| .gitignore | ||
| .goreleaser.yml | ||
| dnsmasq.conf | ||
| go.mod | ||
| go.sum | ||
| iptables_init.sh | ||
| LICENSE | ||
| main.go | ||
| Makefile | ||
| README.md | ||
| VERSION | ||
TCProxy
TCProxy is a lightweight TCP proxy designed to forward HTTPS and HTTP traffic while enforcing an IP-based whitelist. It inspects incoming connections, determines if they are HTTPS or HTTP, and forwards them accordingly to the appropriate backend server.
Features:
- SNI-based Routing: Extracts the Server Name Indication (SNI) from HTTPS requests and forwards them to the correct backend.
- IP Whitelisting: Allows only approved IP addresses to connect, dynamically reloading the whitelist file on changes.
- Seamless HTTP/HTTPS Handling: Differentiates between HTTP and HTTPS connections and routes them accordingly.
- Concurrency Support: Uses goroutines and wait groups for efficient connection handling.
- Customizable Binding: Supports binding to a custom address and port via command-line flags.
- Lightweight & Self-Contained: Written in Go with no external dependencies apart from the standard library.
Usage:
tcproxy -b <bind-address>
Or with default options:
tcproxy
Command-line Options:
-b, --bind: Set the address to bind (default:localhost:8443).-v, --version: Display the version.-h, --help: Show usage instructions.
Example:
tcproxy -b "0.0.0.0:8443"
This starts TCProxy, listening on all interfaces at port 8443.
Requirements:
- Go 1.16+
- A
whitelist.txtfile for IP-based filtering.
Installation:
Build from source:
git clone https://git.behzadan.com/reza/tcproxy.git
cd tcproxy
make