All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
HTTP->WireGuard->Internet
I was running into a use case where I wanted view highlights for football but it was blocked due to regional restrictions. I had a VPN but unfortunately it would tunnel all of my connections which doesn't work for me specially in my case where your employer is monitoring you and you get logged out too. In remote work or working for international clients, this can become difficult.
I ended up writing this
https://github.com/noamanahmed/wireguard-http-proxy
Now you can just tunnel specific application through it via plain HTTP. Let me know if you think something similar for OpenVPN as this is for wireguard.
So something like this would work
google-chrome --proxy-server="127.0.0.1:8888"
Now I can finally see football in peace 😛
Possible Future Features
- HTTP Proxy Basic Username and Password
- Dockerize the complete application
Let me know your thoughts and suggestions.
Comments
you may try gluetun:
https://github.com/qdm12/gluetun
Interesting tool but as far as I know, there are already WireGuard clients which expose themselves as other forms of proxies such as socks5 (e.g. wireproxy)
Does your employer pay you to watch football at work? Are you cheating your employer?
He is okay with it. Most of the employees are okay as long as your are productive.
I didn't know about this one. It seems to be feature heavy though.
I think that's only SOCKS5 and not HTTP
Sounds like a interesting project
Why not give squid a try? http://www.squid-cache.org/
Not required in my use case.
looks good!
you can also try allow
0.0.0.0/0then disallow LAN / work IPs using these kind of calculatorSimpler solution using ssh
Login into any server, with SSH setting up a local SOCK5 server (
-D) and then use as proxyYour example assumes that you have SSH access to the server. I only have wireguard and OpenVPN configurations only.
This won't work as we need to block access for HTTP proxy not the wireguard. At the time of writing this, I realized I have also opened up the wireguard port too which shouldn't be there as you should only allow traffic over the HTTP proxy. Or you can say it's not a bug it's a feature
just use xray or sing-box
I've come back to testify that this whole setup is stupidly helpful. up until now i just used to use linuxserver/wireguard to tunnel each container traffic (which is sometimes problematic on how to expose ports for lan access).
with this wireguard-http-proxy i can pretty much expose the http proxy port into docker0 interface and any other container can use it easily.
by not needing to run multiple wireguard container means i don't have to generate multiple wg0 conf for each compose files, less RAM is being used too.
looking forward for user/password implementation, it's probably not useful when you really sure it'll exposed in LAN only, but it's a nice feature to have if you have different use case.
Thank you. Unfortunately the user/password feature functionality development is pushed quite down the queue as I am busy with another hobby project.
If i get time and more interest, I will definitely add it sooner rather than later
I opened a pull request. i hope you're happy with my implementation
For me mostly time I just setup sing-box, and make daemon OpenRC/SystemD to make sure nothing wrong
First of all thank you for the effort you put into it.
I just left a comment. The implementation looks neat but I would look into supporting multiple users instead of a single one.
We can always deploy it on a VPS and then open up ports and keep this running. This would allow sharing between friends and family without sharing single credentials.
Looking forward to your reply