New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More →
green-tunnel
Advanced tools
green-tunnel - npm Package Compare versions
Comparing version 1.7.4 to 1.7.5
@@ -10,7 +10,7 @@ #!/usr/bin/env node | ||
| const pkg = require('../package.json'); | ||
| const {Proxy, config, getLogger} = require('../src/index.cjs'); | ||
| const { Proxy, config, getLogger } = require('../src/index.cjs'); | ||
| const logger = getLogger('cli'); | ||
| const {argv} = yargs | ||
| const { argv } = yargs | ||
| .usage('Usage: green-tunnel [options]') | ||
@@ -33,5 +33,11 @@ .usage('Usage: gt [options]') | ||
| .option('https-only', { | ||
| type: 'boolean', | ||
| describe: 'Block insecure HTTP requests', | ||
| default: config.httpsOnly, | ||
| }) | ||
| .option('dns-type', { | ||
| type: 'string', | ||
| choices: ['https', 'tls'], | ||
| choices: ['https', 'tls', 'unencrypted'], | ||
| default: config.dns.type, | ||
@@ -45,2 +51,12 @@ }) | ||
| .option('dns-ip', { | ||
| type: 'string', | ||
| default: config.dns.ip, | ||
| }) | ||
| .option('dns-port', { | ||
| type: 'number', | ||
| default: config.dns.port, | ||
| }) | ||
| .option('silent', { | ||
@@ -110,5 +126,8 @@ alias: 's', | ||
| port: parseInt(argv['port'], 10), | ||
| httpsOnly: argv['https-only'], | ||
| dns: { | ||
| type: argv['dns-type'], | ||
| server: argv['dns-server'] | ||
| server: argv['dns-server'], | ||
| ip: argv['dns-ip'], | ||
| port: argv['dns-port'] | ||
| }, | ||
@@ -138,3 +157,3 @@ source: 'CLI', | ||
| await proxy.start({setProxy: argv['system-proxy']}); | ||
| await proxy.start({ setProxy: argv['system-proxy'] }); | ||
@@ -144,3 +163,3 @@ if (!argv['silent'] && !argv['verbose']) { | ||
| printBanner(); | ||
| updateNotifier({pkg}).notify(); | ||
| updateNotifier({ pkg }).notify(); | ||
| printAlert(proxy); | ||
@@ -147,0 +166,0 @@ showSpinner(); |
| { | ||
| "name": "green-tunnel", | ||
| "version": "1.7.4", | ||
| "version": "1.7.5", | ||
| "description": "", | ||
@@ -41,2 +41,3 @@ "keywords": [ | ||
| "dns-over-tls": "0.0.6", | ||
| "dns-socket": "^4.2.2", | ||
| "esm": "^3.2.22", | ||
@@ -43,0 +44,0 @@ "is-docker": "^2.0.0", |
@@ -6,3 +6,3 @@ # Green Tunnel | ||
| <p align="center"> | ||
| <img src="https://img.shields.io/github/license/SadeghHayeri/GreenTunnel.svg?color=Green&style=flat-square"> <img src="https://img.shields.io/github/repo-size/SadeghHayeri/GreenTunnel.svg?color=Green&style=flat-square"> | ||
| <img src="https://img.shields.io/github/license/SadeghHayeri/GreenTunnel.svg?color=Green&style=for-the-badge"> <img src="https://img.shields.io/github/repo-size/SadeghHayeri/GreenTunnel.svg?color=Green&style=for-the-badge"> <img src="https://img.shields.io/discord/707464295021019197?color=Green&style=for-the-badge"> | ||
| </p> | ||
@@ -25,2 +25,9 @@ | ||
| ``` | ||
| or using [snap](https://snapcraft.io) (edge version): | ||
| ``` | ||
| sudo snap install --edge green-tunnel --devmode | ||
| ``` | ||
| after installation you can run it using `gt` or `green-tunnel` commands. | ||
@@ -37,5 +44,8 @@ | ||
| --ip ip address to bind proxy server[string] [default: "127.0.0.1"] | ||
| --https-only Block insecure HTTP requests [boolean] [default: false] | ||
| --port port address to bind proxy server [number] [default: 8000] | ||
| --dns-type [string] [choices: "https", "tls"] [default: "https"] | ||
| --dns-server [string] [default: "https://cloudflare-dns.com/dns-query"] | ||
| --dns-ip IP address for unencrypted DNS [string][default: "127.0.0.1"] | ||
| --dns-port Port for unencrypted DNS [number] [default: 53] | ||
| --silent, -s run in silent mode [boolean] [default: false] | ||
@@ -47,3 +57,3 @@ --verbose, -v debug mode [string] [default: ""] | ||
| gt | ||
| gt --ip 127.0.0.1 --port 8000 | ||
