ntunnel
=======

The ntunnel program is designed to tunnel Unix domain sockets over TCP,
using the [Noise Protocol](https://noiseprotocol.org/).  The goal is to
be secure and simple to use and setup.

Example
-------

Generate the keys:
```
python ntunnel.py genkey serverkey
python ntunnel.py genkey clientkey
```

Create the target for the pass through:
```
nc -lU finalsock
```

Start the server and client:
```
python ntunnel.py server serverkey unix:$(pwd)/servsock unix:$(pwd)/finalsock
python ntunnel.py client clientkey serverkey.pub unix:$(pwd)/clientsock unix:$(pwd)/servsock
```

Attach to the client:
```
nc -U clientsock
```

Now when you type text into either of the nc windows, you should see
the same text come out the other side.

Running Tests
-------------

Currently this requires Python 3.x for some of the libraries.  If the
default virtualenv is not 3.x, you can set the VIRTUALENV variable to
specify which one to use, such as:
`make env VIRTUALENV=virtualenv-3.6`

If you want to use an alternate version of python, you can specify
VIRTUALENVARGS, such as:
`make env VIRTUALENV=virtualenv-3.6 VIRTUALENVARGS="-p $(which pypy3)"`

Note that I have not tested this w/ pypy3, as when compiling the
cryptography libraries, it would pick the wrong ones, despite setting
CFLAGS and LDFLAGS.  It is likely I could make this work, but do not
know how to.

TODO
----

- DoS protection.  Limiting number of connections.  Limit resource
  consumption by opening connection and starting negotiation but not
  completing it, etc.