Secure AI Gateway β Share your local AI with friends without exposing your network.
Iron Tunnel lets you securely share your local AI (Oobabooga, LM Studio, llama.cpp, etc.) with specific people over the internet β without port forwarding, without exposing your IP, and without giving everyone access.
The problem: You have an AI running locally. You want your friend to use it. But you don't want to expose your home IP or let random people access it.
The solution: Iron Tunnel creates a secure gateway with generated client executables. Only people with YOUR specific client exe AND a one-time install code can access YOUR specific host.
YOU (Host) FRIEND (Client)
βββββββββββββββββββββββββββββββββββββββββββββββββββββββββββββ
1. Run iron_host.py
2. generate "Alex Laptop"
β Creates IronClient_Alex.exe
β Creates install code: K7M2-X9R4-P3N8
3. Send exe + code to Alex βββββββββββΊ 4. Run exe, enter code
5. Open tunnel URL in browser
6. See: "Alex wants to connect" ββββ 6. Client auto-authenticates
Code: ABCD1234
7. Verify code, type: approve Alex ββββΊ 8. VoxAI chat interface loads
Done. Alex can now chat with your AI.
- π Host-Bound Clients β Generated exes only work with YOUR host
- π« One-Time Install Codes β Like game CD keys, use once then consumed
- ποΈ Session Verification β Pairing codes for each browser session
- β‘ Instant Revocation β Kill any client exe remotely
- π« Invisible to Scanners β No client = redirect to Google
- π No Port Forwarding β Uses Ngrok tunnel
git clone https://github.com/yourusername/iron-tunnel.git
cd iron-tunnel
pip install -r requirements.txtpython iron_host.pyOr on Windows, double-click start.bat
First run will:
- Generate your unique Host ID
- Ask for your Ngrok auth token
- Open the tunnel
Admin> generate "Alex Laptop"
β Client generated!
Name: Alex Laptop
Client ID: CLT-7F3A-X9K2-M4B8
Install Code: K7M2-X9R4-P3N8
Exe: IronClient_Alex_Laptop_7F3A.exe
Give the .exe and install code to Alex.
Alex needs:
- The
.exefile you generated - The install code
- Npcap installed (Windows)
- Run as administrator
Enter Install Code: K7M2-X9R4-P3N8
β Activation successful!
[READY] Monitoring for tunnel access...
Open the tunnel URL in your browser.
When Alex opens the tunnel URL:
Admin>
[!] CLIENT REQUESTING SESSION
Name: Alex Laptop
ID: CLT-7F3A-X9K2-M4B8
Code: ABCD1234
Admin> approve "Alex"
β Session approved for Alex Laptop (24h)
By default, IronGate runs on port 8000. To change this:
- Open
host_config.jsonin this directory. - Add or update the "port" field:
{ "port": 8080, ... } - Restart
iron_host.py.
| Command | Description |
|---|---|
generate "name" |
Create new client exe + install code |
list |
Show all clients and their status |
sessions |
Show active browser sessions |
approve "name" |
Approve a pending session request |
kick "name" |
End session (client must re-authenticate) |
revoke "name" |
Permanently disable a client exe |
lockdown |
Emergency kill switch β block ALL connections |
export |
Backup your host identity |
status |
Show overview |
clear |
Clear screen |
help |
Show commands |
- Python 3.10+
- Ngrok account (free tier works)
- Local AI backend (Oobabooga, LM Studio, etc.)
- Windows + Npcap
- Run as administrator
- Install code from host
Edit ai_bridge.py to point to your AI:
# Oobabooga
AI_URL = "http://127.0.0.1:5000/v1/chat/completions"
# LM Studio
AI_URL = "http://127.0.0.1:1234/v1/chat/completions"
# llama.cpp
AI_URL = "http://127.0.0.1:8080/v1/chat/completions"Any OpenAI-compatible API will work.
| Threat | Protection |
|---|---|
| Random scanners | See nothing, redirected to Google |
| No client installed | Redirected to Google |
| Wrong client exe | Rejected (bound to different host) |
| Stolen exe without code | Can't activate |
| Compromised client | Revoke instantly |
| Session hijacking | Pairing codes verify each session |
- Attacker with both exe AND unused install code
- Compromised host machine
- Physical access to activated client
- Send exe and install code separately β different channels
- Verify pairing codes β don't just auto-approve
- Revoke when not needed β don't leave old clients active
- Backup host identity β use
exportcommand - Use short sessions β adjust
SESSION_DURATION_HOURS
iron-tunnel/
βββ iron_host.py # Main application
βββ ai_bridge.py # AI backend connector
βββ requirements.txt # Dependencies
βββ start.bat # Windows launcher
βββ README.md # This file
βββ TECHNICAL.md # Detailed documentation
β
βββ host_identity.key # [Generated] Your host ID (backup this!)
βββ host_config.json # [Generated] Settings
βββ clients.json # [Generated] Client database
β
βββ exports/ # [Generated] Client exe files
βββ templates/ # [Auto-created] Web templates
βββ logs/ # [Generated] Session logs
IronGate automatically attempts to kill old processes on startup. If you still see this error:
- Close the IronGate window.
- Open a terminal and run:
taskkill /F /IM ngrok.exe - Restart IronGate.
Install from https://npcap.com/ with "WinPcap API-compatible Mode" enabled.
- Run as administrator
- Check tunnel URL is correct
- Ensure Npcap is installed
Client was generated by different host. Generate new client from your host.
First PyInstaller build caches dependencies (~60s). Subsequent builds are faster (~30s).
PyInstaller exes often trigger false positives. Add to exclusions or sign the exe.
PRs welcome. Please:
- Test your changes
- Update documentation
- Keep security in mind
MIT License β do whatever you want, just don't blame me.
Built by [AlexC1991]
Powered by: