The g3proxy is an enterprise level forward proxy, but still with basic support for tcp streaming / tls streaming / transparent proxy / reverse proxy.
-
General
- Ingress network filter / Target Host filter / Target Port filter
- Socket Speed Limit / Request Rate Limit / IDLE Check
- Protocol Inspection / TLS Interception / ICAP Adaptation (experimental)
- Various TCP / UDP socket config options
- Rustls TLS Server (default) / Openssl TLS Server
- Openssl TLS Client
- 国密《GB/T 38636-2020》(TLCP) client / server (require feature vendored-tongsuo)
-
Forward Proxy
-
Http(s) Proxy
- TLS / mTLS
- Http Forward / Https Forward / Http CONNECT / Ftp over HTTP
- Basic User Authentication
- Port Hiding
-
Socks Proxy
- Socks4 Tcp Connect / Socks5 Tcp Connect / Socks5 UDP Associate
- User Authentication
- Client side UDP IP Binding / IP Map / Ranged Port
-
-
Transparent Proxy
-
SNI Proxy
- Multiple Protocol: TLS SNI extension / HTTP Host Header
- Host Redirection / Host ACL
-
-
Reverse Proxy
-
Http(s) Reverse Proxy
- TLS / mTLS
- Basic User Authentication
- Port Hiding
- Host based Routing
-
-
Streaming
-
TCP Stream
- Upstream TLS / mTLS
- Load Balance: RR / Random / Rendezvous / Jump Hash
-
TLS Stream
- mTLS
- Upstream TLS / mTLS
- Load Balance: RR / Random / Rendezvous / Jump Hash
-
-
Alias Port
- Plain TCP Port
- PROXY Protocol
- Plain TLS Port
- PROXY Protocol
- mTLS
- based on Rustls
- Native TLS Port
- PROXY Protocol
- mTLS
- based on OpenSSL
- Intelli Proxy
- Multiple protocol: Http Proxy / Socks Proxy
- PROXY Protocol
- Plain TCP Port
-
General
- Happy Eyeballs
- Socket Speed Limit
- Various TCP / UDP socket config options
- IP Bind
-
Direct Connect
-
Fixed
- TCP Connect / TLS Connect / HTTP(s) Forward / UDP Associate
- Egress network filter
- Resolve redirection
- Index based Egress Path Selection
-
Float
- TCP Connect / TLS Connect / HTTP(s) Forward / UDP Associate
- Egress network filter
- Resolve redirection
- Dynamic IP Bind
- Json based Egress Path Selection
-
-
Proxy Chaining
-
Http Proxy
- TCP Connect / TLS Connect / HTTP(s) Forward
- PROXY Protocol
- Load Balance: RR / Random / Rendezvous / Jump Hash
- Basic User Authentication
-
Https Proxy
- TCP Connect / TLS Connect / HTTP(s) Forward
- PROXY Protocol
- Load Balance: RR / Random / Rendezvous / Jump Hash
- Basic User Authentication
- mTLS
-
Socks5 Proxy
- TCP Connect / TLS Connect / HTTP(s) Forward / UDP Associate
- Load Balance: RR / Random / Rendezvous / Jump Hash
- Basic User Authentication
-
Float
- Dynamic Proxy: Http Proxy / Https Proxy / Socks5 Proxy
- Json based Egress Path Selection
-
- route-client - based on client addresses
- exact ip match
- subnet match
- route-mapping - based on user supplied rules in requests
- Index based Egress Path Selection
- route-query - based on queries to external agent
- route-resolved - based on resolved IP of target host
- route-geoip - based on GeoIP rules if the resolved IP
- route-select - simple load balancer
- RR / Random / Rendezvous / Jump Hash
- Json based Egress Path Selection
- route-upstream - based on original target host
- exact ip match
- exact domain match
- wildcard domain match
- subnet match
- regex domain match
- route-failover - failover between primary and standby escaper
- c-ares
- UDP
- TCP
- hickory
- UDP / TCP
- DNS over TLS
- DNS over HTTPS
- DNS over HTTP/3
- DNS over QUIC
- fail-over
-
User Authentication and Authorization
- ACL: Proxy Request / Target Host / Target Port / User Agent
- Socket Speed Limit / Request Rate Limit / Request Alive Limit / IDLE Check
- Auto Expire / Block
- Anonymous user
- Json based Egress Path Selection
- Explicit Site Config
- match by exact ip / exact domain / wildcard domain / subnet
- request / client traffic / remote traffic metrics
- task duration histogram metrics
- TCP Protocol Inspection
- TLS Interception
- TLS Stream Dump
- Http / H2 Interception
- ICAP Adaptation & Sampling
- Log Types
- Server: task log
- Escaper: escape error log
- Resolver: resolve error log
- Audit: inspect & intercept log
- Backend: journald / syslog / fluentd
- Metrics Types
- Server level metrics
- Escaper level metrics
- User level metrics
- User-Site level metrics
- Protocol: StatsD
The detailed docs are resided in the doc directory.
You can find example config in the examples directory.