README
¶
IPv6 Tunnel Broker
Version 1.0.0-alpha
Overview
Usecase-Scenario: You have a IPv6-Only or Dual-Stack-Lite connection at home and you want to access your devices at home from remote. This works unless you are using an IPv4-Only connection.
This tool is a lightweight solution for this problem. The only thing you need is a "real" Dual-Stack-Server.
This app does more or less the same as https://www.sixxs.net/main/
Use-Case
Without Tunnel
[Work] --- IPv4 ----> [Internet] --- IPv4 ---> [ISP] <No IPv4 port forwarning> [Home]
Using a Tunnel
[Work] --- IPv4 ----> [Internet] --- IPv4 ---> [Your dual stack server]--- IPv6 ---> [ISP] --- IPv6 ---> [Home]
But having a dynamic IPv6-Prefix means you have to reconfigure the tunnel on your server every time your prefix changes (In my case every 24 hours).
This is pretty annoying so I started developing ip6tun which is a tunnel broker proving a tiny rest interface allowing
At home you access the internet using a dual stack lite connection. Now you wan't to access you NAS from work where you only have IPv4.
Usage
Example script for running the server:
#!/bin/bash
# Enable debug
export IP6TUN_DEBUG=true
# Port
export IP6TUN_PORT=8080
# Servername
export IP6TUN_SERVERNAME=myserver
# Api access key
export IP6TUN_APIKEY=notverysecurekey
# https config
export IP6TUN_TLS_CERT=cert.pem
export IP6TUN_TLS_KEY=key.pem
# run server
./ip6tun-server
Client:
IP6TUN_KEY=notverysecurekey IP6TUN_HOST=localhost IP6TUN_PORT=8080 ip6tun-client mynas 80 10001
This will create a tunnel from myserver:100001 to [whatever:ipv6:your:nas:has]:80.
TODOS
- More tests
- Improve tunnel updating on server side
- Better client implementation
- Persist tunnels (Server should recrate tunnels after crash or reboot)
License
MIT see LICENSE
Documentation
¶
Index ¶
- Constants
- Variables
- type Broker
- func (b *Broker) Add(name, rHost string, rPort, lPort uint16) (*Tunnel, error)
- func (b *Broker) Cleanup()
- func (b *Broker) Close()
- func (b *Broker) Delete(id uint32) error
- func (b *Broker) Get(id uint32) (*Tunnel, error)
- func (b *Broker) Tunnels() []*Tunnel
- func (b *Broker) Update(id uint32, rHost string, rPort uint16) (*Tunnel, error)
- type Client
- func (c *Client) Create(name string, serverPort, clientPort uint16) (*TunnelResponse, error)
- func (c *Client) Delete() (*TunnelResponse, error)
- func (c *Client) List() (list []TunnelResponse, err error)
- func (c *Client) Update(id uint32, name string, serverPort, clientPort uint16) (*TunnelResponse, error)
- type Server
- type ServerConfig
- type Tunnel
- type TunnelRequest
- type TunnelResponse
Constants ¶
const HTTPAuthHeader = "X-IP6TUN-AUTH"
Variables ¶
var (
ErrTunnelNotFound = errors.New("Tunnel not found")
)
Functions ¶
This section is empty.
Types ¶
type Broker ¶
type Broker struct {
// contains filtered or unexported fields
}
Broker
func (*Broker) Cleanup ¶
func (b *Broker) Cleanup()
Cleanup deletes clients which haven't been updated for some time
type Client ¶
type Client struct {
// contains filtered or unexported fields
}
Client is a simple REST-Client to access a ip6tun server
func NewClient ¶
NewClient instantiates a new client which is able to communicate with the server at host:port
func (*Client) Create ¶
func (c *Client) Create(name string, serverPort, clientPort uint16) (*TunnelResponse, error)
Create a new tunnel on the server
func (*Client) Delete ¶
func (c *Client) Delete() (*TunnelResponse, error)
func (*Client) List ¶
func (c *Client) List() (list []TunnelResponse, err error)
List returns a list of all active tunnels
type Server ¶
type Server struct {
// contains filtered or unexported fields
}
func NewServer ¶
func NewServer(config *ServerConfig) (*Server, error)
NewServer returns a new initialized ip6tun server
type ServerConfig ¶
type ServerConfig struct {
Debug bool `default:"false"`
Port int `default:"8080"`
ServerName string `default:"localhost"`
APIKey string `required:"true"`
CertFile string `envconfig:"tls_cert" required:"true"`
KeyFile string `envconfig:"tls_key" required:"true"`
MaxIdle time.Duration `default:"86400"`
}
func (*ServerConfig) String ¶
func (c *ServerConfig) String() string
type Tunnel ¶
type Tunnel struct {
Id uint32 `json:"id"`
Name string `json:"name"`
LocalPort uint16 `json:"local_port"`
RemoteHost string `json:"remote_host"`
RemotePort uint16 `json:"remote_port"`
MessageLog []string `json:"message_log"`
CreatedAt *time.Time `json:"created_at"`
UpdatedAt *time.Time `json:"updated_at"`
// contains filtered or unexported fields
}
Tunnel is a 4in6 tunnel
type TunnelRequest ¶
type TunnelRequest struct {
Name string `json:"name"`
LocalPort uint16 `json:"local_port"`
RemotePort uint16 `json:"remote_port"`
}
reqTunnel is used for create & update
func (*TunnelRequest) Validate ¶
func (t *TunnelRequest) Validate() error
Validate checks if given ports are in range and if the name is not empty.
type TunnelResponse ¶
type TunnelResponse struct {
Id uint32 `json:"id"`
Name string `json:"name"`
LocalPort uint16 `json:"local_port"`
RemoteHost string `json:"remote_host"`
RemotePort uint16 `json:"remote_port"`
MessageLog []string `json:"message_log"`
CreatedAt *time.Time `json:"created_at"`
UpdatedAt *time.Time `json:"updated_at"`
}
Source Files
Directories