Hi there rodents,
I might need your help here to find something which seems to be as rare as a diamond.

Let me explain:
today me and my friends decided we finally needed to setup a vpn to play lan games, expose services like synchronized film streaming etcetera.
As per my advice, since low latency and ease of use are a must, we settled on wireguard.

After the vpn was on, we realized some games could not be played due to them strictly using broadcast to do participants discovery/connection. A shame, but we’ll just play something else.

Then someone proposed we search a solution to ease the pain we have in sharing files.
Since half my friends have a slow internet connection, uploading to a server and then downloading back would require too much time, so we opted for direct transfer programs.

alternativeto.net proposed programs as lanXshare, dukto R6, nitroshare, all of which unfortunately make use of broadcast to find peers on the network.
As already discovered, broadcast doesn’t work in the vpn, so we have no idea what software we could use that doesn’t connect to the cloud, nor forces us to have a share service on the server which hosts the wireguard central node.

I would like to avoid using ssh or ftp on everyone pc as well, since the majority of them uses windows and only have basic computer skills.

Does anyone have a program or even a tip which could help?

Thanks in advance!

  • SeerLite
    link
    fedilink
    arrow-up
    2
    ·
    4 years ago

    Have a look at ZeroTier as an alternative to WireGuard for LAN connections. It’s also open source and has worked fine for me and friends when we used to play Among Us back when their servers were bad.

    • clockwise_bitOP
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      4 years ago

      I must say I was reluctant to try zeroTier because I misunderstood its ethics.
      One of the point I really wanted to have for granted was self reliance and I thought it wan’t the case with zeroTier.

      I was wrong, so thank you for your comment, you got me motivated to read the manual with more attention and I’m going to try it later this day!

      It could be not only a problem solver for some games like civilization 6 and among us, but also effectively for softwares like snapdrop ;)

    • clockwise_bitOP
      link
      fedilink
      arrow-up
      2
      ·
      edit-2
      4 years ago

      Well, it seems you found a solution to our problems, though I would have liked to see something working in traditional vpns as well!

      I waited for a bunch of more tech savy friends to come online and then we started thinkering.
      We all had our problems at first, not because of zerotier but because of our system configs.

      I, for example had to add broadcast and multicast input rules in iptables (I perfer having iptables block what is not used), then I had to add those routes to the virtual nic. The latter was more of a pain to discover, but fortunately tcpdump helped me find out when packets were travelling or not.

      iptables rules to allow incoming broadcast and multicast on a specific interface

      iptables -A INPUT -i <interface> -m pkttype --pkt-type broadcast -j ACCEPT
      iptables -A INPUT -i <interface> -m pkttype --pkt-type multicast -j ACCEPT
      

      routing rules

      ip route add 224.0.0.0/4 dev <interface>
      ip route add 255.255.255.255/32 dev <interface>
      

      Some of the others had some technical difficulties with the windows network settings: the “fix” which is discussed in the zerotier knowledge base was making their zerotier nic go bonkers.
      It turns out, for some unknown reason, windows was deleting the netmask after the priority was raised for the nic. They just put it back in place.

      Now, since both broadcast and multicast work (tried with tcpdump and multiple games), we tried installing nitroshare to share files as initially wanted and it worked like a charm!

      • SeerLite
        link
        fedilink
        arrow-up
        2
        ·
        4 years ago

        I, for example had to add broadcast and multicast input rules in iptables (I perfer having iptables block what is not used), then I had to add those routes to the virtual nic. The latter was more of a pain to discover, but fortunately tcpdump helped me find out when packets were travelling or not.

        Ohh I had to do that as well! I forgot to mention it :/. I use ufw so I just did

        ufw allow in on ztwfumnihc proto udp to 255.255.255.255
        

        to get broadcast working (ztwfumnihc is the zerotier interface). I didn’t look into multicast because we didn’t really need it.

        I don’t know much more about networking/iptables so not sure what the difference is with what you did, but I think it’s the same.

        Some of the others had some technical difficulties with the windows network settings: the “fix” which is discussed in the zerotier knowledge base was making their zerotier nic go bonkers. It turns out, for some unknown reason, windows was deleting the netmask after the priority was raised for the nic.

        That sounds weird. I used it with a lot of people back then (>10), and no one ever came across this (if I’m understanding the issue correctly). When it didn’t work we just reinstalled and rebooted a few times, and it usually fixed it. Either that or we were really lucky :P

        Now, since both broadcast and multicast work (tried with tcpdump and multiple games), we tried installing nitroshare to share files as initially wanted and it worked like a charm!

        Awesome! I’m glad it worked well for your usecase! :)

  • iamqueensboulevard
    link
    fedilink
    arrow-up
    2
    ·
    4 years ago

    Not sure if this helps but…

    There is onionshare that let’s you share files of any size securely and anonymously…

    And seafile a sync and share solution. You might need to setup a local server though.

    • clockwise_bitOP
      link
      fedilink
      arrow-up
      1
      ·
      4 years ago

      Thanks for your contribution but unfortunately both are not suited for our use case.

      seafile requires a central server where files are stored.
      I could setup seafile or even nextcloud for my friends, but then I we would be in a similar situation to when we uploaded to google drive first: even for an upload that would only be used one time, we would need to wait the upload to finish and then wait for the download. That’s double the time it would take a p2p transfer.

      On the other hand, onion share is p2p, but requires tor browser to be used, which needs to be connected to the tor network, and transferring gigs of data on tor is not exactely the fastest option on the market.

    • clockwise_bitOP
      link
      fedilink
      arrow-up
      3
      ·
      4 years ago

      I think I just found the solution.
      While completely new and maybe not audited, I just tried web wormhole and it seems to fit my needs.
      It is written in go (I decisely prefer go over nodejs) and it’s foss. repo.

      I tried passing large files between devices in different networks (using the “demo” site), they were not blocked (so there’s not bandwith or size limit, the server appears to truly act only as a signaler) and the hashes matched.

      I’m going to put it on my server (which is the central vpn node) and see if it works as expected, then I’ll post my results. I really hope it works!

    • clockwise_bitOP
      link
      fedilink
      arrow-up
      1
      ·
      4 years ago

      Well, I don’t think syncthing is very well suited for a sporadic, temporary connection.
      I also tried snapdrop but it turns out that it works by matching the public ip of the two parts (seen in a github issue).

    • clockwise_bitOP
      link
      fedilink
      arrow-up
      1
      ·
      edit-2
      4 years ago

      After a lot of trial and error, I gave up trying to setup webwormhole.

      These are the problems I encountered:

      • total lack of documentation which had me jump from file to file too many times
      • docker build instructions and makefile instructions are a little bit different (I do not use the provided dockerfiles nor images, I always build them from the ground up)
      • the runtime options are only specified as a comment in each source file
      • (I think this is caused by my alpine base image with go installed from apk) the wasm_exec.js file which both dockerfile and makefile try to fetch could not be found in the system. I fixed this one by manually downloading the file from the golang repository and making docker load that. file
      • (might have misinterpreted this one) the service requires access to a let’s encrypt cert folder or it won’t even work.
      • even after specifying that the https address/port was 0.0.0.0:8081, the redirect I received upon connecting to the http port was to the 443 port. Anyway the program did bind to the correct ports.

      Unfortunately I can’t even properly lend a hand because I don’t know go at all, I can only read the source code for the most part and figure things out.

      Back to the beginning, yay…