iTranslated by AI
Building a macOS CLI tool in Rust to bypass region restrictions with a single command
Introduction
I built a CLI tool called region-proxy in Rust that changes your public IP address system-wide on macOS.
Demo
With a single command, a proxy is launched in the Tokyo region from the current location (Germany, ISP: Vodafone). After confirming the IP address has changed to Japan, all resources are automatically deleted upon stopping the tool.
What is region-proxy?
region-proxy is a CLI tool for Mac that launches an AWS EC2 instance in any given region and establishes a SOCKS5 proxy via SSH dynamic port forwarding. It is a native application written in Rust that directly modifies and restores the system's network settings.
# Start the proxy in the Tokyo region
$ region-proxy start --region ap-northeast-1
# With just this, localhost:1080 becomes a SOCKS proxy routed through Tokyo
Features
- 🌍 Full AWS Region Support: Choose from 33 regions.
- 🚀 One Command: Proxy is ready in about 30 seconds.
- 💰 Ultra Cheap: Costs approximately $0.004/hour using t4g.nano (about $3/month if kept running, but since resources are deleted on
stop, you likely won't even reach the minimum billing threshold). - 🧹 Automatic Cleanup: Deletes all AWS resources upon stopping.
- 🍎 macOS Integration: Automatically configures system-wide proxy settings.
Why I Created It
Challenges with Existing Solutions
| Method | Challenges |
|---|---|
| Commercial VPN | $5-15/month, limited regions. The risk of the provider selling user profiles to third parties cannot be ruled out. |
| Manual EC2 + SSH | Tedious setup, easy to forget cleanup. |
| AWS SSM | Complex setup involving IAM policies; changing and restoring device settings is difficult. |
"I want to set up a proxy in any region with a single command, as long as I have an AWS account."
region-proxy was born from this simple desire.
Comparison with Other Solutions
| Feature | region-proxy | Manual EC2 | VPN Service |
|---|---|---|---|
| Setup Time | Approx. 30 sec | Approx. 10 min | Various |
| Cost | ~$0.004/hour | Same | $5-15/month |
| AWS Regions | All 33 locations | All 33 locations | Limited |
| Automatic Cleanup | ✅ | ❌ | N/A |
| No Subscription Required | ✅ | ✅ | ❌ |
| Open Source | ✅ | N/A | ❌ |
Architecture
Operation Flow
- EC2 Startup: Launch the smallest instance (t4g.nano) in the specified region.
- Security Group: Allow SSH only from your IP.
- Key Pair Generation: Create a temporary SSH key for the session.
-
SSH Tunnel: Dynamic port forwarding using the
-Doption. - System Settings: Automatically update macOS network settings.
Technical Details
Why I Chose Rust
- Single Binary: Distributable without dependencies.
- Cross-compilation: Universal binary supporting both ARM/x86.
- Type Safety: Prevents mistakes in handling AWS regions.
- Asynchronous Processing: Efficient I/O with Tokio.
AWS SDK for Rust
use aws_sdk_ec2::{Client, types::Filter};
async fn find_latest_ami(client: &Client, region: &str) -> Result<String> {
let resp = client
.describe_images()
.owners("amazon")
.filters(
Filter::builder()
.name("name")
.values("al2023-ami-*-kernel-*-arm64")
.build(),
)
.send()
.await?;
// Get the latest AMI
// ...
}
The AWS SDK for Rust is still relatively new, but it was practical enough.
Error Handling
I used a combination of anyhow + thiserror to achieve user-friendly error messages:
#[derive(Debug, thiserror::Error)]
pub enum ProxyError {
#[error("No AWS credentials found. Run 'aws configure' first.")]
NoCredentials,
#[error("Region '{0}' is not supported")]
UnsupportedRegion(String),
#[error("EC2 instance failed to start: {0}")]
InstanceStartFailed(String),
}
State Management
Active proxy information is saved in ~/.region-proxy/state.json:
{
"instance_id": "i-0abc123def456789",
"region": "ap-northeast-1",
"public_ip": "54.168.xxx.xxx",
"ssh_pid": 12345,
"started_at": "2024-01-15T10:30:00Z"
}
This makes it possible to recover after a crash or clean up orphaned resources.
Usage
Installation
# Homebrew (Recommended)
brew tap M-Igashi/tap
brew install region-proxy
# Or via cargo
cargo install --git https://github.com/M-Igashi/region-proxy
Basic Operations
# Set the default region
region-proxy config set-region ap-northeast-1
# Start the proxy
region-proxy start
# Check status
region-proxy status
# Stop (automatically deletes resources)
region-proxy stop
List of Available Regions
$ region-proxy list-regions
Available AWS Regions:
ap-northeast-1 (Tokyo)
ap-northeast-2 (Seoul)
ap-southeast-1 (Singapore)
us-east-1 (N. Virginia)
us-west-2 (Oregon)
eu-west-1 (Ireland)
eu-central-1 (Frankfurt)
...
Security
- 🔑 SSH keys are generated per session and automatically deleted
- 🛡️ Security groups only allow your IP address
- 💾 EC2 instances are terminated upon stopping (no persistent data)
- 🏠 Credentials are kept locally (never sent outside of AWS)
Cost
Actual Costs
| Instance | Hourly Rate | 8 Hours/Day | Monthly (24/7) |
|---|---|---|---|
| t4g.nano | $0.0042 | $0.034 | $3.02 |
| t3.nano | $0.0052 | $0.042 | $3.74 |
Since billing is pay-as-you-go, if you only start it when needed, the cost will only be a few cents to a few dollars per month.
Use Cases
- 🎮 Gaming: Access region-restricted game servers and content
- 📺 Streaming: Watch region-locked video content
- 🧪 Testing: Test applications from different geographical locations
- 🔒 Privacy: Route traffic through different regions
- 💼 Development: Access region-specific APIs and services
Future Plans
- Linux support
- Multiple simultaneous connections
- Connection time limits
- Cost display feature
- IPv6 support
Summary
region-proxy is a tool for easily bypassing regional restrictions using AWS.
- You don't want to pay for a VPN service.
- You need access from a specific region.
- You already have an AWS account.
It's perfect for anyone in these situations. Please give it a try!
⭐ Stars are greatly appreciated and keep me motivated!
Discussion