Showcase: A modern Go rewrite of ocproxy using gVisor (go-ocproxy)

[awkj]

Hi everyone,

I've been a long-time user of ocproxy and I love how it keeps the VPN traffic isolated from the global routing table. Recently, I decided to try rewriting it in Go to leverage memory safety and a more modern networking
stack.

I created go-ocproxy (https://github.com/awkj/go-ocproxy)

Key Differences:

• Language: Rewritten in Go for easier maintenance and memory safety.
• Stack: Replaced the embedded lwIP (C) with Google's gVisor (netstack), which is a production-grade user-space network stack used in Google Cloud.
• Complexity: Reduced the codebase from ~80,000 lines (including lwIP) to just a few hundred lines of high-level Go code.
• DNS: Added built-in smart DNS forwarding through the tunnel.

Note on Development:
Full disclosure: I built this project in collaboration with Google's Gemini CLI. While the core logic is implemented and it compiles/runs, I haven't had the chance to perform exhaustive testing across all network
environments and edge cases yet.

Call for Testers:
I’m looking for volunteers from this community to:

1. Give it a try in your workflow.
2. Help identify any bugs or performance issues.
3. Suggest features (like port forwarding -L which is currently being planned).

If you're interested in a more "Go-native" way to handle your OpenConnect proxies, please check it out and let me know what you think!

Thanks for the inspiration, ocproxy team!