mirror of
https://github.com/wangyu-/udp2raw.git
synced 2025-01-19 14:29:34 +08:00
Merge branch 'master' of https://github.com/wangyu-/udp2raw-tunnel
This commit is contained in:
commit
00dcec9896
14
README.md
14
README.md
@ -9,11 +9,11 @@ encrypt your traffic with aes128cbc,protects data integrity by md5 or crc32,prot
|
||||
### Simulated TCP Handshake
|
||||
simulated 3-way handshake,simluated seq ack_seq. Simluated tcp options:MSS,sackOk,TS,TS_ack,wscale. Provides real-time delivery ,no tcp over tcp problem when using openvpn.
|
||||
### Connnection Recover
|
||||
After connection timeouts,the client will re-connect.if re-connection is successful,the previous connection will be recovered,and all old udp conversations will stay vaild.
|
||||
After connection timeouts,the client will re-connect.if re-connection is successful,the previous connection will be recovered,and all existed udp conversations will stay vaild.
|
||||
### Other Features
|
||||
Multiplexing ,one client supports multi udp connections,all of those traffic will share one raw connection
|
||||
|
||||
Multiple Client Support,one server supports multiple client.
|
||||
Multiple Clients Support,one server supports multiple clients.
|
||||
|
||||
NAT Supported,all 3 modes work in NAT environment
|
||||
|
||||
@ -76,7 +76,7 @@ other options:
|
||||
-h,--help print this help message
|
||||
```
|
||||
### iptables rule
|
||||
this programs sends packet via raw socket.In faketcp mode,Linux Kernel TCP packet processing has to be blocked by a iptables rule on both side,otherwise Kernel will automatically send RST for unrecongized TCP packet and you will sustain from stability/peformance problem.You can use -a option to let the program automatically add/del iptables rules on start/exit.You can also use the -g option to generate iptables rule and add it manually.
|
||||
this programs sends packet via raw socket.In faketcp mode,Linux Kernel TCP packet processing has to be blocked by a iptables rule on both sides,otherwise Kernel will automatically send RST for unrecongized TCP packet and you will sustain from stability/peformance problem.You can use -a option to let the program automatically add/del iptables rule on start/exit.You can also use the -g option to generate iptables rule and add it manually.
|
||||
### cipher-mode and auth-mode
|
||||
Its suggested to use aes128cbc + md5 to obtain maxmized security.If you want to run the program on a router,you can try xor+simple,it can fool Packet Inspection by firewalls most time, but it cant protect you from serious attackers. Mode none is only for debug,its not suggest to set cipher-mode or auth-mode to none.
|
||||
### seq-mode
|
||||
@ -91,18 +91,18 @@ iperf3 -c 10.222.2.1 -P40
|
||||
iperf3 -c 10.222.2.1 -P40 -R
|
||||
```
|
||||
#### client host
|
||||
vultr $2.5/monthly plan(single core 2.4ghz cpu,512m ram),
|
||||
vultr $2.5/monthly plan(single core 2.4ghz cpu,512m ram,location:Tokyo,Japan),
|
||||
#### server host
|
||||
bandwagonhost $3.99/annually(single core 2.0ghz cpu,128m ram)
|
||||
bandwagonhost $3.99/annually(single core 2.0ghz cpu,128m ram,location:Los Angeles,USA)
|
||||
### Test1
|
||||
cipher_mode: xor auth_mode: simple
|
||||
raw_mode: faketcp cipher_mode: xor auth_mode: simple
|
||||
|
||||
![image4](images/image4.PNG)
|
||||
|
||||
(reverse speed is simliar and not uploaded)
|
||||
|
||||
### Test2
|
||||
cipher_mode: aes128cbc auth_mode: md5
|
||||
raw_mode: faketcp cipher_mode: aes128cbc auth_mode: md5
|
||||
|
||||
![image5](images/image5.PNG)
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user