Crates.io | udpexposer |
lib.rs | udpexposer |
version | 0.2.0 |
source | src |
created_at | 2025-02-19 15:13:16.5143+00 |
updated_at | 2025-02-20 11:16:37.327723+00 |
description | Command line tool to help exposing UDP ports behind NATs using helper servers |
homepage | |
repository | https://github.com/vi/udpexposer |
max_upload_size | |
id | 1561513 |
size | 104,539 |
A tool to help accessing firewalled servers by proxing traffic through hosts that are free to accept new incoming UDP connections.
server# my IP is 198.51.100.1
server$ udpexposer -s 0.0.0.0:5566 -n 10
client_udpexposer# my external IP is 203.0.113.43
client_udpexposer$ udpexposer 0.0.0.0:5566 -a 198.51.100.1:5566 -c 127.0.0.1:1234 -n 10
server> New client address: 203.0.113.43:5566
client_realserver$ nc -u -s 127.0.0.1 -lp 1234
connectee# my external IP is 192.0.2.55
connectee$ nc -u 198.51.100.1 5566
connectee< Hello,
server> Connectee seqn 1 from 192.0.2.55:37368
client_udpexposer> New incoming channel 1
client_realserver> Hello,
client_realserver< world.
connectee> world.
Legend: $
- command line, >
terminal output, <
- terminal input, #
- comment
--password
, empty datagrams also distrupt all the clients.--password
is used, the tool may amplify DDoS attacks, as a single UDP datagram with a spoofed source address may trigger significant reply traffic.--password
mode is an unaudited security code.It is not recommended to run this as a permanent, long-term setup, especially use it to expose widely known / high traffic endpoints, especially without --password
.
Download a pre-built executable from Github releases or install from source code with cargo install --path .
or cargo install udpexposer
.
--password
, it is any zero-length UDP datagram. If it is a keepalive, Client socket address in "3." is updated.Create and bind UDP socket for communication with Server.
Start sending keepalive UDP datagrams to Server address.
Allocate LRU map between two-byte tags and local UDP sockets. It has static, predefined number of slots, which should match the one configured on server.
For each incoming UDP datagram on the main socket, extract the tag from payload and lookup appropriate local (worker) UDP socket. If not found, bind a new one to random port and use it for communicating with a RealServer. This may evict (close) some old worker soocket. Send payload from the looked up (or just creted) worker socket to RealServer.
For each incoming UDP datagram on the worker socket, tag with with client number and send to Server.
Usage: udpexposer <listen_addr> [-c <local-connect-addr>] [-a <server-addr>] [-s] [-n <max-clients>] [-i <ping-interval-ms>] [-P <password>]
Expose UDP port externally using helper hosts
Positional Arguments:
listen_addr UDP socket address to bind to
Options:
-c, --local-connect-addr
client mode: expose specified UDP socket
-a, --server-addr client mode: use specified server
-s, --server-mode server mode
-n, --max-clients maximum number of clients (LRU-style)
-i, --ping-interval-ms
for client mode, keepalive interval
-P, --password pre-shared key / password to protect server against
unsolicited clients
--help, help display usage information