Rusty Penguin
A fast TCP/UDP tunnel, transported over HTTP WebSockets.
You are right. This project is inspired by jpillora/chisel (and subsequently
my fork myzhang1029/penguin), but completely rewritten in Rust without any
linkage to chisel. The logo is generated by DALL-E
with the prompt "a penguin standing behind a gear wheel, digital art, logo."
Compared to the original penguin or chisel, this project stripped away
some functionalities:
-
There is no internal SSH tunnels because it results in double encapsulation when used with HTTPS/WSS.
-
There is no user/password authentication because we do not have SSH. Instead, use PSK authentication.
-
There is no server keep-alive because client keep-alive is enough.
-
There is no reverse port forwarding because it is equivalent to spawning another server on the client side.
-
There is no support to acquire an ACME certificate on-the-fly.
Other than that, this project offers these functionalities compared to
chisel:
-
Plausible deniability with WebSocket PSK and working
backend. -
Higher performance: my crude testing on my machine reveals that
penguinis approximately 2x faster thanchiselon my machine.
$ iperf3 -c 127.0.0.1 # chisel without TLS
[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 3.64 GBytes 3.12 Gbits/sec sender
[ 5] 0.00-10.01 sec 3.63 GBytes 3.12 Gbits/sec receiver
$ iperf3 -c 127.0.0.1 # penguin without TLS
[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 8.50 GBytes 7.30 Gbits/sec sender
[ 5] 0.00-10.31 sec 8.49 GBytes 7.07 Gbits/sec receiver
$ iperf3 -c 127.0.0.1 # chisel with TLS
[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 3.26 GBytes 2.80 Gbits/sec sender
[ 5] 0.00-10.01 sec 3.26 GBytes 2.80 Gbits/sec receiver
$ iperf3 -c 127.0.0.1 # penguin with TLS
[ ID] Interval Transfer Bitrate
[ 5] 0.00-10.00 sec 6.04 GBytes 5.19 Gbits/sec sender
[ 5] 0.00-10.44 sec 6.03 GBytes 4.96 Gbits/sec receiver
- All the safety Rust offers.