search

ginuerzh / gost

GO Simple Tunnel - a simple tunnel written in golang
MIT License
15.47k stars 2.42k forks source link

Gost relay to brook #904

Closed difof closed 1 year ago

difof commented 1 year ago

Hello. I'm trying to check whether it's possible to use brook websocket behind gost's relay protocol for tunneling?

I followed the gost guides but gost give this error: forward.go:136: [tcp] CLIENT_IP:43262 -> BROOK_IP:1122 : resolver: domain does not exists I'm not using any domains, why is it trying to resolve domains?

Brook websockets command: $ brook wsserver -l 5.5.5.5:1122 -p mypass

Gost relay command: $ gost -L udp://:1121 -L tcp://:1121 -F relay://5.5.5.5:1122

[ Brook Github ]

uf1y commented 1 year ago

You need a relay service running in brook server to talk with relay client. You can’t relay data directly to wss port. Server: ./gost -L ://:8888 -F tcp://127.0.0.1:1122 Client: gost -L udp://:1121 -L tcp://:1121 -F relay://5.5.5.5:8888

difof commented 1 year ago

@uf1y It doesn't work, still gives the same error on gost client when I try to connect to brook. Same issue if I run all services without docker and on different servers.

# docker-compose-brook-gost.yml
version: '3.8'
services:
  # MBWSS is just brook fork with config file support and Dockerfile
  mbwss:
    image: mbwss:latest
    command: ws -v -c /etc/mbwss.json
    networks:
      - app
    volumes:
      - ../../mbwss.json:/etc/mbwss.json

  gost-server:
    image: ginuerzh/gost
    command: -L relay://:8888 -F tcp://mbwss:${MBWSS_PORT}
    networks:
      - app
    depends_on:
      - mbwss

  gost-client:
    image: ginuerzh/gost
    command: -L udp://:${RELAY_PORT} -L tcp://:${RELAY_PORT} -F relay://gost-server:8888
    networks:
      - app
    ports:
      - "${RELAY_PORT}:${RELAY_PORT}"
    depends_on:
      - gost-server

networks:
  app:
uf1y commented 1 year ago

Try this to veryify your mbwss is working correctly, and then verify the relay solution.

./gost -L tcp://127.0.0.1:1122/5.5.5.5:1122
difof commented 1 year ago

mbwss through your last command is working and I could get some response, but relay verification says bad version from the gost relay server:

mbwss-mbwss-1        | HTTP server listening on 172.23.0.2:11223
mbwss-gost-server-1  | 2022/11/12 22:13:39 route.go:694: relay://:8888 on [::]:8888
mbwss-gost-test-1    | 2022/11/12 22:13:40 route.go:694: tcp://:11222 on [::]:11222
mbwss-gost-test-1    | 2022/11/12 22:13:42 forward.go:109: [tcp] 172.23.0.1:43318 - 172.23.0.4:11222
mbwss-gost-test-1    | 2022/11/12 22:13:42 forward.go:153: [tcp] 172.23.0.1:43318 <-> gost-server:8888
mbwss-gost-server-1  | 2022/11/12 22:13:42 relay.go:142: [relay] 172.23.0.4:36662 - 172.23.0.3:8888 : bad version        
mbwss-gost-test-1    | 2022/11/12 22:13:42 forward.go:155: [tcp] 172.23.0.1:43318 >-< gost-server:8888

Not sure what version it means though, both services use the same gost version.

I added this service to the compose file for the test and removed the gost-client service:

  gost-test:
    image: ginuerzh/gost
    command: -L tcp://:${RELAY_PORT}/gost-server:8888
    networks:
      - app
    ports:
      - "${RELAY_PORT}:${RELAY_PORT}"
    depends_on:
      - gost-server
difof commented 1 year ago

@uf1y I wonder if using port forwarding instead of relay is okay since your last command worked fine. This is what I'm doing:

flowchart LR
 user[user]
 relay[relay server]
 ws[websocket server]
 freedom[freedom]
 user <--> relay
 relay <--> ws
 ws <--> freedom

Brook has a relay itself but I have modified brook to support user and traffic management, and the relay code is way too complicated to add user management, but the websocket itself works perfectly. I just needed something to relay/forward packets from domestic server to brook server and gost seems to be the tool I need, instead of brook relay or v2ray reverse proxy

uf1y commented 1 year ago 
flowchart LR
 user[user]
 forward[Forward server]
 ws[websocket server]
 freedom[freedom]
 user -->  forward
 forward --> ws
 ws  --> freedom

As you descriped, actually, A TCP forwarder is what you want. ./gost -L tcp://4.4.4.4:1122/5.5.5.5:1122

Use your websocket client to connect 4.4.4.4:1122 websocket serivice which is forwarded to 5.5.5.5:1122

difof commented 1 year ago

That's what I'm going with, thanks a lot for the help!

uf1y commented 1 year ago 
flowchart LR
 user[User]
 realay1[Relay Client]
 realay2[Relay Server]
 freedom[Freedom]
 user -->  realay1
 realay1 -->  realay2
 realay2 --> WS
 WS  --> freedom

If you really want to use RELAY, you should configure it like this. relay is a standalone protocol. It's better to use relay with TLS if you want to get encryption.

And also, you can deploy the relay server on the same server which is running the WS service.