From b1800fa41a709175f798dc9465183f3cc88e28bf Mon Sep 17 00:00:00 2001 From: wangyu- Date: Thu, 24 Aug 2017 00:23:58 -0700 Subject: [PATCH 1/9] Update README.md --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 0d3e9b0..f218f03 100755 --- a/README.md +++ b/README.md @@ -16,8 +16,8 @@ ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT b UDP headers are also supported.In UDP header mode,it behaves just like a normal UDP tunnel,and you can just make use of the other features. -### Simulate TCP Handshake -In FakeTcp mode,udp2raw simulates 3-way handshake, along with seq and ack_seq. TCP options MSS, sackOk, TS, TS_ack, wscale are also simulated.Real-time delivery guaranteed,no congrestion control or re-transmission,no TCP over TCP problem when using OpenVPN. +### Simulated TCP with Real-time/Out-of-Order Delivery +In FakeTCP mode,udp2raw simulates 3-way while establishing a connection,simulates seq and ack_seq while data transferring.It also simulates following TCP options: `MSS`, `sackOk`, `TS`, `TS_ack`, `wscale`.Firewalls will regard FakeTCP as a TCP connection,but its essentially UDP: it supports real-time/out-of-order delivery(just as normal UDP does),no congrestion control or re-transmission.So there wont be any TCP over TCP problem when using OpenVPN. ### Encrpytion, Anti-Replay * Encrypt your traffic with AES-128-CBC. From 51e5b023b0dd91e7dc943edfb934cfac457ae8ff Mon Sep 17 00:00:00 2001 From: wangyu- Date: Thu, 24 Aug 2017 00:35:13 -0700 Subject: [PATCH 2/9] Update README.md --- README.md | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/README.md b/README.md index f218f03..8dc4b10 100755 --- a/README.md +++ b/README.md @@ -1,23 +1,23 @@ # Udp2raw-tunnel ![image0](images/image0.PNG) -A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment).Its Encrpyted,Anti-Replay and Multiplexed.It aslo acts as a Connection Stablizer. +A Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment).Its Encrpyted,Anti-Replay and Multiplexed.It aslo acts as a Connection Stablizer. [简体中文](/doc/README.zh-cn.md) # Support Platforms -A Linux host (including desktop Linux,Android phone/tablet,OpenWRT router,or Raspberry PI) with root access. +Linux host (including desktop Linux,Android phone/tablet,OpenWRT router,or Raspberry PI) with root access. -For Winodws/MacOS,virtual image with udp2raw pre-installed has been released,you can load it with Vmware/VirtualBox.The virtual image has been set to auto obtain ip,udp2raw can be run imidiately after boot finished(make sure network mode of virtual machine has been set to bridged)(only udp2raw has to be run under virtual machine,all other programs runs under Windows/MacOS as usual). +For Winodws/MacOS,the 4.4mb virtual image with udp2raw pre-installed has been released,you can load it with Vmware/VirtualBox.The virtual image has been set to auto obtain ip,udp2raw can be run imidiately after boot finished(make sure network mode of virtual machine has been set to bridged)(only udp2raw has to be run under virtual machine,all other programs runs under Windows/MacOS as usual). # Features -### Send / Receive UDP Packet with ICMP/FakeTCP headers -ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,it just works like an ICMP tunnel. +### Send/Receive UDP Packets with ICMP/FakeTCP headers +ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw just works like an ICMP tunnel. -UDP headers are also supported.In UDP header mode,it behaves just like a normal UDP tunnel,and you can just make use of the other features. +UDP headers are also supported.In UDP header mode,it behaves just like a normal UDP tunnel,and you can just make use of the other features(such as encrytion,anti-replay,connection stalization). ### Simulated TCP with Real-time/Out-of-Order Delivery -In FakeTCP mode,udp2raw simulates 3-way while establishing a connection,simulates seq and ack_seq while data transferring.It also simulates following TCP options: `MSS`, `sackOk`, `TS`, `TS_ack`, `wscale`.Firewalls will regard FakeTCP as a TCP connection,but its essentially UDP: it supports real-time/out-of-order delivery(just as normal UDP does),no congrestion control or re-transmission.So there wont be any TCP over TCP problem when using OpenVPN. +In FakeTCP header mode,udp2raw simulates 3-way handshake while establishing a connection,simulates seq and ack_seq while data transferring.It also simulates following TCP options: `MSS`, `sackOk`, `TS`, `TS_ack`, `wscale`.Firewalls will regard FakeTCP as a TCP connection,but its essentially UDP: it supports real-time/out-of-order delivery(just as normal UDP does),no congrestion control or re-transmission.So there wont be any TCP over TCP problem when using OpenVPN. ### Encrpytion, Anti-Replay * Encrypt your traffic with AES-128-CBC. @@ -36,12 +36,12 @@ For example, if you