| gt --ip 127.0.0.1 --port 8000 --https-only | ||
| gt --dns-server https://doh.securedns.eu/dns-query | ||
@@ -66,2 +76,3 @@ gt --verbose 'green-tunnel:proxy*' | ||
| * PORT | ||
| * HTTPS-ONLY | ||
| * VERBOSE | ||
@@ -77,2 +88,16 @@ * SILENT | ||
| #### On Raspberry Pi | ||
| ``` | ||
| $ docker run -p 8000:8000 sadeghhayeri/green-tunnel:arm | ||
| ``` | ||
| If you want to make container keep running when reboot: | ||
| ``` | ||
| $ docker run -d --restart unless-stopped -p 8000:8000 sadeghhayeri/green-tunnel:arm | ||
| ``` | ||
| Please make sure port `8000` is not blocked on Raspberry Pi firewall. (`sudo ufw allow 8000 comment Green-Tunnel`) | ||
| To use it on your other device, set http proxy to ```<Raspberry Pi IP Address>:<PORT>```. (PORT = `8000`) | ||
| ### Tested on | ||
@@ -86,7 +111,2 @@ - MacOS Catalina with node 12 | ||
| > **How does it work?** | ||
| ###### DNS | ||
| When you enter a URL in a Web browser, the first thing the Web browser does is to ask a DNS (Domain Name System) server, at a known numeric address, to look up the domain name referenced in the URL and supply the corresponding IP address. | ||
| If the DNS server is configured to block access, it consults a blacklist of banned domain names. When a browser requests the IP address for one of these domain names, the DNS server gives a wrong answer or no answer at all. | ||
| GreenTunnel use [DNS over HTTPS](https://en.wikipedia.org/wiki/DNS_over_HTTPS "doh (DNS over HTTPS)") and [DNS over TLS](https://en.wikipedia.org/wiki/DNS_over_TLS "DNS over TLS") to get real IP address and bypass DNS Spoofing. | ||
| ###### HTTP | ||
@@ -106,2 +126,6 @@ There are gaps in providers in DPI. They happen from what the DPI rules write for ordinary user programs, omitting all possible cases that are permissible by standards. This is done for simplicity and speed. | ||
| ###### DNS | ||
| When you enter a URL in a Web browser, the first thing the Web browser does is to ask a DNS (Domain Name System) server, at a known numeric address, to look up the domain name referenced in the URL and supply the corresponding IP address. | ||
| If the DNS server is configured to block access, it consults a blacklist of banned domain names. When a browser requests the IP address for one of these domain names, the DNS server gives a wrong answer or no answer at all. | ||
| GreenTunnel use [DNS over HTTPS](https://en.wikipedia.org/wiki/DNS_over_HTTPS "doh (DNS over HTTPS)") and [DNS over TLS](https://en.wikipedia.org/wiki/DNS_over_TLS "DNS over TLS") to get real IP address and bypass DNS Spoofing. | ||
@@ -119,6 +143,6 @@ ## Development notes | ||
| ## TODO List | ||
| - [ ] enable/disable proxy on windows | ||
| - [X] enable/disable proxy on windows | ||
| - [ ] HTTPHandler | ||
| - [X] add CLI arguments | ||
| - [ ] catch all exceptions | ||
| - [X] catch all exceptions | ||
| - [ ] add preferences menu | ||
@@ -130,3 +154,7 @@ - [ ] fix close button | ||
| **Bitcoin:** 3C5sj5BJ3n5gYJR27uxowdsgGCq2vjdhn5 | ||
| **DOGECOIN!:** DTGjx8KKDCUkSEbtVHgQx1GYEnNaVVuXLa<br /> | ||
| **BITCOIN:** bc1qknjsmsa98lljwxjwl4pmjh48s8su8r8ajkqd8w<br /> | ||
| **ETHEREUM:** 0x018fbf3fAC7165b2c85f856cC90E2d9410415150<br /> | ||
| **LITECOIN:** ltc1q5tfprazpkzjvzf5shgprkpkhnnku3p72feutxt<br /> | ||
| **RIPPLE/XRP:** rt6ZTkKdBVYzBee9CpQsDTsewnTbAoV13<br /> | ||
@@ -136,5 +164,8 @@ [](https://payping.ir/d/TXTS) | ||
| [](https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=HJ5TBXVYTHS7N¤cy_code=USD&source=url) | ||
| <br /> | ||
| [](https://en.cryptobadges.io/donate/bc1qknjsmsa98lljwxjwl4pmjh48s8su8r8ajkqd8w) | ||
| [](https://en.cryptobadges.io/donate/0x018fbf3fAC7165b2c85f856cC90E2d9410415150) | ||
| [](https://en.cryptobadges.io/donate/rt6ZTkKdBVYzBee9CpQsDTsewnTbAoV13) | ||
