Skip to content

tewarid/node-tcp-relay

Repository files navigation

node-tcp-relay Build Status Codacy Badge Maintainability

This TCP relay/reverse proxy can be used to expose any TCP/IP service running behind a NAT. This includes services that use HTTP and SSH.

To install from npm

sudo npm install -g node-tcp-relay

Command Line Interface

The relay server is meant to be executed on a server visible on the internet, as follows

tcprelays --relayPort 10080 --servicePort 10081 [--hostname [IP]] [--secret key] [--tls [both]] [--pfx file] [--passphrase passphrase]

relayPort is the port where the relay server will listen for incoming connections from the relay client. servicePort is the port where internet clients can connect to the service exposed through the relay. Optionally, hostname specifies the IP address to listen at. Node.js listens on unspecified IPv6 address :: by default.

secret specifies a shared secret key used to authorize relay client. tls option enables secure communication with relay client using TLS. If followed by both, TLS is also enabled on the service port. pfx option specifies a private key file used to establish TLS. passphrase specifies password used to protect private key.

The relay client is meant to be executed on a machine behind a NAT, as follows

tcprelayc --host host --port 10080 --relayHost host --relayPort port [--numConn count] [--secret key] [--tls [both]] [--rejectUnauthorized]

host is any server visible to the machine behind the NAT. port is the port of the service you want to expose through the relay.

relayServer is the host name or IP address of the server visible on the internet executing the relay server. relayPort is the relay server port where the client will connect.

numConn is the number of unused connections relay client maintains with the server. As soon as it detects data activity on a socket, it establishes another connection. Servicing internet clients that don't transfer any data may lead to denial of service.

secret specifies a shared secret key relay client sends to server for the purpose of authorization. tls enables secure TLS communication with relay server. If followed by both, TLS is also used with server behind the NAT. rejectUnauthorized enables checking for valid server certificate.

If you're relaying HTTP(S), use a reverse proxy such as http-proxy, between the relay client and the local service e.g.

var httpProxy = require('http-proxy');
httpProxy.createProxyServer({target:'http://host:port'}).listen(port);

Programming Interface

Create and start a relay server thus

var relayServer = require("node-tcp-relay");
var newRelayServer = relayServer.createRelayServer(10080, 10081);

End relay server

newRelayServer.end();

Create and start a relay client thus

var relayClient = require("node-tcp-relay")
var newRelayClient = relayClient.createRelayClient("hostname", 8080, "relayserver", 10080, 1);

End relay client

newRelayClient.end();

Alternatives

  • ssh -R
  • VPN

About

A TCP relay/reverse proxy with Node.js

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •