Udp2raw-tunnel - UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls


A UDP Tunnel which tunnels UDP via FakeTCP/UDP/ICMP Traffic by using Raw Socket,helps you Bypass UDP FireWalls(or Unstable UDP Environment).Its Encrpyted,Anti-Replay and Multiplexed.It aslo acts as a Connection Stablizer.

Support Platforms

A Linux host (including desktop Linux,Android phone/tablet,OpenWRT router,or Raspberry PI) with root access.
For Winodws/MacOS,virtual image with udp2raw pre-installed has been released,you can load it with Vmware/VirtualBox.The virtual image has been set to auto obtain ip,udp2raw can be run imidiately after boot finished(make sure network mode of virtual machine has been set to bridged)(only udp2raw has to be run under virtual machine,all other programs runs under Windows/MacOS as usual).


Send / Receive UDP Packet with fake-tcp/icmp headers

Fake-tcp/icmp headers help you bypass UDP blocking, UDP QOS or improper UDP NAT behavior on some ISPs. Raw packets with UDP headers are also supported.In UDP header mode,it behaves just like a normal UDP tunnel,and you can just make use of the other features.

Simulate TCP Handshake

Simulates the 3-way handshake, along with seq and ack_seq. TCP options MSS, sackOk, TS, TS_ack, wscale are also simulated. Real-time delivery guaranteed, no TCP over TCP problem when using OpenVPN.

Encrpytion, Anti-Replay

  • Encrypt your traffic with AES-128-CBC.
  • Protect data integrity by MD5 or CRC32.
  • Defense replay attack with an anti-replay window, smiliar to IPSec and OpenVPN.

Failure Dectection & Stablization (Connection Recovery)

Conection failures are detected by heartbeats. If timed-out,client will automatically change port number and reconnect. If reconnection is successful, the previous connection will be recovered, and all existing UDP conversations will stay vaild.
For example, if you use UDP2RAW + OpenVPN, OpenVPN won't lose connection after any reconnect, even if the network cable is re-plugged or the WiFi access point is changed.

Other Features

  • Multiplexing One client can handle multiple UDP connections, all of which share the same raw connection.
  • Multiple Clients One server can have multiple clients.
  • NAT Support All of the 3 modes work in NAT environments.
  • OpenVZ Support Tested on BandwagonHost.
  • OpenWRT Support No dependencies, easy to build. Binary for ar71xx are included in release.


UDP QoS Bypass

UDP Blocking Bypass

OpenVPN TCP over TCP problem

OpenVPN over ICMP

UDP to ICMP tunnel

UDP to TCP tunnel


UDP over TCP

Getting Started



Assume your UDP is blocked or being QOS-ed or just poorly supported. Assume your server ip is, you have a service listening on udp port 7777.
# Run at server side:
./udp2raw_amd64 -s -l0.0.0.0:4096 -r  -a -k "passwd" --raw-mode faketcp

# Run at client side
./udp2raw_amd64 -c -l0.0.0.0:3333  -r44.55.66.77:4096 -a -k "passwd" --raw-mode faketcp
Server Output:
Client Output:
Now,an encrypted raw tunnel has been established between client and server through TCP port 4096. Connecting to UDP port 3333 at the client side is equivalent to connecting to port 7777 at the server side. No UDP traffic will be exposed.
Powered by Blogger.