How to test the QUIC http3 UDP transport? #56
-
I found the doc on website still using ws wss, anything I need to change it in Gateway? thanks |
Beta Was this translation helpful? Give feedback.
Replies: 3 comments 18 replies
-
The gateway still uses WS/WSS; the QUIC connections are used only for peer-to-peer (P2P) connections at this time. Therefore, you need to have the same configuration. |
Beta Was this translation helpful? Give feedback.
-
It seems that you forgot to mention IP address the port. secret: [118,101,72,65,78,82,69,78] # The secret for signing tokens, It must be the same as the gateway token secret, it is as byte array
tokens: # list of tokens
- !Client # client token
uid: 1a3248b2-d78e-415b-abbc-4aa781afae65 # client uid, please use a unique uid for each user
name: client01 # client name, please use a unique name for each client
exp: 1710227806 # expiration time in seconds since epoch
policies: [1] # list of policy ids, it must be the same as the policy id in the client policy token, all the policies must be satisfied
- !ClientPolicy # client policy token
uid: 1a3248b2-d78e-415b-abbc-4aa781afae65
name: client01 # client name, please use a unique name for each client
exp: 1710227806 # expiration time in seconds since epoch
pid: 1 # policy id, it must be the same as the policy id in the client token
policy: # policies for this client
type: !BlackList # !WhiteList or !BlackList
policies: # list of policies
- !Ip # policy based on the destination ip address
- !Any # !Any means any agent, !Agent agent_name means the agent with the name agent_name
- 0.0.0.0/0 # destination domain name
- 443 # destination port
- UDP # protocol The policy token is optional, so you can create something like: secret: [118,101,72,65,78,82,69,78] # The secret for signing tokens, It must be the same as the gateway token secret, it is as byte array
tokens: # list of tokens
- !Client # client token
uid: 1a3248b2-d78e-415b-abbc-4aa781afae65 # client uid, please use a unique uid for each user
name: client01 # client name, please use a unique name for each client
exp: 1710227806 # expiration time in seconds since epoch
# policies: [] # list of policy ids, it must be the same as the policy id in the client policy token, all the policies must be satisfied |
Beta Was this translation helpful? Give feedback.
-
You don't need to take any action for lwip as it's included in the source code out of the box. However, lwip is not well fit for narrowlink, and I am working on creating a pure Rust TCP/IP stack to replace lwip. It is almost done; I have some troubles with rescheduling packet losses, which will be addressed soon. |
Beta Was this translation helpful? Give feedback.
When using the proxy mode, it automatically detects and transfers UDP packets using the SOCKS5 protocol. For the connect or forward modes, you can use the
-u
option.https://github.com/narrowlink/narrowlink/blob/main/client/forward.help.arg#L18
https://github.com/narrowlink/narrowlink/blob/main/client/connect.help.arg#L17
Options:
-u
: UDP mode-n
: Agent name-un
: UDP mode + Agent nameIf you are looking for a method to capture system-wide network traffic without using a proxy, I am currently working on it: #55