/minivtun

A fast, secure and reliable VPN service based on non-standard protocol

Primary LanguageCGNU General Public License v3.0GPL-3.0

minivtun

A fast secure and reliable VPN service in non-standard protocol for rapidly deploying VPN servers/clients or getting through firewalls

Key features

  • Fast: direct UDP-encapsulated without complex authentication handshakes.
  • Secure: both header and tunnel data are encrypted, which is nearly impossible to be tracked by protocol characteristics and blocked, unless all UDP ports are blocked by your firewall; spoofed packets from unauthorized peer are dropped immediately.
  • Reliable: communication recovers immediately from next received packet from client after the previous session was dead, which makes the connection extremely reliable.
  • Rapid to deploy: a standalone program to run; all configuration are specified in command line with very few options.

Installation for Linux

Install required development components

sudo apt-get install build-essential libssl-dev   # for Ubuntu / Debian
sudo yum install make gcc openssl-devel   # for CentOS / Fedora / RedHat

Compile and install

git clone https://github.com/rssnsj/minivtun.git minivtun
cd minivtun/src
make
sudo make install

Installation for Mac OS X

Install TUNTAP driver for Mac OS X: http://tuntaposx.sourceforge.net/

Compile and install

git clone https://github.com/rssnsj/minivtun.git minivtun
cd minivtun/src
make
sudo make install

Installation for FreeBSD

Compile and install

git clone https://github.com/rssnsj/minivtun.git minivtun
cd minivtun/src
gmake
sudo gmake install

Usage

Mini virtual tunneller in non-standard protocol.
Usage:
  minivtun [options]
Options:
  -l, --local <ip:port>               IP:port for server to listen
  -r, --remote <ip:port>              IP:port of server to connect
  -a, --ipv4-addr <tun_lip/tun_rip>   pointopoint IPv4 pair of the virtual interface
				  <tun_lip/pfx_len>   IPv4 address/prefix length pair
  -A, --ipv6-addr <tun_ip6/pfx_len>   IPv6 address/prefix length pair
  -m, --mtu <mtu>                     set MTU size, default: 1300.
  -t, --keepalive <keepalive_timeo>   interval of keep-alive packets, default: 13
  -n, --ifname <ifname>               virtual interface name
  -p, --pidfile <pid_file>            PID file of the daemon
  -e, --key <encryption_key>          shared password for data encryption
  -v, --route <network/prefix=gateway>
                                      route a network to a client address, can be multiple
  -w, --wait-dns                      wait for DNS resolve ready after service started.
  -d, --daemon                        run as daemon process
  -h, --help                          print this help

Examples

Server: Run a VPN server on port 1414, with local virtual address 10.7.0.1, client address space 10.7.0.0/24, encryption password 'Hello':

/usr/sbin/minivtun -l 0.0.0.0:1414 -a 10.7.0.1/24 -e Hello -d

Client: Connect VPN to the above server (assuming address vpn.abc.com), with local virtual address 10.7.0.33:

/usr/sbin/minivtun -r vpn.abc.com:1414 -a 10.7.0.33/24 -e Hello -d

Multiple clients on different devices can be connected to the same server:

/usr/sbin/minivtun -r vpn.abc.com:1414 -a 10.7.0.34/24 -e Hello -d
/usr/sbin/minivtun -r vpn.abc.com:1414 -a 10.7.0.35/24 -e Hello -d
/usr/sbin/minivtun -r vpn.abc.com:1414 -a 10.7.0.36/24 -e Hello -d
...

Diagnoses

None.