search

rapiz1 / rathole

A lightweight and high-performance reverse proxy for NAT traversal, written in Rust. An alternative to frp and ngrok.
Apache License 2.0
9.8k stars 488 forks source link

wish to support websocket transport #134

Closed aa51513 closed 1 year ago

aa51513 commented 2 years ago

websocket has been widely used and supported by attack prevention providers such as cloudflare

And I noticed that Rust already supports Websocket dependencies and can be used directly

Could you consider adding support for the websocket protocol in the transport type?

9p4 commented 2 years ago

Websocket seems to work just fine for me (TCP)

emilyastranova commented 1 year ago

Working for me as well

remram44 commented 1 year ago

I have the same request, and I'm confused by the comments. This is a request for WebSocket transport, not services, and is not implemented. It cannot be "working for you".

rucciva commented 1 year ago

Would be awesome if rathole support this. My use case is to expose a port of an internal service running inside kubernetes to another kubernetes cluster. Being able to expose rathole server through ingress would prevent opening another tcp port and reducing attack surface. I don't mind the reduced performance since its not used in the hot path of user traffic.

emilyastranova commented 1 year ago

I have the same request, and I'm confused by the comments. This is a request for WebSocket transport, not services, and is not implemented. It cannot be "working for you".

Ahh I misunderstood, this makes more sense.

rucciva commented 1 year ago

Hi @rapiz1 , will PR accepted for this? I have no rust background but i'm willing to learn. I've read about tokio-tungstenite or fastwebsocket as possible library, wdyt?

rucciva commented 1 year ago

i tried to make a websocket transport using tokio-tungstenite here

It passes the tcp test but unfortunately the udp test stuck. i'm not sure why. maybe anyone here got a clue?

PR opened #290

rucciva commented 1 year ago

Hi @aa51513 & @remram44 , would you care to try it?

there is a downloadable executable in here and sample config in:

i've tried running iperf3 through rathole + caddy https and it seems to be faster than ssh port forward (almost 2x transfer rate). But surprisingly, it is sometimes better than rathole tcp, which is odd.