> 3 марта 2024 г., в 00:46, Joel Wirāmu Pauling <j...@aenertia.net> написал(а):
>
> ssh can work in tap VPN mode (ssh -w) and will tunnel udp fine ; I'm not
> sure what you are trying to achieve but perhaps ssh tunnels might be an
> option for your use case. You are probably better off setting up something
> like wireguard, but in a pinch if the target and host already have ssh.
>
> https://wiki.archlinux.org/title/VPN_over_SSH
>
No, ssh tunnels is no-go for me. Remote hosts are windows, and they are mostly
“wild” hosts.
>
>
>> On Sun, 3 Mar 2024 at 07:26, Kasak <ka...@kasakoff.net> wrote:
>>
>>
>>
>>> 2 марта 2024 г., в 21:05, Stuart Henderson <stu.li...@spacehopper.org>
>> написал(а):
>>>
>>> On 2024-03-02, Kasak <ka...@kasakoff.net> wrote:
>>>> Hello misc! There is a good manual on OpenBSD faq about redirection and
>> reflection, here it is: https://www.openbsd.org/faq/pf/rdr.html#tcpproxy
>>>>
>>>> I’m using nginx as tcp and udp proxy, but maybe there is another
>> software, more suitable for this task?
>>>> I need to redirect and reflect near 15 tcp ports and couple of udp.
>>>> I know I can do this with only pf, but I switched to nginx
>> intentionally, because this amount of ports made my pf config hard readable.
>>>
>>> As far as TCP goes, haproxy is possibly a bit better suited. It
>>> doesn't do UDP though (and unlikely to in a generic way, see
>>> https://github.com/haproxy/haproxy/issues/62).
>>>
>>> Depending on which UDP protocols are used there might be better
>>> alternatives though - for example if it's DNS then look at dnsdist.
>>> UDP proxying in most cases needs to be protocol-aware.
>>>
>>>
>> I’m afraid this is not dns, this is Rustdesk software and antivirus agent,
>> and something else like this.
>> Thank you anyway, I see there is not much options for me
>>
>>
