🔥 Proxy is a high performance HTTP(S) proxies, SOCKS5 proxies,WEBSOCKET, TCP, UDP proxy server implemented by golang. Now, it supports chain-style proxies,nat forwarding in different lan,TCP/UDP port forwarding, SSH forwarding.Proxy是golang实现的高性能http,https,websocket,tcp,socks5代理服务器,支持内网穿透,链式代理,通讯加密,智能HTTP,SOCKS5代理,黑白名单,限速,限流量,限连接数,跨平台,KCP支持,认证API。

Stars: ✭ 11,334 (+47125%)

Mutual labels: tls, socks5

hyper-proxy

A proxy connector for Hyper-based crates

Stars: ✭ 73 (+204.17%)

Mutual labels: tls

utls

Fork of the Go standard library with unsafe extensions, for expert clients with unusual needs.

Stars: ✭ 19 (-20.83%)

Mutual labels: tls

k8s-webhook-cert-manager

Generate certificate suitable for use with any Kubernetes Mutating Webhook.

Stars: ✭ 59 (+145.83%)

Mutual labels: tls

nimSocks

A filtering SOCKS proxy server and client library written in nim.

Stars: ✭ 51 (+112.5%)

Mutual labels: socks5

RabbitSSL

Example Java, Spring-Boot and Python RabbitMQ SSL configuration

Stars: ✭ 21 (-12.5%)

Mutual labels: tls

crlite

WebPKI-level Certificate Revocation via Multi-Level Bloom Filter Cascade

Stars: ✭ 52 (+116.67%)

Mutual labels: tls

iot security

《密码技术与物联网安全——mbedtls开发实战》示例代码

Stars: ✭ 111 (+362.5%)

Mutual labels: tls

Prox5

🧮 SOCKS5/4/4a 🌾 validating proxy pool and upstream SOCKS5 server for 🤽 LOLXDsoRANDum connections 🎋

Stars: ✭ 39 (+62.5%)

Mutual labels: socks5

mos-tls-tunnel

Archived. Check this out https://github.com/IrineSistiana/simple-tls

Stars: ✭ 21 (-12.5%)

Mutual labels: tls

ProxyChecker

An easy to use open-source, multithreaded Proxy Checker. Allows you to quickly check HTTP and SOCKS proxies in a user friendly GUI, for Windows, Mac OS, Linux.

Stars: ✭ 113 (+370.83%)

Mutual labels: socks5

socks5-proxy-server

SOCKS5 proxy server

Stars: ✭ 47 (+95.83%)

Mutual labels: socks5

harddns

RFC8484 and DoH/JSON resolver

Stars: ✭ 35 (+45.83%)

Mutual labels: tls

MQTTnet

MQTTnet is a high performance .NET library for MQTT based communication. It provides a MQTT client and a MQTT server (broker). The implementation is based on the documentation from http://mqtt.org/.

Stars: ✭ 3,309 (+13687.5%)

Mutual labels: tls

p3y

A single binary reverse proxy written in go. It was developed for use in Kubernetes, to wrap services like Prometheus with simple BasicAuth and TLS encryption.

Stars: ✭ 15 (-37.5%)

Mutual labels: tls

netxduo

Azure RTOS NetX Duo is an advanced, industrial-grade TCP/IP network stack designed specifically for deeply embedded real-time and IoT applications

Stars: ✭ 151 (+529.17%)

