Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Standalone mode? #28

Open
lendenis opened this issue Oct 19, 2023 · 3 comments
Open

Standalone mode? #28

lendenis opened this issue Oct 19, 2023 · 3 comments
Labels
feature request New feature or request

Comments

@lendenis
Copy link

Hello,

Does wiretap works as a https or socks proxy, without executing any commands on wireguard server?

So it would be a standalone mode that expose a port for proxy passing through wireguard server.
@luker983
Copy link
Collaborator

Wiretap does not work as an https or socks proxy out of the box. Clients are transparently proxied through the server using routing rules and WireGuard instead. There is an option to expose client services to Wiretap servers via SOCKS using the wiretap expose command, but it doesn't sound like that's what you want.

If you are requesting that a new feature be added, would you please share some more details that explain your use-case? Another tool built with SOCKS/HTTP proxy in mind like Chisel might work out better for you if you're not interested in a transparent proxy solution, but always open to hearing how we might make Wiretap better!

@lendenis
Copy link
Author

It might be a new feature, here is my use case:

I need to have a SOCKS/HTTP proxy which is over wireguard tunnel without changing anything on the wireguard server (or executing any other command/process on the wireguard server) also without having a tun interface on the client laptop.

There is a wireguard tunnel pre-connected on the laptop to a commercial vpn provider. I need to access another wireguard server over commercial vpn server. Multiple wireguard tunnels at the same time would cause trouble on routing, ip rules, forwarding etc.

So basically, I am looking possibility to run wiretap on my client laptop, which has already a different wireguard tunnel connection and have a SOCKS/HTTPS proxy, so client can access the the services from browser using proxy.

@luker983
Copy link
Collaborator

Thank you for the clarification. This is probably something that can be accomplished with another tool like https://github.com/pufferffish/wireproxy or fairly easily scripted using the examples in the wireguard-go repo as a starting point: https://github.com/WireGuard/wireguard-go/blob/master/tun/netstack/examples/http_client.go.

We'll consider adding something like this for instances where clients do not want to or cannot create interfaces and still want to interact with a Wiretap network, but to stay in scope of this project the assumption will remain that servers have been deployed using Wiretap.

@luker983 luker983 added the feature request New feature or request label Oct 20, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
feature request New feature or request
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@luker983 @lendenis