use udp2raw + OpenVPN, OpenVPN won't lose connection after a * **NAT Support** All of the 3 modes work in NAT environments. -* **OpenVZ Support** Tested on BandwagonHost. +* **OpenVZ Support** Tested on BandwagonHost VPS. -* **OpenWRT Support** No dependencies, easy to build. Binary for ar71xx are included in release. +* **Easy to Build** No dependencies, easy to build. Binary for ar71xx are included in release. ### Keywords -`UDP QoS Bypass` `UDP Blocking Bypass` `OpenVPN TCP over TCP problem` `OpenVPN over ICMP` `UDP to ICMP tunnel` `UDP to TCP tunnel` `UDP over ICMP` `UDP over TCP` +`Bypass UDP QoS` `Bypass UDP Blocking` `Bypass OpenVPN TCP over TCP problem` `OpenVPN over ICMP` `UDP to ICMP tunnel` `UDP to TCP tunnel` `UDP over ICMP` `UDP over TCP` # Getting Started ### Installing @@ -65,7 +65,7 @@ Assume your UDP is blocked or being QOS-ed or just poorly supported. Assume your Now,an encrypted raw tunnel has been established between client and server through TCP port 4096. Connecting to UDP port 3333 at the client side is equivalent to connecting to port 7777 at the server side. No UDP traffic will be exposed. ### Note -to run on Android, see [Android_Guide](/doc/android_guide.md) +To run on Android, check [Android_Guide](/doc/android_guide.md) # Advanced Topic ### Usage From cd349227226de6ab54c7bbd6fbacddb333f0dee2 Mon Sep 17 00:00:00 2001 From: wangyu- Date: Thu, 24 Aug 2017 00:49:28 -0700 Subject: [PATCH 3/9] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 8dc4b10..81e1a61 100755 --- a/README.md +++ b/README.md @@ -38,7 +38,7 @@ For example, if you use udp2raw + OpenVPN, OpenVPN won't lose connection after a * **OpenVZ Support** Tested on BandwagonHost VPS. -* **Easy to Build** No dependencies, easy to build. Binary for ar71xx are included in release. +* **Easy to Build** No dependencies.To cross-compile udp2raw,all you need to do is just to download a toolchain,modify makefile to point at the toolchain,run `make cross` then everything is done.(Note:Pre-compiled binaries for Desktop,RaspberryPi,Android,some Openwrt Routers are already included in [Releases](https://github.com/wangyu-/udp2raw-tunnel/releases)) ### Keywords `Bypass UDP QoS` `Bypass UDP Blocking` `Bypass OpenVPN TCP over TCP problem` `OpenVPN over ICMP` `UDP to ICMP tunnel` `UDP to TCP tunnel` `UDP over ICMP` `UDP over TCP` From b59ba054223509ea8301aa9880f2e896378b715d Mon Sep 17 00:00:00 2001 From: wangyu- Date: Thu, 24 Aug 2017 01:05:12 -0700 Subject: [PATCH 4/9] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 81e1a61..5a48b29 100755 --- a/README.md +++ b/README.md @@ -11,7 +11,7 @@ For Winodws/MacOS,the 4.4mb virtual image with udp2raw pre-installed has been re # Features -### Send/Receive UDP Packets with ICMP/FakeTCP headers +### Send/Receive UDP Packets with ICMP/FakeTCP/UDP headers ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw just works like an ICMP tunnel. UDP headers are also supported.In UDP header mode,it behaves just like a normal UDP tunnel,and you can just make use of the other features(such as encrytion,anti-replay,connection stalization). From ae497908a1e034e1bcff2dc6fea4d6d92ef2187c Mon Sep 17 00:00:00 2001 From: wangyu- Date: Thu, 24 Aug 2017 01:06:51 -0700 Subject: [PATCH 5/9] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 5a48b29..ee79a7f 100755 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ For Winodws/MacOS,the 4.4mb virtual image with udp2raw pre-installed has been re # Features ### Send/Receive UDP Packets with ICMP/FakeTCP/UDP headers -ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw just works like an ICMP tunnel. +ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw works like an ICMP tunnel. UDP headers are also supported.In UDP header mode,it behaves just like a normal UDP tunnel,and you can just make use of the other features(such as encrytion,anti-replay,connection stalization). From 37f2de2ae44496d62caedd26044eb5eb57be62c4 Mon Sep 17 00:00:00 2001 From: wangyu- Date: Thu, 24 Aug 2017 01:47:52 -0700 Subject: [PATCH 6/9] Update openvpn_guide.md --- doc/openvpn_guide.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/openvpn_guide.md b/doc/openvpn_guide.md index 812a632..c6c10d2 100644 --- a/doc/openvpn_guide.md +++ b/doc/openvpn_guide.md @@ -2,6 +2,7 @@ ![image_vpn](/images/openvpn.PNG) ![image4](/images/image4.PNG) + # udp2raw command #### run at server side ``` @@ -13,6 +14,8 @@ assume server ip is 45.66.77.88 ./udp2raw_amd64 -s -l0.0.0.0:3333 -r 45.66.77.88:8855 -k "passwd" --raw-mode faketcp -a ``` +#### hint +You can add `--cipher xor` `--auth simple` to **both** sides to obtain maximum performance(but poor security). # openvpn config From e3b902a950af51379415c568cd183327806c190a Mon Sep 17 00:00:00 2001 From: Lance Tuller Date: Fri, 25 Aug 2017 11:40:48 -0400 Subject: [PATCH 7/9] Update README.md formatting and a typo :) --- README.