Mutual labels: tls

View All Similar Projects ➔

socks5 over multiple network zones tunneled through a tls tcp connection

+-------------------+   +--------------+   +--------------+   +-----------------+
| source zone       |   |  zone A      |   | zone ...     |   | target zone     |
| +---------------+ |   |              |   |              |   | +-------------+ |
| |               | |   |              |   |              |   | |             | |
| | client A      | |   |              |   |              |   | | service A   | |
| |               | |   |              |   |              |   | |             | |
| +-------+-------+ |   |              |   |              |   | +------^------+ |
|         |         |   |              |   |              |   |        |        |
| +-------v-------+ |   | +----------+ |   | +----------+ |   | +------+------+ |
| |               | |   | |          | |   | |          | |   | |             | |
| | tlssocksproxy +-------> tcpproxy +-------> tcpproxy +-------> tlssocks    | |
| |               | |   | |          | |   | |          | |   | |             | |
| +-------^-------+ |   | +----------+ |   | +----------+ |   | +------+------+ |
|         |         |   |              |   |              |   |        |        |
| +-------+-------+ |   |              |   |              |   | +------v------+ |
| |               | |   |              |   |              |   | |             | |
| | client ...    | |   |              |   |              |   | | service ... | |
| |               | |   |              |   |              |   | |             | |
| +---------------+ |   |              |   |              |   | +-------------+ |
|                   |   +--------------+   +--------------+   |                 |
|                   |                                         |                 |
|                   +----------------------------------------->                 |
|                   |       tls connection over n zones       |                 |
+-------------------+                                         +-----------------+

example project

Example docker-compose project in docker/localtest - should help to understand the configuration

# run example project
make docker-local-test

# try it

# works for jan
curl -vvv --proxy socks5h://jan:[email protected]:8000 http://echo:8080/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* SOCKS5 communication to echo:8080
* SOCKS5 request granted.
* Connected to 127.0.0.1 (127.0.0.1) port 8000 (#0)
> GET / HTTP/1.1
> Host: echo:8080
> User-Agent: curl/7.54.0
> Accept: */*
>
< HTTP/1.1 200 OK
< X-App-Name: http-echo
< X-App-Version: 0.2.3
< Date: Mon, 06 Aug 2018 09:44:03 GMT
< Content-Length: 12
< Content-Type: text/plain; charset=utf-8
<
hello-world
* Connection #0 to host 127.0.0.1 left intact

# does not work for peter
curl -vvv --proxy socks5h://peter:[email protected]:8000 http://echo:8080/
*   Trying 127.0.0.1...
* TCP_NODELAY set
* SOCKS5 communication to echo:8080
* Can't complete SOCKS5 connection to 0.0.0.0:0. (2)
* Closing connection 0
curl: (7) Can't complete SOCKS5 connection to 0.0.0.0:0. (2)

tlssocksproxy

Opens an tls encrypted connection to tlssocks - optionally through one or multiple tcpproxies and makes it available as a "normal" socks5 server.

# running a tlssocksproxy locally to connect a remote tlssocks using tls encryption
docker run --rm -p="8000:8000" foomo/tlssocksproxy:latest -addr="0.0.0.0:8000" -server="tlssocks.example.com:8765"

tcpproxy

Very light weight wrapper around googles https://github.com/google/tcpproxy - can be daisychained.

tlssocks

Based on github.com/armon/go-socks5 wrapped by https://golang.org/pkg/crypto/tls/.

tls protection
authentication with bcrypt hashed passwords (htpasswd compatible)
destinations configuration

Managing credentials:

Can be done with good old htpasswd - in case of doubt man htpasswd

# set the password for a user in an existing file using bcrypt
htpasswd -B path/to/users.htpasswd <user-name>

Configuring destinations:

By default every proxy request is denied, except it is explicitly allowed through the destinations configuration.

Destinations are configured on a name basis and allowed for ports and users.

WARNING - if you are running multiple vhosts on one destination all of them are accessible, since tlssocks is not inspecting the incoming traffic.

---
# destination www.heise.de will be accessible trough ports 80, 443 for users jan and peter
www.heise.de:
  ports: 
    - 80
    - 443
  users:
    - jan
    - peter
# destination echo is acce
echo:
  ports: 
    - 8080
  users:
    - jan

www.google.com:
  ports: 
    - 443
  users:
    - peter
...

caveats / todos

only name based destinations are supported

security concerns

All vhosts on a destination can be accessed through the allowed ports - there is no traffic inspection to prevent this.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

foomo / tlssocks

Programming Languages

Labels

Projects that are alternatives of or similar to tlssocks

socks5 over multiple network zones tunneled through a tls tcp connection

example project

tlssocksproxy

tcpproxy

tlssocks

caveats / todos

security concerns