### Manual Pingtunnel Server and Client Setup Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt Demonstrates manual command-line execution of pingtunnel for both server and client roles without using Docker. Includes instructions for setting up a server, a client forwarding local port 8080 to remote port 80 via TCP, and verifying the ICMP tunnel's functionality. ```bash # Manual pingtunnel test (without Docker) # Server side: ./pingtunnel -type server -key "your-secret-key" # Client side (forward local 8080 to remote 80): ./pingtunnel -type client -l :8080 -s 203.0.113.50 -t 203.0.113.50:80 -tcp 1 -key "your-secret-key" # Verify ICMP tunnel is working ping -c 3 203.0.113.50 # Should succeed if ICMP is allowed curl localhost:8080 # Traffic flows through ICMP tunnel ``` -------------------------------- ### OpenVPN Command Line Usage Source: https://github.com/eddy7688/openvpn-over-icmp/blob/main/README.md This snippet shows the basic command to start an OpenVPN tunnel using a configuration file. It's a fundamental step for initiating the VPN connection. ```bash openvpn --config your-config-file.ovpn ``` -------------------------------- ### Pingtunnel Client Docker Compose Configuration (UDP) Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt Configures a pingtunnel client service using Docker Compose for UDP-based tunneling. This setup is similar to the TCP version but omits the '-tcp 1' flag, allowing pingtunnel to operate in its default UDP mode for potentially higher performance. ```yaml services: tunnel-openvpn-udp: image: esrrhs/pingtunnel command: - "./pingtunnel" - "-type" - "client" - "-l" - ":1194" - "-s" - "203.0.113.50" - "-t" - "203.0.113.50:1194" - "-key" - "your-secret-key" ``` -------------------------------- ### Server Deployment: Environment Configuration and Docker Compose Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt Sets up the server-side environment variables and deploys OpenVPN, pingtunnel server, and TinyProxy using Docker Compose. It requires a password and server addresses for configuration. ```bash cat > ./server/.env << 'EOF' PASSWORD="your-secret-key-123456" OVPN_TCP_SERVER_ADDRESS=203.0.113.50 OVPN_UDP_SERVER_ADDRESS=203.0.113.50 OVPN_PORT=1194 PROXY_PORT=1080 PROXY_USER="vpnuser" PROXY_PASS="securepassword" EOF docker compose -f ./server/docker-compose.yml up --build -d docker ps --filter "name=openvpn" --filter "name=pingtunnel" --filter "name=tinyproxy" ``` -------------------------------- ### OpenVPN Connection and Verification Commands Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt Shell commands to initiate an OpenVPN connection using a specified configuration file with verbose logging and to verify the successful creation and IP addressing of the tunnel interface. ```bash # Connect with verbose logging openvpn --config laptop-user.ovpn --verb 4 # Expected successful connection output: # TUN/TAP device tun0 opened # Initialization Sequence Completed # # Verify tunnel interface ip addr show tun0 # Expected: inet 10.8.0.2/24 scope global tun0 ``` -------------------------------- ### TinyProxy Configuration: Basic Authentication and Proxy Chaining Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt Defines the configuration template for TinyProxy, including basic authentication settings, port, client limits, and optional chaining to upstream proxies like SOCKS5. It also shows how to test authentication and use the proxy with applications. ```ini # Server TinyProxy configuration template (server/tinyproxy/tinyproxy.conf.template) BasicAuth ${PROXY_USER} ${PROXY_PASS} Port 8888 BindSame yes Timeout 600 LogLevel Info MaxClients 100 ViaProxyName "tinyproxy" # Optional: Chain to upstream SOCKS5 proxy # upstream socks5 127.0.0.1:9050 # Optional: Route specific domains through different proxies # upstream http internal-proxy:8080 ".corporate.local" # upstream none ".internal.example.com" ``` ```bash # Test proxy authentication curl -x http://vpnuser:securepassword@localhost:1080 -I https://google.com # Use with applications (example: apt through proxy) export http_proxy="http://vpnuser:securepassword@localhost:1080" export https_proxy="http://vpnuser:securepassword@localhost:1080" ``` -------------------------------- ### OpenVPN Client Connection Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt Demonstrates how to connect to the OpenVPN server using a generated client configuration file. This command should be run on the client machine. ```bash openvpn --config laptop-user.ovpn --remote localhost 1194 ``` -------------------------------- ### Client Deployment: Environment Configuration and Docker Compose Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt Configures the client-side environment variables and deploys pingtunnel clients to establish ICMP tunnels to the server for proxy and OpenVPN traffic. Requires server address and password. ```bash cat > ./client/.env << 'EOF' SERVER_ADDRESS=203.0.113.50 PASSWORD="your-secret-key-123456" OVPN_PORT=1194 PROXY_PORT=1080 EOF docker compose -f ./client/docker-compose.yml up --build -d docker ps --filter "name=pingtunnel" curl -x http://vpnuser:securepassword@localhost:1080 https://api.ipify.org ``` -------------------------------- ### Sample OpenVPN Configuration for ICMP Source: https://github.com/eddy7688/openvpn-over-icmp/blob/main/README.md This is a sample OpenVPN configuration file demonstrating settings suitable for ICMP tunneling. It includes essential parameters like device type, protocol, remote server, and encryption. ```ini # Sample OpenVPN Configuration for ICMP dev tun proto udp remote your.vpn.server 1194 resolv-retry infinite nobind persist-key persist-tun user nobody group nogroup keepalive 10 120 cipher AES-256-CBC comp-lzo verb 3 ``` -------------------------------- ### OpenVPN Client Management: Adding and Revoking Certificates Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt Interactively manages OpenVPN client certificates within the OpenVPN TCP container. Allows adding new clients, revoking existing ones, and checking client counts. Generated configurations can be copied out. ```bash docker exec -it openvpn-tcp /ovpn-add-client.sh docker cp openvpn-tcp:/etc/openvpn/confs/laptop-user.ovpn ./laptop-user.ovpn ``` -------------------------------- ### OpenVPN Client Configuration for ICMP Tunnel Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt Provides an optimized OpenVPN client configuration file (`.ovpn`) designed to connect through an ICMP tunnel. Key settings include using TCP for reliability, connecting to localhost on the pingtunnel endpoint, and adjusting MTU and fragment sizes to accommodate ICMP encapsulation. ```ini # laptop-user.ovpn - Modified for ICMP tunnel usage client dev tun proto tcp # Use TCP for reliability over ICMP remote localhost 1194 # Connect to local pingtunnel endpoint resolv-retry infinite nobind persist-key persist-tun remote-cert-tls server cipher AES-256-GCM auth SHA256 verb 3 mssfix 1300 # Reduce MTU for ICMP encapsulation fragment 1200 # Fragment large packets ----BEGIN CERTIFICATE----- # CA certificate content -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- # Client certificate content -----END CERTIFICATE----- -----BEGIN PRIVATE KEY----- # Client private key content -----END PRIVATE KEY----- ``` -------------------------------- ### Pingtunnel Client Docker Compose Configuration (TCP) Source: https://context7.com/eddy7688/openvpn-over-icmp/llms.txt Configures a pingtunnel client service within a Docker Compose file to establish a TCP-based tunnel. It specifies the image, client mode, local listen port, server address, target address and port on the server, forces TCP mode, and sets an encryption key. ```yaml services: tunnel-proxy: image: esrrhs/pingtunnel command: - "./pingtunnel" - "-type" - "client" - "-l" - ":1080" - "-s" - "203.0.113.50" - "-t" - "203.0.113.50:1080" - "-tcp" - "1" - "-key" - "your-secret-key" ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.