search

erebe / wstunnel

Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available
Other
3.22k stars 290 forks source link

[Feature Request] Ability to specify Host Header & ServerName (SNI) #65

Closed arinc9 closed 3 years ago

arinc9 commented 3 years ago

I've seen #16 & #22 which is not dead clear of what I request. For example, v2ray has this feature:

      "streamSettings": {
        "network": "ws",
        "security": "tls",
        "tlsSettings": {
          "allowInsecure": true,
          "serverName": "www.youtube.com"
        },
    "wsSettings": {
      "headers": {
            "Host": "www.youtube.com"
          }
        }
      }

We can specify the domain to connect to the server. It'd be great to have an option like --ServerNamePrefix (to be used on wss) and--HostHeaderPrefix (to be used on ws and wss. Also set up ServerNamePrefix automatically to the same on wss if it was not specified) on wstunnel. This would only be used from the client so no need to launch the server with different commands.

erebe commented 3 years ago

Should not be too hard, I will try to do it during this week when I have time. I will let you know.

Out of curiosity, what are you doing with wstunnel ?

arinc9 commented 3 years ago

I'm doing a research on restrictive networks in Iran, China, Egypt and a government-set school network across every state schools in Turkey. I'm analyzing how these networks work and the possible methods of bypassing the firewall.

With custom host headers, it makes it possible to bypass the domain filtering system, also to make it seem like the traffic is going to YouTube in this example.

erebe commented 3 years ago

You can try this pre-release for linux https://github.com/erebe/wstunnel/releases/download/v3.1/wstunnel-x64-linux there is 2 more command line argument --hostHeader and --tlsSNI that allow you to override what you want. For now, you need to specify both if you want to set the same value for both.

Let me know if it is working as you want. (I have done only basic checks with wireshark and unit tests)

arinc9 commented 3 years ago

Looks like it sends host header twice

erebe commented 3 years ago

Should be fixed with the lastest build, can you re-download https://github.com/erebe/wstunnel/releases/download/v3.1/wstunnel-x64-linux

arinc9 commented 3 years ago

Both ws and wss works now! Good job!

arinc9 commented 3 years ago

@erebe Here's the windows build while you figure out cross-compiling.

wstunnel-x64-windows.zip