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index ee79a7f..c02bb28 100755 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # Udp2raw-tunnel ![image0](images/image0.PNG) -A Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment).Its Encrpyted,Anti-Replay and Multiplexed.It aslo acts as a Connection Stablizer. +A Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket, helps you Bypass UDP FireWalls(or Unstable UDP Environment). Its Encrpyted, Anti-Replay and Multiplexed. It also acts as a Connection Stablizer. [简体中文](/doc/README.zh-cn.md) # Support Platforms @@ -14,10 +14,10 @@ For Winodws/MacOS,the 4.4mb virtual image with udp2raw pre-installed has been re ### Send/Receive UDP Packets with ICMP/FakeTCP/UDP headers ICMP/FakeTCP headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. In ICMP header mode,udp2raw works like an ICMP tunnel. -UDP headers are also supported.In UDP header mode,it behaves just like a normal UDP tunnel,and you can just make use of the other features(such as encrytion,anti-replay,connection stalization). +UDP headers are also supported. In UDP header mode, it behaves just like a normal UDP tunnel, and you can just make use of the other features (such as encrytion, anti-replay, or connection stalization). ### Simulated TCP with Real-time/Out-of-Order Delivery -In FakeTCP header mode,udp2raw simulates 3-way handshake while establishing a connection,simulates seq and ack_seq while data transferring.It also simulates following TCP options: `MSS`, `sackOk`, `TS`, `TS_ack`, `wscale`.Firewalls will regard FakeTCP as a TCP connection,but its essentially UDP: it supports real-time/out-of-order delivery(just as normal UDP does),no congrestion control or re-transmission.So there wont be any TCP over TCP problem when using OpenVPN. +In FakeTCP header mode,udp2raw simulates 3-way handshake while establishing a connection,simulates seq and ack_seq while data transferring. It also simulates following TCP options: `MSS`, `sackOk`, `TS`, `TS_ack`, `wscale`.Firewalls will regard FakeTCP as a TCP connection, but its essentially UDP: it supports real-time/out-of-order delivery(just as normal UDP does), no congrestion control or re-transmission. So there wont be any TCP over TCP problem when using OpenVPN. ### Encrpytion, Anti-Replay * Encrypt your traffic with AES-128-CBC. @@ -25,7 +25,7 @@ In FakeTCP header mode,udp2raw simulates 3-way handshake while establishing a co * Defense replay attack with an anti-replay window, smiliar to IPSec and OpenVPN. ### Failure Dectection & Stablization (Connection Recovery) -Conection failures are detected by heartbeats. If timed-out,client will automatically change port number and reconnect. If reconnection is successful, the previous connection will be recovered, and all existing UDP conversations will stay vaild. +Conection failures are detected by heartbeats. If timed-out, client will automatically change port number and reconnect. If reconnection is successful, the previous connection will be recovered, and all existing UDP conversations will stay vaild. For example, if you use udp2raw + OpenVPN, OpenVPN won't lose connection after any reconnect, **even if network cable is re-plugged or WiFi access point is changed**. From 5c4ea515f686d6551aa04a81e1ea2c419de17445 Mon Sep 17 00:00:00 2001 From: Lance Tuller Date: Fri, 25 Aug 2017 11:42:22 -0400 Subject: [PATCH 8/9] Update README.md --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index c02bb28..e0c5ce2 100755 --- a/README.md +++ b/README.md @@ -1,7 +1,7 @@ # Udp2raw-tunnel ![image0](images/image0.PNG) -A Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket, helps you Bypass UDP FireWalls(or Unstable UDP Environment). Its Encrpyted, Anti-Replay and Multiplexed. It also acts as a Connection Stablizer. +A Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket, helps you Bypass UDP FireWalls(or Unstable UDP Environment). Its Encrypted, Anti-Replay and Multiplexed. It also acts as a Connection Stabilizer. [简体中文](/doc/README.zh-cn.md) # Support Platforms From 53609c25fc625c9a534dc44d3aa067b573231f6a Mon Sep 17 00:00:00 2001 From: wangyu- Date: Fri, 25 Aug 2017 19:14:17 -0700 Subject: [PATCH 9/9] Update openvpn_guide.md --- doc/openvpn_guide.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/openvpn_guide.md b/doc/openvpn_guide.md index c6c10d2..035eb04 100644 --- a/doc/openvpn_guide.md +++ b/doc/openvpn_guide.md @@ -15,7 +15,7 @@ assume server ip is 45.66.77.88 ``` #### hint -You can add `--cipher xor` `--auth simple` to **both** sides to obtain maximum performance(but poor security). +You can add `--cipher-mode xor` `--auth-mode simple` to **both** sides to obtain maximum performance(but poor security). # openvpn config