### Manual Pingtunnel Server and Client Setup
Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt
Demonstrates manual command-line execution of pingtunnel for both server and client roles without using Docker. Includes instructions for setting up a server, a client forwarding local port 8080 to remote port 80 via TCP, and verifying the ICMP tunnel's functionality.
```bash
# Manual pingtunnel test (without Docker)
# Server side:
./pingtunnel -type server -key "your-secret-key"
# Client side (forward local 8080 to remote 80):
./pingtunnel -type client -l :8080 -s 203.0.113.50 -t 203.0.113.50:80 -tcp 1 -key "your-secret-key"
# Verify ICMP tunnel is working
ping -c 3 203.0.113.50 # Should succeed if ICMP is allowed
curl localhost:8080 # Traffic flows through ICMP tunnel
```
--------------------------------
### OpenVPN Command Line Usage
Source: https://github.com/eddy7688/openvpn-over-icmp/blob/main/README.md
This snippet shows the basic command to start an OpenVPN tunnel using a configuration file. It's a fundamental step for initiating the VPN connection.
```bash
openvpn --config your-config-file.ovpn
```
--------------------------------
### Pingtunnel Client Docker Compose Configuration (UDP)
Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt
Configures a pingtunnel client service using Docker Compose for UDP-based tunneling. This setup is similar to the TCP version but omits the '-tcp 1' flag, allowing pingtunnel to operate in its default UDP mode for potentially higher performance.
```yaml
services:
tunnel-openvpn-udp:
image: esrrhs/pingtunnel
command:
- "./pingtunnel"
- "-type"
- "client"
- "-l"
- ":1194"
- "-s"
- "203.0.113.50"
- "-t"
- "203.0.113.50:1194"
- "-key"
- "your-secret-key"
```
--------------------------------
### Server Deployment: Environment Configuration and Docker Compose
Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt
Sets up the server-side environment variables and deploys OpenVPN, pingtunnel server, and TinyProxy using Docker Compose. It requires a password and server addresses for configuration.
```bash
cat > ./server/.env << 'EOF'
PASSWORD="your-secret-key-123456"
OVPN_TCP_SERVER_ADDRESS=203.0.113.50
OVPN_UDP_SERVER_ADDRESS=203.0.113.50
OVPN_PORT=1194
PROXY_PORT=1080
PROXY_USER="vpnuser"
PROXY_PASS="securepassword"
EOF
docker compose -f ./server/docker-compose.yml up --build -d
docker ps --filter "name=openvpn" --filter "name=pingtunnel" --filter "name=tinyproxy"
```
--------------------------------
### OpenVPN Connection and Verification Commands
Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt
Shell commands to initiate an OpenVPN connection using a specified configuration file with verbose logging and to verify the successful creation and IP addressing of the tunnel interface.
```bash
# Connect with verbose logging
openvpn --config laptop-user.ovpn --verb 4
# Expected successful connection output:
# TUN/TAP device tun0 opened
# Initialization Sequence Completed
#
# Verify tunnel interface
ip addr show tun0
# Expected: inet 10.8.0.2/24 scope global tun0
```
--------------------------------
### TinyProxy Configuration: Basic Authentication and Proxy Chaining
Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt
Defines the configuration template for TinyProxy, including basic authentication settings, port, client limits, and optional chaining to upstream proxies like SOCKS5. It also shows how to test authentication and use the proxy with applications.
```ini
# Server TinyProxy configuration template (server/tinyproxy/tinyproxy.conf.template)
BasicAuth ${PROXY_USER} ${PROXY_PASS}
Port 8888
BindSame yes
Timeout 600
LogLevel Info
MaxClients 100
ViaProxyName "tinyproxy"
# Optional: Chain to upstream SOCKS5 proxy
# upstream socks5 127.0.0.1:9050
# Optional: Route specific domains through different proxies
# upstream http internal-proxy:8080 ".corporate.local"
# upstream none ".internal.example.com"
```
```bash
# Test proxy authentication
curl -x http://vpnuser:securepassword@localhost:1080 -I https://google.com
# Use with applications (example: apt through proxy)
export http_proxy="http://vpnuser:securepassword@localhost:1080"
export https_proxy="http://vpnuser:securepassword@localhost:1080"
```
--------------------------------
### OpenVPN Client Connection
Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt
Demonstrates how to connect to the OpenVPN server using a generated client configuration file. This command should be run on the client machine.