| ## License | ||
| Licensed under the MIT license. See [LICENSE](https://github.com/SadeghHayeri/GreenTunnel/blob/master/LICENSE "LICENSE"). | ||
| const config = { | ||
| ip: '127.0.0.1', | ||
| port: 8000, | ||
| httpsOnly: false, | ||
| clientHelloMTU: 100, | ||
| dns: { | ||
| type: 'https', // 'tls' or 'https' | ||
| type: 'https', // 'tls' or 'https' or 'unencrypted' | ||
| server: 'https://cloudflare-dns.com/dns-query', | ||
| ip: '127.0.0.1', | ||
| port: 53, | ||
| cacheSize: 1000, | ||
@@ -9,0 +12,0 @@ } |
| import LRU from 'lru-cache'; | ||
| import {isIP} from 'validator'; | ||
| import { isIP } from 'validator'; | ||
| import getLogger from '../logger'; | ||
@@ -4,0 +4,0 @@ import config from '../config'; |
@@ -17,2 +17,4 @@ import {isStartOfHTTPRequest, isConnectMethod} from '../http/utils'; | ||
| await handleHTTPS(clientSocket, data, proxy); | ||
| } else if (proxy.config.httpsOnly) { | ||
| throw new Error('Insecure request blocked: ', strData); | ||
| } else { | ||
@@ -19,0 +21,0 @@ await handleHTTP(clientSocket, data, proxy); |
| import net from 'net'; | ||
| import {setProxy, unsetProxy} from './utils/system-proxy'; | ||
| import { setProxy, unsetProxy } from './utils/system-proxy'; | ||
| import handleRequest from './handlers/request'; | ||
| import DNSOverTLS from './dns/tls'; | ||
| import DNSOverHTTPS from './dns/https'; | ||
| import DNSUnencrypted from './dns/unencrypted'; | ||
| import config from './config'; | ||
| import getLogger from './logger'; | ||
| import {appInit} from './utils/analytics'; | ||
| import { appInit } from './utils/analytics'; | ||
@@ -14,3 +15,3 @@ const logger = getLogger('proxy'); | ||
| constructor(customConfig) { | ||
| this.config = {...config, ...customConfig}; | ||
| this.config = { ...config, ...customConfig }; | ||
| this.server = undefined; | ||
@@ -23,5 +24,9 @@ this.isSystemProxySet = false; | ||
| initDNS() { | ||
| this.dns = this.config.dns.type === 'https' ? | ||
| new DNSOverHTTPS(this.config.dns.server) : | ||
| new DNSOverTLS(this.config.dns.server); | ||
| if (this.config.dns.type === 'https') { | ||
| this.dns = new DNSOverHTTPS(this.config.dns.server); | ||
| } else if (this.config.dns.type === 'tls') { | ||
| this.dns = new DNSOverTLS(this.config.dns.server); | ||
| } else { | ||
| this.dns = new DNSUnencrypted(this.config.dns.ip, this.config.dns.port); | ||
| } | ||
| } | ||
@@ -32,3 +37,3 @@ | ||
| this.server = net.createServer({pauseOnConnect: true}, clientSocket => { | ||
| this.server = net.createServer({ pauseOnConnect: true }, clientSocket => { | ||
| handleRequest(clientSocket, this).catch(err => { | ||
@@ -51,3 +56,3 @@ logger.debug(String(err)); | ||
| const {address, port} = this.server.address(); | ||
| const { address, port } = this.server.address(); | ||
| logger.debug(`server listen on ${address} port ${port}`); | ||
@@ -54,0 +59,0 @@ |
@@ -27,2 +27,4 @@ import util from 'util'; | ||
| await exec(`gsettings set org.gnome.system.proxy.http port ${port}`); | ||
| await exec(`gsettings set org.gnome.system.proxy.https host ${ip}`); | ||
| await exec(`gsettings set org.gnome.system.proxy.https port ${port}`); | ||
| } | ||
@@ -29,0 +31,0 @@ |
New alerts
Network access
Supply chain riskThis module accesses the network.
Found 1 instance in 1 package
Improved metrics
- Total package byte prevSize
- increased by10.41%
34366
- Number of package files
- increased by4.35%
24
- Lines of code
- increased by6.71%
779
- Number of lines in readme file
- increased by23.85%
161
Worsened metrics
- Dependency count
- increased by5.56%
19
- Number of medium supply chain risk alerts
- increased by20%
6
Dependency changes
+ Addeddns-socket@^4.2.2
+ Addeddns-socket@4.2.2(transitive)