Re: [HACK] UDP tunneling over TCP for WireGuard

Development discussion of WireGuard
 help / color / mirror / Atom feed

From: Ximin Luo <ximin@dfinity.org>
To: Luca Beltrame <lbeltrame@kde.org>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: [HACK] UDP tunneling over TCP for WireGuard
Date: Wed, 18 Apr 2018 18:36:58 +0200	[thread overview]
Message-ID: <CADX+UFgeoSyNJc+XPSD_RSs6o+jBWanMoK6m3Knb525wYouXTA@mail.gmail.com> (raw)
In-Reply-To: <24602785.LeAoNilrza@aoi.marionegri.it>

[-- Attachment #1: Type: text/plain, Size: 643 bytes --]

(reposting to the list, not used to gmail)

On Wed, Apr 18, 2018 at 1:55 PM, Luca Beltrame <lbeltrame@kde.org> wrote:

> [..]
>
> Very hacky, but gets the job done. Any suggestions on how to make it
> better?
>

I wonder if anyone has written a program (likely it has to be a kernel
module) to tunnel UDP packets over "fake TCP" i.e. just put the UDP data in
a TCP packet but not actually run TCP. I'm not sure how deeply firewalls
check TCP headers to see if they are "actually" running TCP "properly", but
I'd guess it's possible to fake enough aspects of it so that it "looks
legit" and no firewall would be able to tell the difference.

X

[-- Attachment #2: Type: text/html, Size: 1107 bytes --]

next prev parent reply	other threads:[~2018-04-18 16:22 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-04-18 11:55 Luca Beltrame
2018-04-18 15:55 ` Tim Sedlmeyer
2018-04-18 21:07   ` Matthias Urlichs
2018-04-18 16:36 ` Ximin Luo [this message]
     [not found] ` <f47035e6-8940-7f24-6d13-f645a76bc3a7@juniorjpdj.pl>
2018-04-18 21:12   ` Luca Beltrame
2018-05-24  1:20     ` Beware of udp2raw-tunnel (was: [HACK] UDP tunneling over TCP for WireGuard) tomli

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CADX+UFgeoSyNJc+XPSD_RSs6o+jBWanMoK6m3Knb525wYouXTA@mail.gmail.com \
    --to=ximin@dfinity.org \
    --cc=lbeltrame@kde.org \
    --cc=wireguard@lists.zx2c4.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).