```bash
openvpn --config laptop-user.ovpn --remote localhost 1194
```
--------------------------------
### Client Deployment: Environment Configuration and Docker Compose
Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt
Configures the client-side environment variables and deploys pingtunnel clients to establish ICMP tunnels to the server for proxy and OpenVPN traffic. Requires server address and password.
```bash
cat > ./client/.env << 'EOF'
SERVER_ADDRESS=203.0.113.50
PASSWORD="your-secret-key-123456"
OVPN_PORT=1194
PROXY_PORT=1080
EOF
docker compose -f ./client/docker-compose.yml up --build -d
docker ps --filter "name=pingtunnel"
curl -x http://vpnuser:securepassword@localhost:1080 https://api.ipify.org
```
--------------------------------
### Sample OpenVPN Configuration for ICMP
Source: https://github.com/eddy7688/openvpn-over-icmp/blob/main/README.md
This is a sample OpenVPN configuration file demonstrating settings suitable for ICMP tunneling. It includes essential parameters like device type, protocol, remote server, and encryption.
```ini
# Sample OpenVPN Configuration for ICMP
dev tun
proto udp
remote your.vpn.server 1194
resolv-retry infinite
nobind
persist-key
persist-tun
user nobody
group nogroup
keepalive 10 120
cipher AES-256-CBC
comp-lzo
verb 3
```
--------------------------------
### OpenVPN Client Management: Adding and Revoking Certificates
Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt
Interactively manages OpenVPN client certificates within the OpenVPN TCP container. Allows adding new clients, revoking existing ones, and checking client counts. Generated configurations can be copied out.
```bash
docker exec -it openvpn-tcp /ovpn-add-client.sh
docker cp openvpn-tcp:/etc/openvpn/confs/laptop-user.ovpn ./laptop-user.ovpn
```
--------------------------------
### OpenVPN Client Configuration for ICMP Tunnel
Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt
Provides an optimized OpenVPN client configuration file (`.ovpn`) designed to connect through an ICMP tunnel. Key settings include using TCP for reliability, connecting to localhost on the pingtunnel endpoint, and adjusting MTU and fragment sizes to accommodate ICMP encapsulation.
```ini
# laptop-user.ovpn - Modified for ICMP tunnel usage
client
dev tun
proto tcp # Use TCP for reliability over ICMP
remote localhost 1194 # Connect to local pingtunnel endpoint
resolv-retry infinite
nobind
persist-key
persist-tun
remote-cert-tls server
cipher AES-256-GCM
auth SHA256
verb 3
mssfix 1300 # Reduce MTU for ICMP encapsulation
fragment 1200 # Fragment large packets
----BEGIN CERTIFICATE-----
# CA certificate content
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
# Client certificate content
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
# Client private key content
-----END PRIVATE KEY-----
```
--------------------------------
### Pingtunnel Client Docker Compose Configuration (TCP)
Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt
Configures a pingtunnel client service within a Docker Compose file to establish a TCP-based tunnel. It specifies the image, client mode, local listen port, server address, target address and port on the server, forces TCP mode, and sets an encryption key.
```yaml
services:
tunnel-proxy:
image: esrrhs/pingtunnel
command:
- "./pingtunnel"
- "-type"
- "client"
- "-l"
- ":1080"
- "-s"
- "203.0.113.50"
- "-t"
- "203.0.113.50:1080"
- "-tcp"
- "1"
- "-key"
- "your-secret-key"
```
=== COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.