tlstun is basic SOCKS over TLS.
- Docker
- Set an
ADNS record which points to your server's IP address, we recomment using your country domain (e.g.,ir): e.g.,tun.mydomain.ir
- Create self-signed certificate for the domain
mkdir cert
docker run --rm -v $(pwd)/cert:/cert farhad4/gencert:1.0.0 -hosts tun.mydomain.ir- Run tlstun:
docker run -d --restart=always --name=tlstun-server -v $(pwd)/cert:/cert -p 9000:9000 farhad4/tlstun:2.2.4 server -addr=:9000 -ca=/cert/ca.pem -cert=/cert/server-cert.pem -key=/cert/server-key.pem
# or create and then start it:
docker container create --restart=always --name=tlstun-server -v $(pwd)/cert:/cert -p 9000:9000 farhad4/tlstun:2.2.4 server -addr=:9000 -ca=/cert/ca.pem -cert=/cert/server-cert.pem -key=/cert/server-key.pem
docker container start tlstun-server # to stop it, run: docker container stop tlstun-server- Copy certificates from your server (to use the client certificates)
scp scp -r root@my-server:/root/projects/cert .- Use docker to run tlstun client:
docker run -d --restart=always --name=tlstun -v $(pwd):/cert -p 1080:1080 farhad4/tlstun:2.2.4 client -addr=:1080 -ca=/cert/ca.pem -cert=/cert/client-cert.pem -key=/cert/client-key.pem tun.mydomain.ir:9000
# Or create and then start/stop it:
docker container create --restart=always --name=tlstun -v $(pwd):/cert -p 1080:1080 farhad4/tlstun:2.2.4 client -addr=:1080 -ca=/cert/ca.pem -cert=/cert/client-cert.pem -key=/cert/client-key.pem tun.mydomain.ir:9000
docker container start tlstun # to stop it, run: docker container stop tlstun- Now you can use
127.0.0.1:1080as SOCKS proxy on your system (e.g., set it throgh proxy settings on your OS).
-
If you wnated to pull docker images from a blocked region (e.g., Iran), use container registry mirrors. Tutorial.
-
You may want to mitigate port blocking.