search

rapiz1 / rathole

A lightweight and high-performance reverse proxy for NAT traversal, written in Rust. An alternative to frp and ngrok.
Apache License 2.0
9.44k stars 475 forks source link

Glad If we can install it on Mikrotik Routers. #237

Open samratfkt opened 1 year ago

samratfkt commented 1 year ago

It will be awesome if we can use this thing on mikrotik router, then it will be a great tool for the ISPs and also home network users who want there lan device access remotly.

shirshak55 commented 1 year ago

For testing, we can use x86 free VirtualBox version of Mikrotik.

gnattu commented 1 year ago

I have successfully run this on my RB5009 with the container feature. To avoid potential compatibility issues, I highly recommend using a glibc-based image. We already have bug reports probably related to musl builds on arm systems in issue #211.

One issue with a glibc-based image is the size. The debian-slim image I initially created is over 100MB (uncompressed size), which is too large for a router's internal flash. To overcome this, my approach is to build the binary on a Debian image and then copy the related libraries and the compiled binaries to a busybox-glibc image. Here's my Dockerfile:

FROM rust:bookworm as builder
RUN apt update
RUN apt -y install openssl libssl-dev build-essential
WORKDIR /home/rust/src
COPY . .
RUN cargo build --locked --release --features client,server,noise,hot-reload
RUN mkdir -p build-out/
RUN cp target/release/rathole build-out/

FROM busybox:stable-glibc
WORKDIR /app
COPY --from=builder /lib/aarch64-linux-gnu/libssl.so.3 /lib/aarch64-linux-gnu/libssl.so.3
COPY --from=builder /lib/aarch64-linux-gnu/libcrypto.so.3 /lib/aarch64-linux-gnu/libcrypto.so.3
COPY --from=builder /lib/aarch64-linux-gnu/libgcc_s.so.1 /lib/aarch64-linux-gnu/libgcc_s.so.1
COPY --from=builder /home/rust/src/build-out/rathole .
USER 1000:1000
ENTRYPOINT ["./rathole"]

The image produced with this Dockerfile is less than 13MB, which seems good enough to me. If you have external disks for your router and don't mind a larger image size, you can simply use a debian-slim image and just apt install openssl instead of copying libraries manually.

Regarding setting up the container on the router, you can refer to MikroTik's official documentation. One thing to note is that MikroTik's container implementation does not allow single file mounts, so you have to mount a whole folder. That folder is not accessible from MikroTik Winbox, and you have to use SFTP to upload config files. You can refer to the mosquitto MQTT server example to see how to do this.