Skip to content

Lifailon/rpnet

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

38 Commits
nuget
nuget
Β 
Β 
screen
screen
Β 
Β 
source
source
Β 
Β 
.gitignore
.gitignore
Β 
Β 
LICENSE
LICENSE
Β 
Β 
README.md
README.md
Β 
Β 
README_RU.md
README_RU.md
Β 
Β 

Repository files navigation

Reverse Proxy .NET

➑️ Choose language βž‘οΈβ€ Π’Ρ‹Π±Π΅Ρ€ΠΈΡ‚Π΅ язык

A cross-platform command line utility for implementing a .NET-based reverse proxy. It is used to provide access to hosts from one network interface to remote applications via TCP, UDP or HTTP/HTTPS protocols accessible through another network interface without unnecessary settings and with authorization support.

πŸ’ For what?

This utility solves several problems:

  • Firstly, this is security, because when connecting, the client does not have direct access to the machine and convenience, where, unlike a classic Proxy server, you do not need to configure the server part and specify the proxy server address on the client side in the application settings or every time you access via REST client.

  • Secondly, if you are using a VPN server in point-to-point mode or using network separation, where you need to provide access to a client in the DMZ (Demilitarized Zone) to an application listening for connections on a TCP or UDP port on the internal network, for example , for protocols RTSP, SSH, RDP, Syslog and others. This tool can also act as an alternative to classic ssh tunneling (for example, through OpenSSH or Putty).

  • Thirdly, if you use a VPN to access a specific URL resource via the HTTP or HTTPS protocols on your machine, and want to provide access to it to other machines on the network without using VPN or Proxy servers.

  • Fourthly, if your Web application or REST API server does not support authorization, then you can use Base64 encryption, which obliges you to transmit authorization data in the request header for everyone clients that will connect via Proxy. If you are using a browser, a form will be provided to complete basic authorization.

There are many alternatives that provide similar functionality individually. For example, ncat on Windows (from nmap) and socat on Linux for TCP or ReverseProxy in Golang to redirect HTTP/HTTPS traffic. All of the above functionality is implemented in one utility rpnet.

πŸš€ Installation

πŸ’» Windows

🐧 Linux

  • Install the .NET Application Runtime:
sudo apt-get install -y dotnet-runtime-8.0
  • Download the rpnet executable file to the /usr/local/bin/ directory and grant execution permissions:
sudo curl -s -L https://github.com/Lifailon/rpnet/releases/download/0.0.2/rpnet-0.0.2-linux-x64 -o /usr/local/bin/rpnet
sudo chmod +x /usr/local/bin/rpnet

πŸ’‘ Tested on Ubuntu 22.04.

πŸ“Œ No dependency installation

If you don't want to install the .NET runtime, you can download a zip archive of the self-contained version, which already contains all the dependencies (available for both platforms).

πŸ”¨ Build

Clone the repository:

git clone https://github.com/Lifailon/rpnet.git
cd rpnet

Start the application:

dotnet run [parameters]

Build the application into one executable file:

  • Windows:
dotnet publish -r win-x64 -c Release /p:PublishSingleFile=true
  • Linux:
dotnet publish -r linux-x64 -c Release /p:PublishSingleFile=true

Build a self-contained application (without the need to install .NET platform dependencies on the executable system):

  • Windows:
dotnet publish -r win-x64 -c Release --self-contained true
  • Linux:
dotnet publish -r linux-x64 -c Release --self-contained true

πŸ“‘ Usage

Get Help:

rpnet.exe --help

Reverse Proxy server base on .NET.

Parameters:
  -h, --help                       Show help.
  -l, --local <port/address:port>  Address and port of the interface or only the port (for udp) through which proxy requests will pass.
  -r, --remote <address:port/url>  TCP/UDP or HTTP/HTTPS address of the remote resource to which requests will be proxy.
  -u, --userName <LOGIN>           User name for authorization (HTTP only).
  -p, --password <PASSWORD>        User password for authorization.

Examples:
  rpnet.exe --local 127.0.0.1:8443 --remote 192.168.3.101:80
  rpnet.exe --local 5514 --remote 192.168.3.100:514
  rpnet.exe --local 127.0.0.1:8443 --remote https://kinozal.tv
  rpnet.exe --local *:8443 --remote https://kinozal.tv --userName proxy --password admin

πŸ”Œ TCP

In the example, accepts requests on the interface with IP address 192.168.3.100 and port 8443 to redirect to a remote host with IP address 192.168.3.101, where the application is running on port 80.

