/wireskip

Wireskip multipurpose binary: client, relay, SOCKSv5 proxy

Primary LanguageRustMIT LicenseMIT

A work in progress generic tunneling (VPN-like) solution using HTTP 2/3 as transport loosely based on the IETF MASQUE WG effort but not affiliated with the IETF in any way. Built on top of hyper as a single self-contained binary.

Why?

HTTP 2/3 is an inconspicuous transport layer which enables collateral freedom when it is used to circumvent network censorship. Our goal is for Wireskip traffic to be indistinguishable from regular web browsing to an outside observer.

Roadmap

Currently implemented features:

Planned for the future / needs a helping hand:

  • RFC 9484: Proxying IP in HTTP
  • The SOCKSv5 code is very barebones and needs to be improved
  • An easy built-in way to deploy to cloud instances via ssh
  • System-wide traffic tunneling through tun device
  • Authentication mechanisms to control access
  • Unit / integration test coverage
  • User-friendly platform apps
  • Docs!

Contributing

  • Please note that code is far from stable yet
  • Nightly Rust und unstable features are OK
  • Be very careful about adding new deps
  • Do one thing and do it well
  • Use clippy and rustfmt

In contrib/test.sh you will find a very simple testing scenario for tunneling TCP and UDP through a local 3-relay circuit.

Discussion

If you have any questions, feel free to join our Discord!