A simple VPN written in Golang.
- Support tun over UDP
- Support tun over WebSocket
- Support data encryption
Usage of ./vtun:
-S server mode
-t enable tls
-c string
tun interface CIDR (default "172.16.0.1/24")
-k string
encryption key (default "6w9z$C&F)J@NcRfWjXn3r4u7x!A%D*G-")
-p string
protocol ws/udp (default "ws")
-l string
local address (default "0.0.0.0:3000")
-s string
server address (default "0.0.0.0:3001")
sudo ./vtun -l=:3000 -s=server-addr:3001 -c=172.16.0.10/24 -k=123456 -p=ws
sudo ./vtun -S -l=:3001 -c=172.16.0.1/24 -k=123456 -p=ws
-
Add TLS for websocket,reverse proxy server(3001) via nginx/caddy(443)
-
Enable IP forwarding on server
sudo echo 1 > /proc/sys/net/ipv4/ip_forward
sudo sysctl -p
sudo iptables -t nat -A POSTROUTING -s 172.16.0.0/24 -o ens3 -j MASQUERADE
sudo apt-get install iptables-persistent
sudo iptables-save > /etc/iptables/rules.v4