rpnet.exe --local 192.168.3.100:8443 --remote 192.168.3.101:80

TCP protocol is used
Listening on 192.168.3.100:8443 for forwarding to 192.168.3.101:80
[15:52:01] 192.168.3.100:37865: [::ffff:192.168.3.101]:80
[15:52:04] 192.168.3.100:37160: [::ffff:192.168.3.101]:80
[15:52:21] 192.168.3.99:35036: [::ffff:192.168.3.101]:80
[15:52:22] 192.168.3.99:35037: [::ffff:192.168.3.101]:80
[15:52:25] 192.168.3.99:35035: [::ffff:192.168.3.101]:80
[15:52:30] 192.168.3.100:37162: [::ffff:192.168.3.101]:80
[15:52:34] 192.168.3.100:38970: [::ffff:192.168.3.101]:80
[15:52:35] 192.168.3.100:37999: [::ffff:192.168.3.101]:80

πŸ’‘ To listen to all network interfaces, use the * symbol instead of the local IP address (you need to run the console with administrator rights).

This method is suitable for processing most protocols that operate on the basis of TCP, including support for data transmission in the request body via HTTP.

But this method is not suitable for proxying requests to remote resources over the Internet.

$(Test-NetConnection 172.67.189.243 -Port 443).TcpTestSucceeded
True

rpnet.exe--local localhost:8443 --remote 172.67.189.243:443

TCP protocol is used
Error: An invalid IP address was specified.

SSH over TCP

Example of ssh connection through a proxy server (implementation of ssh tunneling):

rpnet.exe --local 192.168.3.100:3131 --remote 192.168.3.101:2121

πŸ“‘ UDP

An example of redirecting requests from a client (the rsyslog client configuration on the right) to the Syslog server (listening for requests on port 514) through a proxy server.

πŸ’‘ When using the UDP protocol, the local address is not specified.

rpnet.exe --local 5514 --remote 192.168.3.100:514

🌐 HTTP

When using proxying using the HTTP or HTTPS protocol, you must pass a url address that begins with the name of the protocol http:// or https://.

πŸ’‘ Data transfer via GET and POST requests is supported.

In the example, the proxy server accepts requests on the interface with the IP address 192.168.3.100 on port 8443 to redirect to the remote url resource Kinozal. The connection is made from a client with the IP address 192.168.3.99 using the GET method. Lists all the endpoints that the client contacts to load the home page.

rpnet.exe --local 192.168.3.100:8443 --remote https://kinozal.tv

HTTP protocol is used
Listening on 192.168.3.100:8443 for forwarding to https://kinozal.tv
Not authorization is used
[16:03:43] 192.168.3.99 GET: /
[16:03:43] 192.168.3.99 GET: /pic/0_kinozal.tv.css?v=3.4
[16:03:43] 192.168.3.99 GET: /pic/jquery-3.6.3.min.js?v=1.1
[16:03:43] 192.168.3.99 GET: /pic/use.js?v=3.7
[16:03:43] 192.168.3.99 GET: /pic/logo3.gif
[16:03:43] 192.168.3.99 GET: /pic/emty.gif
[16:03:44] 192.168.3.99 GET: /pic/radio_ban.jpg
[16:03:44] 192.168.3.99 GET: /pic/knz_love.gif
[16:03:44] 192.168.3.99 GET: /i/poster/1/1/1718811.jpg
[16:03:44] 192.168.3.99 GET: /pic/cat/45.gif
[16:03:44] 192.168.3.99 GET: /pic/l_portiere.gif
[16:03:44] 192.168.3.99 GET: /pic/sbg.gif
[16:03:44] 192.168.3.99 GET: /pic/r_portiere.gif
[16:03:44] 192.168.3.99 GET: /pic/cat/17.gif
[16:03:44] 192.168.3.99 GET: /pic/dw2.png
[16:03:44] 192.168.3.99 GET: /pic/status_icons.png
[16:03:44] 192.168.3.99 GET: /pic/srch_l.png
[16:03:44] 192.168.3.99 GET: /pic/srch_r2.png
[16:03:44] 192.168.3.99 GET: /pic/flags_all.png?v=1
[16:03:44] 192.168.3.99 GET: /i/poster/4/1/1772641.jpg
[16:03:44] 192.168.3.99 GET: /i/poster/3/7/541437.jpg
[16:03:44] 192.168.3.99 GET: /pic/cat/11.gif
[16:03:44] 192.168.3.99 GET: /pic/cat/20.gif
[16:03:45] 192.168.3.99 GET: /i/poster/8/0/467680.jpg
[16:03:45] 192.168.3.99 GET: /i/poster/2/1/2040221.jpg
[16:03:45] 192.168.3.99 GET: /pic/cat/8.gif
[16:03:45] 192.168.3.99 GET: /pic/favicon.ico

Authorization on the site via POST request:

