10 releases (4 breaking)
|new 0.5.0||Feb 2, 2023|
|0.4.2||Feb 2, 2023|
|0.4.1||Jan 29, 2023|
|0.3.2||Dec 29, 2022|
|0.1.2||Dec 25, 2022|
#39 in Asynchronous
98 downloads per month
A fast TCP/UDP tunnel, transported over HTTP WebSocket.
You are right. This project is inspired by
jpillora/chisel (and subsequently
myzhang1029/penguin), but completely rewritten in Rust without any
chisel. The logo is generated by DALL-E
with the prompt "a penguin standing behind a gear wheel, digital art, logo."
$ penguin server --host ::1 --port 443 --tls-cert cert.pem --tls-key key.pem --ws-psk some-secret
penguin server --help for more options.
$ penguin client --ws-psk some-secret wss://server 1080:socks 80:example.com:80
penguin client --help for more options.
Compared to the original
chisel, this project stripped away
There is no internal SSH tunnels because it results in double encapsulation when used with HTTPS/WSS.
There is no user/password authentication because we do not have SSH. Instead, use PSK authentication.
There is no server keep-alive because client keep-alive is enough.
There is no reverse port forwarding because it is equivalent to spawning another server on the client side.
There is no support to acquire an ACME certificate on-the-fly.
Other than that, this project offers these functionalities compared to
Plausible deniability with WebSocket PSK and working
TLS certificate hot-reload with
Higher performance: my crude testing on my machine reveals that
penguinis approximately 2x faster than
chiselon my machine.
$ iperf3 -c 127.0.0.1 # chisel without TLS [ ID] Interval Transfer Bitrate [ 5] 0.00-10.00 sec 6.62 GBytes 5.68 Gbits/sec sender [ 5] 0.00-10.00 sec 6.61 GBytes 5.68 Gbits/sec receiver $ iperf3 -c 127.0.0.1 # penguin without TLS [ ID] Interval Transfer Bitrate [ 5] 0.00-10.00 sec 13.9 GBytes 12.0 Gbits/sec sender [ 5] 0.00-10.18 sec 13.9 GBytes 11.7 Gbits/sec receiver $ iperf3 -c 127.0.0.1 # chisel with TLS [ ID] Interval Transfer Bitrate [ 5] 0.00-10.00 sec 5.59 GBytes 4.80 Gbits/sec sender [ 5] 0.00-10.00 sec 5.58 GBytes 4.80 Gbits/sec receiver $ iperf3 -c 127.0.0.1 # penguin with TLS [ ID] Interval Transfer Bitrate [ 5] 0.00-10.00 sec 8.50 GBytes 7.30 Gbits/sec sender [ 5] 0.00-10.29 sec 8.49 GBytes 7.09 Gbits/sec receiver
- All the safety Rust offers.
Servers and clients with the same protocol version are compatible with each other. However, for the best performance, it is recommended to use the same version of
penguin on both sides.
The current protocol version is
GPL v3.0 or later or Apache License 2.0.