开个玩笑,救星算不上。基于tinyfecvpn与udp2raw的思路搞的一个轻量级内网隧道项目。
特征是建立一个内网隧道,上层使用tcp伪装底下是udp发包并且维持心跳。
AI脸滚键盘键盘出来的,和参考项目比的话也就是用GO写的并且对渣机的支持比较好吧。
怎么说呢,能用能跑。因为跑的是TCP,没有遭运营商的UDP限制策略那么严重。
Lightweight Tunnel (轻量级内网隧道)
一个使用 Go 语言开发的轻量级内网隧道工具,支持 TCP 伪装和 FEC 纠错功能。适用于在两个低配置服务器之间建立安全的内网连接。
A lightweight intranet tunnel tool developed in Go, supporting TCP disguise and FEC (Forward Error Correction). Suitable for establishing secure intranet connections between two low-spec servers.
Features (特性)
- 🚀 轻量级设计 - 占用资源少,适合低配置服务器
- 🔒 TCP 伪装 - UDP 数据包伪装成 TCP 连接,绕过防火墙限制
- 🛡️ FEC 纠错 - Forward Error Correction 提供数据包丢失恢复能力
- 🌐 TUN 设备 - 基于 TUN 设备的第三层网络隧道
- ⚡ 高性能 - 使用 Go 协程实现并发处理
- 🎯 简单易用 - 命令行参数或配置文件两种配置方式
Quick Start (快速开始)
Prerequisites (前置要求)
- Linux 系统 (需要 TUN 设备支持)
- Root 权限 (用于创建和配置 TUN 设备)
- Go 1.19+ (仅编译时需要)
Installation (安装)
# Clone the repositorygit clone https://github.com/openbmx/lightweight-tunnel.gitcd lightweight-tunnel# Buildgo build -o lightweight-tunnel ./cmd/lightweight-tunnel# Or install directlygo install ./cmd/lightweight-tunnelUsage (使用方法)
Server Side (服务端)
# Run as server with default settingssudo ./lightweight-tunnel -m server -l 0.0.0.0:9000 -t 10.0.0.1/24# Or use config filesudo ./lightweight-tunnel -c server.jsonClient Side (客户端)
# Run as clientsudo ./lightweight-tunnel -m client -r SERVER_IP:9000 -t 10.0.0.2/24# Or use config filesudo ./lightweight-tunnel -c client.jsonConfiguration File (配置文件)
Generate example configuration files:
./lightweight-tunnel -g config.jsonThis creates config.json (server) and config.json.client (client).
Example server configuration:
{ "mode": "server", "local_addr": "0.0.0.0:9000", "remote_addr": "", "tunnel_addr": "10.0.0.1/24", "mtu": 1400, "fec_data": 10, "fec_parity": 3, "timeout": 30, "keepalive": 10}Example client configuration:
{ "mode": "client", "local_addr": "0.0.0.0:9000", "remote_addr": "SERVER_IP:9000", "tunnel_addr": "10.0.0.2/24", "mtu": 1400, "fec_data": 10, "fec_parity": 3, "timeout": 30, "keepalive": 10}Command Line Options (命令行选项)
-c string Configuration file path -m string Mode: server or client (default "server") -l string Local address to listen on (default "0.0.0.0:9000") -r string Remote address to connect to (client mode) -t string Tunnel IP address and netmask (default "10.0.0.1/24") -mtu int MTU size (default 1400) -fec-data int FEC data shards (default 10) -fec-parity int FEC parity shards (default 3) -v Show version -g string Generate example config fileArchitecture (架构)
┌─────────────┐ TCP (disguised) ┌─────────────┐│ Server │ ◄─────────────────────────────► │ Client ││ (10.0.0.1) │ with FEC error correction │ (10.0.0.2) │└──────┬──────┘ └──────┬──────┘ │ │ │ TUN Device TUN Device │ │ │ ┌────▼────┐ ┌────▼────┐ │ App/Svc │ │ App/Svc │ └─────────┘ └─────────┘How It Works (工作原理)
- TUN Device: Creates a virtual network interface for Layer 3 (IP) traffic
- TCP Disguise: Wraps UDP-like packets in TCP connections to bypass firewalls
- FEC: Adds redundant data shards for packet loss recovery
- Keepalive: Maintains connection with periodic heartbeat packets
Testing (测试)
After establishing the tunnel, you can test connectivity:
# On server side, ping clientping 10.0.0.2# On client side, ping serverping 10.0.0.1# Test with iperf# Server: iperf -s# Client: iperf -c 10.0.0.1Performance Tuning (性能调优)
- MTU: Adjust based on your network (default: 1400)
- FEC Shards: More parity shards = better loss recovery but more overhead
- Keepalive: Shorter interval = faster detection of disconnection
Limitations (限制)
- Currently supports only IPv4
- Single client per server instance
- Requires root/admin privileges for TUN device
- Linux only (uses Linux TUN/TAP interfaces)
References (参考项目)
- udp2raw - UDP to TCP converter
- tinyfecvpn - VPN with FEC
License
MIT License
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
评论 (0)