Skip to content

astibal/smithproxy

master
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
15 branches 74 tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
.github
Create codeql-analysis.yml
August 12, 2021 15:13
docs
docs/ directory desperately outdated - atm remove old stuff and add l…
January 25, 2021 22:43
etc
remove remnants of --tenant-index options (deprecated already)
December 2, 2022 17:20
man
remove docker/_attic
January 25, 2021 23:11
snap/hooks
snap support improvements
December 23, 2021 12:27
socle @ 1d05aec
don't generate crashlogs on program exit for Release builds
December 17, 2022 17:45
src
don't generate crashlogs on program exit for Release builds
December 17, 2022 17:45
tools
introduce CA single-file bundle support
December 7, 2022 22:15
.git_pre-commit
flag should be in double-quotes
January 4, 2022 11:40
.gitattributes
implement encrypted and salted passwords in users.cfg
May 24, 2015 19:39
.gitignore
sync with socle
February 5, 2022 15:49
.gitmodules
add lmhpp module (not used)
July 29, 2021 00:21
.travis.yml
travis: well, it's gonna work, someday
May 4, 2020 09:38
CMakeLists.txt
re-add nlohmann::json as a fetched project from cmake
December 4, 2022 01:26
FindLibConfig.cmake
config file phase I
September 19, 2014 00:40
FindLibMicroHttpd.cmake
introduce httpd service which is not yet even compiled in - disabled …
July 29, 2021 00:33
Findhiredis.cmake
add boilerplate code for redis support
February 17, 2022 18:11
LICENSE
add GNU/GPL v3 license
April 22, 2020 15:30
README.md
update readme
May 4, 2022 11:11
Release_Notes.md
update Release Notes
December 19, 2022 18:52
TODO-dev.md
add dev todo file
May 24, 2021 10:01
coverity.cmake
refactor and generalize cli-to-config code to be reusable by API (and…
September 19, 2022 17:27
helpers.cmake
add helper facility to install git hooks on cmake run
January 4, 2022 12:21
install.cmake
introduce CA single-file bundle support
December 7, 2022 22:15
snapcraft-core18.yaml
keep core18 and core20 snapcraft files for reference
November 17, 2022 14:00
snapcraft-core20.yaml
keep core18 and core20 snapcraft files for reference
November 17, 2022 14:00
snapcraft.yaml
fix snapcraft.yaml version
December 19, 2022 22:11
version-bumper.sh
various smaller improvements
December 30, 2020 14:06
Availability: Core features: TLS features: Other: Tools: Support and contacts

README.md

Smithproxy is highly configurable, fast and transparent TCP/UDP/TLS (SSL) proxy written in C++17.
It uses our C++17 socket proxying library called socle.

Note: Snap and precompiled binary packages are no longer available from Russia Federation and Belarus as a response to their blatant war crimes being commited when invading Ukraine these days. For individuals from named countries: there are still sources which can be easily compiled; in the mean time seek more uncensored information!

Read fresh Release Notes to stay tuned!
Documentation: https://smithproxy.readthedocs.org
To replay captured traffic, check out the sister project pplay.

Availability:

  • Linux - can be installed as a service (distro packages, or easily compiled from sources)
    • Download binary linux .deb (arm64, armhf, amd64) packages and source from: https://download.smithproxy. org/
    • Download and compile directly from source (known to work: Debian, Ubuntu, Alpine, Fedora, Kali, Arch)
  • Docker - available as an image on docker hub
  • Snap - install smithproxy service as a confined snap (with some limitations)!

Core features:

  • TCP/UDP and TLS - intercept routed traffic, locally-originated traffic and SOCKS proxy requests
  • configure policy based traffic matching similar to modern firewalls
  • utilize per-policy applicable content, dns, tls, detection and authentication profiles
  • re-route traffic (DNAT) and load-balance it, stickiness based on source-IP, L3 or L4 header data
  • enjoy insightful CLI with configuration control
  • export intercepted traffic to rotated pcap files, or emitting it to remote workstation in GRE

TLS features:

  • TLS security checks (OCSP, OCSP stapling, automatic CRL download)
  • Certificate Transparency checks for outbound connections
  • HTML replacement browser warnings
  • STARTTLS support for most starttls capable protocols, including HTTP proxy CONNECT
  • Seamless HTTPS redirection to authentication portal
  • Exporting sslkeylog

Other:

  • Local and LDAP user authentication using builtin web portal (using complementary package)
  • SOCKS4/SOCKS5 explicit proxy with DNS hostname support
  • Engines: limited HTTP1 and HTTP2 support
  • DNS inspection allows FQDN policy objects, including DoH
  • Policies based on FQDN and 2nd level DNS domain
  • both IPv4 and IPv6 are supported
  • detailed debugging messages in CLI if needed

Tools:

  • built-in tools to help with CA and certificate enrollment needed to run smithproxy
  • auto-enrolling portal certificate based on system IP and hostname
  • auto-detect inspection interface(s) based on system routing information
  • check pplay tool: replays captures over the network with many cool features

Support and contacts

About

featured transparent tcp/udp/ssl proxy

www.smithproxy.org

Topics

docker tls snap mitm socks5 tproxy mitm-tls mitm-udp mitm-tcp

Resources

Readme

License

GPL-3.0 license

Stars

35 stars

Watchers

3 watching

Forks

6 forks

Releases 13

0.9.31 Latest
Dec 19, 2022
+ 12 releases

Sponsor this project

Packages

No packages published

Languages