dockerfiles/fteproxy/README.md

fteproxy
========

[fteproxy][1] provides transport-layer protection to resist keyword filtering,
censorship and discriminatory routing policies.

Its job is to relay datastreams, such as web browsing traffic,
by encoding streams as messages that match a user-specified regular expression.

fteproxy is fast, free, open source, and cross platform. 
It works very well with [vimagick/openvpn][2](TCP mode).

In the following example, I will setup a server/client pair to connect www.google.com:80.

## Internet Censorship

### The problem

![before](https://fteproxy.org/images/withoutfte.png)

### The solution

![after](https://fteproxy.org/images/withfte.png)

## Create a docker-compose.yml

```yaml
version: "3.8"

services:

  server:
    image: vimagick/fteproxy
    ports:
      - "4911:4911"
    environment:
      - MODE=server
      - SERVER_IP=0.0.0.0
      - SERVER_PORT=4911
      - PROXY_IP=openvpn
      - PROXY_PORT=1194
      - KEY=66754b8113ea7a218b7613f73f7e13b1e91790216f659b5f78b903b34c654741
    extra_hosts:
      - openvpn:1.2.3.4
    restart: unless-stopped

  client:
    image: vimagick/fteproxy
    ports:
      - "1194:1194"
    environment:
      - MODE=client
      - SERVER_IP=openvpn.easypi.pro
      - SERVER_PORT=4911
      - CLIENT_IP=0.0.0.0
      - CLIENT_PORT=1194
      - KEY=66754b8113ea7a218b7613f73f7e13b1e91790216f659b5f78b903b34c654741
    restart: unless-stopped
```

You need to split the docker-compose.yml into two parts:

- server: to mask a tcp service
- client: to unmask the service

> To generate random key:  
> `xxd -u -p -c32 /dev/urandom | head -n1`

## Run fteproxy server/client

```bash
$ docker-compose up -d
Creating fteproxy_server_1...
Creating fteproxy_client_1...

$ docker-compose ps
Name                     Command               State           Ports
----------------------------------------------------------------------------------
fteproxy_client_1   /bin/sh -c /fteproxy/ftepr ...   Up      0.0.0.0:9009->80/tcp
fteproxy_server_1   /bin/sh -c /fteproxy/ftepr ...   Up      0.0.0.0:32768->80/tcp
```

## Test with curl

```html
$ curl http://localhost:9009/
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>302 Moved</TITLE></HEAD><BODY>
<H1>302 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
```

[1]: https://fteproxy.org/
[2]: https://hub.docker.com/r/vimagick/openvpn/
update 2015-09-03 04:46:51 +02:00			`fteproxy`
			`========`

			`[fteproxy][1] provides transport-layer protection to resist keyword filtering,`
add fteproxy 2015-05-27 01:14:55 +02:00			`censorship and discriminatory routing policies.`

			`Its job is to relay datastreams, such as web browsing traffic,`
			`by encoding streams as messages that match a user-specified regular expression.`

			`fteproxy is fast, free, open source, and cross platform.`
update 2015-09-03 04:46:51 +02:00			`It works very well with [vimagick/openvpn][2](TCP mode).`
add fteproxy 2015-05-27 01:14:55 +02:00
			`In the following example, I will setup a server/client pair to connect www.google.com:80.`

update 2015-09-03 04:46:51 +02:00			`## Internet Censorship`

			`### The problem`

update 2015-05-27 13:17:15 +02:00			`![before](https://fteproxy.org/images/withoutfte.png)`

update 2015-09-03 04:46:51 +02:00			`### The solution`

update 2015-05-27 13:17:15 +02:00			`![after](https://fteproxy.org/images/withfte.png)`

add fteproxy 2015-05-27 01:14:55 +02:00			`## Create a docker-compose.yml`

Update README.md 2015-05-27 14:02:23 +02:00			```yaml
update fteproxy 2021-10-15 12:12:48 +02:00			`version: "3.8"`

			`services:`

			`server:`
			`image: vimagick/fteproxy`
			`ports:`
			`- "4911:4911"`
			`environment:`
			`- MODE=server`
			`- SERVER_IP=0.0.0.0`
			`- SERVER_PORT=4911`
			`- PROXY_IP=openvpn`
			`- PROXY_PORT=1194`
			`- KEY=66754b8113ea7a218b7613f73f7e13b1e91790216f659b5f78b903b34c654741`
			`extra_hosts:`
			`- openvpn:1.2.3.4`
			`restart: unless-stopped`

			`client:`
			`image: vimagick/fteproxy`
			`ports:`
			`- "1194:1194"`
			`environment:`
			`- MODE=client`
			`- SERVER_IP=openvpn.easypi.pro`
			`- SERVER_PORT=4911`
			`- CLIENT_IP=0.0.0.0`
			`- CLIENT_PORT=1194`
			`- KEY=66754b8113ea7a218b7613f73f7e13b1e91790216f659b5f78b903b34c654741`
			`restart: unless-stopped`
add fteproxy 2015-05-27 01:14:55 +02:00			```

update fteproxy 2021-10-15 12:12:48 +02:00			`You need to split the docker-compose.yml into two parts:`

			`- server: to mask a tcp service`
			`- client: to unmask the service`

add key 2015-05-27 04:25:59 +02:00			`> To generate random key:`
			> `xxd -u -p -c32 /dev/urandom \| head -n1`

add fteproxy 2015-05-27 01:14:55 +02:00			`## Run fteproxy server/client`

Update README.md 2015-05-27 14:02:23 +02:00			```bash
add fteproxy 2015-05-27 01:14:55 +02:00			`$ docker-compose up -d`
			`Creating fteproxy_server_1...`
			`Creating fteproxy_client_1...`

			`$ docker-compose ps`
			`Name Command State Ports`
			`----------------------------------------------------------------------------------`
			`fteproxy_client_1 /bin/sh -c /fteproxy/ftepr ... Up 0.0.0.0:9009->80/tcp`
			`fteproxy_server_1 /bin/sh -c /fteproxy/ftepr ... Up 0.0.0.0:32768->80/tcp`
			```

			`## Test with curl`

Update README.md 2015-05-27 14:02:23 +02:00			```html
add fteproxy 2015-05-27 01:14:55 +02:00			`$ curl http://localhost:9009/`
			`<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">`
			`<TITLE>302 Moved</TITLE></HEAD><BODY>`
			`<H1>302 Moved</H1>`
			`The document has moved`
			`<A HREF="http://www.google.com/">here</A>.`
			`</BODY></HTML>`
			```
update 2015-09-03 04:46:51 +02:00
			`[1]: https://fteproxy.org/`
			`[2]: https://hub.docker.com/r/vimagick/openvpn/`