├── LICENSE
├── README.md
├── tunnel-wireguard-udp2tcp-client.sh
└── tunnel-wireguard-udp2tcp-server.sh


/LICENSE:
--------------------------------------------------------------------------------
 1 | BSD 2-Clause License
 2 | 
 3 | Copyright (c) 2019, Leroy van Logchem
 4 | All rights reserved.
 5 | 
 6 | Redistribution and use in source and binary forms, with or without
 7 | modification, are permitted provided that the following conditions are met:
 8 | 
 9 | 1. Redistributions of source code must retain the above copyright notice, this
10 |    list of conditions and the following disclaimer.
11 | 
12 | 2. Redistributions in binary form must reproduce the above copyright notice,
13 |    this list of conditions and the following disclaimer in the documentation
14 |    and/or other materials provided with the distribution.
15 | 
16 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
17 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
18 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
19 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
20 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
21 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
22 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
23 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
24 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
25 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
26 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
  1 | # tunnel-wireguard-udp2tcp
  2 | Tunnel WireGuard UDP tunnel traffic over TCP using socat
  3 | 
  4 | ## Prerequisites
  5 | 
  6 | * Install WireGuard on server and client
  7 | * Adjust WireGuard interface to use smaller MTU=1280
  8 | * Running WireGuard server
  9 | 
 10 | ## Features
 11 | 
 12 | * Stable - restarts on disconnect
 13 | * Few dependencies - just bash and socat
 14 | 
 15 | ## Usage
 16 | 
 17 | * On the WireGuard CLIENT
 18 |     * Edit REMOTE_IP on the client system
 19 |     * Start the tunnel-wireguard-udp2tcp-client.sh
 20 | * On your WireGuard SERVER
 21 |     * Make sure WireGuard server is running
 22 |     * Start "nohup tunnel-wireguard-udp2tcp-server.sh"
 23 |     
 24 | ## Example WireGuard configurations
 25 | 
 26 | Example WireGuard server configuration **wg0.conf** 
 27 | 
 28 | ```
 29 | [Interface]
 30 | Address = 10.10.10.1/32
 31 | PrivateKey = cP/qYOURSERVERPRIVATEKEYGOESHEREfsfad9Llfkc=
 32 | ListenPort = 51820
 33 | MTU=1280
 34 | 
 35 | [Peer]
 36 | PublicKey = oEzMV/70AjYOURCLIENTPUBLICKEYGOESHEREOewPPVQ=
 37 | AllowedIPS = 10.10.10.2/32
 38 | ```
 39 | 
 40 | Example WireGuard client configuration **wg0.conf**
 41 | 
 42 | ```
 43 | [Interface]
 44 | PrivateKey = ++YOURCLIENTPRIVATEKEYYOURCLIENTPRIVATEKEY!=
 45 | Address = 10.10.10.2/32
 46 | MTU = 1280
 47 | 
 48 | [Peer]
 49 | PublicKey = YOURPUBLICKEYGOESHEREYOURPUBLICKEYGOESHERE!=
 50 | AllowedIPs = 10.10.10.1/32
 51 | Endpoint = 1.2.3.4:51821 # YOUR WG SERVER IP
 52 | ```
 53 | 
 54 | ## Validated setups
 55 | 
 56 | Known to work on:
 57 | 
 58 | * Linux
 59 | * FreeBSD
 60 | * Windows
 61 |     * Using Cygwin64 version of socat
 62 |     * Using WireGuard Go version by Jason A. Donenfeld
 63 | 
 64 | ## Contributing
 65 | 
 66 | 1. Fork it!
 67 | 2. Create your feature branch: `git checkout -b my-new-feature`
 68 | 3. Commit your changes: `git commit -am 'Add some feature'`
 69 | 4. Push to the branch: `git push origin my-new-feature`
 70 | 5. Submit a pull request :D
 71 | 
 72 | ## History
 73 | 
 74 | * 2019 November 10 - Initial version
 75 | 
 76 | ## Credits
 77 | 
 78 | * Jason A. Donenfeld for WireGuard tunnel interfaces
 79 | * Gerhard Rieger for socat - Multipurpose relay (SOcket CAT)
 80 | * Glenn Chappell for figlet
 81 | * Raghu Rajagopalan for tunnel the tunnel idea
 82 | 
 83 | 
 84 | ## BSD 2-Clause License
 85 | 
 86 | Copyright (c) 2019, Leroy van Logchem
 87 | All rights reserved.
 88 | 
 89 | Redistribution and use in source and binary forms, with or without
 90 | modification, are permitted provided that the following conditions are met:
 91 | 
 92 | 1. Redistributions of source code must retain the above copyright notice, this
 93 |    list of conditions and the following disclaimer.
 94 | 
 95 | 2. Redistributions in binary form must reproduce the above copyright notice,
 96 |    this list of conditions and the following disclaimer in the documentation
 97 |    and/or other materials provided with the distribution.
 98 | 
 99 | THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
100 | AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
101 | IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
102 | DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
103 | FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
104 | DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
105 | SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
106 | CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
107 | OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
108 | OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
109 | 


--------------------------------------------------------------------------------
/tunnel-wireguard-udp2tcp-client.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | #
 3 | # TUNNEL WIREGUARD UDP OVER TCP USING SOCAT
 4 | #
 5 | #   ___ _ _         _
 6 | #  / __| (_)___ _ _| |_
 7 | # | (__| | / -_) ' \  _|
 8 | #  \___|_|_\___|_||_\__|
 9 | #
10 | #
11 | #---CONFIGURE-START
12 | REMOTE_IP="YOUR.IP.GOES.HERE"
13 | REMOTE_TCP_PORT="587"
14 | LOCAL_LISTEN_UDP_PORT="51821"
15 | #---CONFIGURE-END
16 | 
17 | while true
18 | do
19 |         socat -d -t600 -T600 -d UDP4-LISTEN:$LOCAL_LISTEN_UDP_PORT tcp4:$REMOTE_IP:$REMOTE_TCP_PORT,keepalive
20 |         sleep 1
21 | done
22 | 


--------------------------------------------------------------------------------
/tunnel-wireguard-udp2tcp-server.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | #
 3 | # TUNNEL WIREGUARD UDP OVER TCP USING SOCAT
 4 | #   ___
 5 | #  / __| ___ _ ___ _____ _ _
 6 | #  \__ \/ -_) '_\ V / -_) '_|
 7 | #  |___/\___|_|  \_/\___|_|
 8 | #
 9 | #
10 | #---CONFIGURE-START
11 | LOCAL_UDP_PORT="51820"
12 | LOCAL_LISTEN_TCP_PORT="587"
13 | #---CONFIGURE-END
14 | 
15 | while true
16 | do
17 | socat -d tcp-l:$LOCAL_LISTEN_TCP_PORT,reuseaddr,keepalive,fork UDP4:127.0.0.1:$LOCAL_UDP_PORT
18 |         sleep 1
19 | done
20 | 


--------------------------------------------------------------------------------