explaingit

b3hnamr/backhaulmanager

22ShellAudience · ops devopsComplexity · 3/5Setup · moderate

TLDR

A shell script with an interactive menu that installs and manages Backhaul network tunnels between an Iran-based server and an overseas server, registering each tunnel as a systemd service with firewall and TLS certificate helpers included.

Mindmap

mindmap
  root((BackhaulManager))
    Server roles
      Iran side server
      Overseas Kharej server
      Matching tunnel pair
    Tunnel types
      Plain TCP
      TCP multiplexing
      WebSocket MUX
      Secure WebSocket TLS
    Service management
      systemd registration
      Start stop restart
      Live log viewer
      Delete service
    Extras
      Auto install Backhaul
      Backup and restore
      UFW and iptables helper
      Self-signed TLS cert
Click or tap to explore — scroll the page freely

Code map

Detail Auto

An interactive map of this repo's files and how they connect — its source is parsed live in your browser. Click Visualize to build it.

filefunction / class

Things people build with this

USE CASE 1

Set up an encrypted WebSocket tunnel between a server in Iran and an overseas VPS using a guided menu instead of manual config files

USE CASE 2

Register a network tunnel as a systemd service so it restarts automatically on server reboot

USE CASE 3

Generate a self-signed TLS certificate for a secure WebSocket tunnel without running OpenSSL commands manually

USE CASE 4

Back up and restore all Backhaul tunnel configurations before migrating or reinstalling a server

Tech stack

ShellsystemdOpenSSL

Getting it running

Difficulty · moderate Time to first run · 30min

Requires two Linux servers with root access and systemd, the Backhaul binary is downloaded and installed automatically by the script.

No license information is mentioned in the explanation.

In plain English

BackhaulManager is a shell script that provides an interactive terminal interface for setting up and managing network tunnels built on Backhaul, an open-source tunneling tool. Rather than configuring Backhaul by hand through config files and system commands, BackhaulManager walks you through the process with a guided menu. The tool is built around a two-server model. One server sits in Iran (called the Iran role) and one sits outside the country (called the Kharej role, meaning "outside" in Persian). You run the script on each server, pick the appropriate role, and it guides you through creating a matching tunnel pair. Supported tunnel types include plain TCP, TCP multiplexing, WebSocket multiplexing, and secure WebSocket multiplexing with TLS. Once a tunnel is created, BackhaulManager registers it as a systemd service so it starts automatically on reboot and can be managed like any other system service. The management menu gives you controls to start, stop, restart, view live logs, and delete tunnel services. A built-in link test checks both ping reachability and TCP connectivity between the two servers. Additional features include automatic installation and updating of the Backhaul binary, backup and restore of tunnel configurations, and a firewall helper for UFW or iptables. For the secure WebSocket transport, the script can generate a self-signed TLS certificate with OpenSSL without requiring manual setup. The README recommends the WSSMUX transport with Preset tuning mode as the best starting point for most setups. Configuration files are stored in /etc/backhaul. Each service is named with a pattern that includes the role, transport, and port, making it straightforward to identify running tunnels. Root access and a Linux system with systemd are required.

Copy-paste prompts

Prompt 1
Using BackhaulManager as a reference, help me write a shell script that creates a systemd service for a custom network tunnel and names it based on transport type and port
Prompt 2
Show me how BackhaulManager generates a self-signed TLS certificate with OpenSSL for a WebSocket tunnel, what OpenSSL flags does it use?
Prompt 3
I want to add a new tunnel type to BackhaulManager's menu, walk me through how the existing menu and service-naming convention works in the shell script
Prompt 4
Explain the WSSMUX transport in Backhaul and why BackhaulManager recommends it with Preset tuning mode as the default starting point
Prompt 5
Help me write a UFW firewall helper script similar to BackhaulManager's that opens only the ports needed for a specific tunnel configuration
Open on GitHub → Explain another repo

← b3hnamr on gitmyhub — every repo by this author, as a profile.

Verify against the repo before relying on details.