NAT & A P2P Goal-oriented #6
Description
I've come across your work off and on for several years. More recently, your work has crossed my own. About a year ago I became overly interested in browser-based mesh topologies. I then began work on a library in a similar vein as Gun. The problem was (is), truly decentralized in-browser mesh networking is currently impossible because of the need for centralized signalling servers.
Along the way, I learned of the few methods of port scan and LAN host discovery, including a variation of this one. Eventually, I realized that SIP + ALG might be used to bypass NAT without the need for raw sockets. I was working on figuring it out when you posted slipstream. I intended to post my work as a library rather than a vulnerability POC but you beat me to it. Perhaps I was naive in believing it would be allowed to remain unpatched by browsers but I digress. Your solution was impressive nonetheless.
Now you have posted this repo. I too have made one of these scanners (Yours is a bit faster). It's great that you like to focus in on browser/routing networking hacks. I'm hoping that I might convince you to work towards circumventing the need for STUN servers. It would be more than less okay if the first 2 peers in the mesh had to use a server to bootstrap the network. A first step would be onramping all subsequent peers. I'm wondering what thoughts you might have on achieving it without ALG.
The era of web-based dapps can never truly happen until it's solved or we get a proper sockets api.