Closed aa51513 closed 5 months ago
Either forward or reverse proxy is supported, with the --upstream
option, forward proxy becomes reverse proxy. For your case, you can run a forward proxy locally and a reverse proxy remotely, and chain them together with the --upstream
option. To achieve QUIC protected, the local omnip node should should run with socks5://
scheme, and socks5+quic://
for the remote omnip node.
socks clients -> omnip client --- the internet --- omnip server -> socks server
With the above, traffic going through the internet are QUIC protected. Since omnip can be run as a normal http or socks proxy, the "socks server" at the end of the previous diagram can also be an omnip node.
Either forward or reverse proxy is supported, with the
--upstream
option, forward proxy becomes reverse proxy. For your case, you can run a forward proxy locally and a reverse proxy remotely, and chain them together with the--upstream
option. To achieve QUIC protected, the local omnip node should should run withsocks5://
scheme, andsocks5+quic://
for the remote omnip node.socks clients -> omnip client --- the internet --- omnip server -> socks server
With the above, traffic going through the internet are QUIC protected. Since omnip can be run as a normal http or socks proxy, the "socks server" at the end of the previous diagram can also be an omnip node.
Thank you for your reply.
In my usage scenario, the network where the client is located cannot receive inbound traffic, which means that the client can only connect to the server, and what I want to do is to have the client run as a socks5 service so that the client can be accessed directly on the server .
I drew a simple diagram:
In my usage scenario, the network where the client is located cannot receive inbound traffic, which means that the client can only connect to the server, and what I want to do is to have the client run as a socks5 service so that the client can be accessed directly on the server .
omnip can only do one direction proxy, so it doesn't fit your senario.
But you can use rstun, which omnip bases on. It has two binaries, rstunc
as the client and rstund
as the server.
On the server:
rstund -a 0.0.0.0:6060 -p password
On the notebook:
rstunc --mode IN -r SERVER:1234 --addr-mapping 6022^22 -p password
With the above, a QUIC tunnel from SERVER:6022
to NOTEBOOK:22
is built, you can access your sshd on the notebook from anywhere though server's 6022 port, of course you can choose any port you like, read more on rstun's page.
In my usage scenario, the network where the client is located cannot receive inbound traffic, which means that the client can only connect to the server, and what I want to do is to have the client run as a socks5 service so that the client can be accessed directly on the server .
omnip can only do one direction proxy, so it doesn't fit your senario.
But you can use rstun, which omnip bases on. It has two binaries,
rstunc
as the client andrstund
as the server.On the server:
rstund -a 0.0.0.0:6060 -p password
On the notebook:
rstunc --mode IN -r SERVER:1234 --addr-mapping 6022^22 -p password
With the above, a QUIC tunnel from
SERVER:6022
toNOTEBOOK:22
is built, you can access your sshd on the notebook from anywhere though server's 6022 port, of course you can choose any port you like, read more on rstun's page.
neevek/rstun is another great tool ,it works thanks a lot
As a practical use, I need to share the intranet with socks5 under the protection of quic
That means the omnip client runing as socks5 service and the port listening on the omnip server:
[user with socks5 client]---->[omnip server]<---->[omnip client]---->[network out]
Is this a good idea or a bad idea?