚拟机镜像,容量4.4mb,开机即用)


### 安装
Expand Down
Binary file added images/output_client.PNG
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/output_server.PNG
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added images/speed_test.PNG
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.

0 comments on commit eea016c

Please sign in to comment.