[16:05:19] 192.168.3.99 POST: /takelogin.php
[16:05:20] 192.168.3.99 GET: /pic/0_kinozal.tv.css?v=3.4
[16:05:20] 192.168.3.99 GET: /pic/ava_m.jpg
[16:05:20] 192.168.3.99 GET: /pic/logo3.gif
[16:05:20] 192.168.3.99 GET: /pic/use.js?v=3.7
[16:05:20] 192.168.3.99 GET: /pic/jquery-3.6.3.min.js?v=1.1
[16:05:21] 192.168.3.99 GET: /pic/minus.gif
[16:05:21] 192.168.3.99 GET: /pic/plus.gif
[16:05:21] 192.168.3.99 GET: /pic/r5.gif
[16:05:21] 192.168.3.99 GET: /pic/bnr_pay_sm.jpg
[16:05:21] 192.168.3.99 GET: /pic/emty.gif
[16:05:21] 192.168.3.99 GET: /pic/srch_l.png
[16:05:21] 192.168.3.99 GET: /pic/r_portiere.gif
[16:05:21] 192.168.3.99 GET: /pic/sbg.gif
[16:05:21] 192.168.3.99 GET: /pic/bgmn.gif
[16:05:21] 192.168.3.99 GET: /pic/srch_r2.png
[16:05:21] 192.168.3.99 GET: /pic/l_portiere.gif
[16:05:21] 192.168.3.99 GET: /pic/flags_all.png?v=1

πŸ”“ Authorization

To use authorization on the proxy server side, you must fill in the appropriate parameters at startup. If the client transmits incorrect authorization data, this will be displayed in the log.

rpnet.exe --local 192.168.3.100:8443 --remote https://kinozal.tv --userName proxy --password admin

HTTP protocol is used
Listening on 192.168.3.100:8443 for forwarding to https://kinozal.tv
Authorization is used
[16:07:44] 192.168.3.100 GET: /
[16:07:44] 192.168.3.100 GET: Authorization form sent
[16:07:48] 192.168.3.100 GET: /
[16:07:48] 192.168.3.100 GET: Authorization error
[16:07:49] 192.168.3.100 GET: /
[16:07:49] 192.168.3.100 GET: Authorization form sent
[16:07:53] 192.168.3.100 GET: /
[16:07:54] 192.168.3.100 GET: /pic/0_kinozal.tv.css?v=3.4
[16:07:54] 192.168.3.100 GET: /pic/jquery-3.6.3.min.js?v=1.1
[16:07:54] 192.168.3.100 GET: /pic/use.js?v=3.7
[16:07:54] 192.168.3.100 GET: /pic/logo3.gif
[16:07:54] 192.168.3.100 GET: /pic/emty.gif
[16:07:55] 192.168.3.100 GET: /pic/radio_ban.jpg
[16:07:55] 192.168.3.100 GET: /pic/knz_love.gif
[16:07:55] 192.168.3.100 GET: /i/poster/1/1/1718811.jpg
[16:07:55] 192.168.3.100 GET: /pic/cat/45.gif
[16:07:55] 192.168.3.100 GET: /pic/dw2.png
[16:07:55] 192.168.3.100 GET: /pic/cat/17.gif
[16:07:55] 192.168.3.100 GET: /i/poster/4/1/1772641.jpg
[16:07:55] 192.168.3.100 GET: /i/poster/3/7/541437.jpg
[16:07:55] 192.168.3.100 GET: /pic/cat/11.gif
[16:07:55] 192.168.3.100 GET: /pic/cat/20.gif
[16:07:55] 192.168.3.100 GET: /i/poster/8/0/467680.jpg
[16:07:55] 192.168.3.100 GET: /i/poster/2/1/2040221.jpg
[16:07:55] 192.168.3.100 GET: /pic/cat/8.gif
[16:07:56] 192.168.3.100 GET: /pic/srch_l.png
[16:07:56] 192.168.3.100 GET: /pic/srch_r2.png
[16:07:56] 192.168.3.100 GET: /pic/l_portiere.gif
[16:07:56] 192.168.3.100 GET: /pic/r_portiere.gif
[16:07:56] 192.168.3.100 GET: /pic/sbg.gif
[16:07:56] 192.168.3.100 GET: /pic/status_icons.png
[16:07:56] 192.168.3.100 GET: /pic/flags_all.png?v=1
[16:07:57] 192.168.3.100 GET: /pic/favicon.ico

About

Cross-platform reverse proxy server base on .NET

nuget.org/packages/Reverse.Proxy.NET

Topics

microsoft windows console application socket base64 csharp authentication dotnet proxy console-tool proxy-server reverse-proxy tcp-proxy network-tools console-application web-proxy authentication-backend console-app reverse-proxy-server

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases 2

0.0.2 Latest
Jul 1, 2024
+ 1 release

Packages

No packages published

Languages