From 0ddfd5d4f5c5d41b8daa9b6458d76a9c80d9f5ad Mon Sep 17 00:00:00 2001 From: Marco Ferragina Date: Thu, 17 Oct 2024 09:03:33 +0200 Subject: [PATCH] adds an example of how to use rospo to build a vpn like service --- README.md | 1 + hack/poor-vpn-macos.sh | 81 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 82 insertions(+) create mode 100644 hack/poor-vpn-macos.sh diff --git a/README.md b/README.md index 204815f..85f5577 100644 --- a/README.md +++ b/README.md @@ -29,6 +29,7 @@ It's meant to make SSH tunnels fun and understandable again * Sftp subsystem support server side * File transfer support client side (get and put sftp subcommands) * SOCKS5/SOCKS4 proxy server trough SSH + * DNS over SSH proxy ## How to Install diff --git a/hack/poor-vpn-macos.sh b/hack/poor-vpn-macos.sh new file mode 100644 index 0000000..863d71a --- /dev/null +++ b/hack/poor-vpn-macos.sh @@ -0,0 +1,81 @@ +#! /bin/bash + +# This is an example script that runs on MacOS only (conversion to linux should be trivial) +# It runs `rospo` as a SOCKS5 and DNS proxy +# It runs `tun2socks` to route all the traffic through the rospo proxies + +# Ensure you have tun2socks installed (https://github.com/xjasonlyu/tun2socks) +# Ensure you have rospo >= 0.13 installed (https://github.com/ferama/rospo) +# Configure the section below +# run. + +# this is the target host +# all the traffic will be proxied through this host +SSH_HOST="[put your ssh host here]" +SSH_PORT="[put your ssh port here]" + +REMOTE_DNS="1.1.1.1:53" + +############################################################################ +GATEWAY=`route -n get default | grep gateway | awk '{print $2}'` +GATEWAY6=`route -n get -inet6 default | grep gateway | awk '{print $2}'` +TMPFILE=$(mktemp -p /tmp) + +egress() { + sudo route delete $SSH_HOST + sudo route add default $GATEWAY + sudo route add -inet6 default $GATEWAY6 + networksetup -setdnsservers Wi-Fi empty + rm $TMPFILE +} +trap egress EXIT + +run_rospo() { + + cat > $TMPFILE <