|
|
|
|
|
|
by illiac786
760 days ago
|
|
|
What I want is a transparent reverse proxy for both IPv4 and IPv6. Ideally it should work with encrypted SNI and ECH, using a static IP, because this is where the internet is going and anything else is probably a dead end I would like to avoid investing time in today. Ideally, it has some simple firewall IDS/IPS capabilities (limit destination ports, limit source IPs…). My threat scenario is, once someone has my home IP, they can cut off my internet very easily, just brute force traffic to my IP will clog my internet access. The same would work via the above described reverse proxy, but I can diagnose it and turn off the proxy. My self hosted services will be down but at least I have Internet. If my home IP is known, there isn’t much I can do… My ISP doesn’t rotate the IP of a user very often (think months). Currently I feel that cloudflare tunnelling is less worse than the above described risk, but it’s far from ideal, hence looking for alternatives. |
|
|
IPv6.rs doesn't work with ESNI because you'll have to decrypt the encrypted packet to read it. Cloudflare decrypts your traffic so it can read it.
> If my home IP is known,
IPv6.rs hides your home IP. The only exposed IP will be the IPv6 IP you receive from IPv6rs. The reverse proxy proxies to your IPv6 address, so your home IP will never be exposed (and technically you could change the IPv6rs IP if you wanted to at ANYTIME).
If you're interested in giving it a shot I can give you a coupon that discounts significantly!