A small command-line TCP proxy utility written in Python
Python Shell Batchfile
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
.gitignore Initial commit Oct 29, 2012
README.md - update the markdown Oct 29, 2012
pkcs12.bat initial import into github Oct 29, 2012
prox.py "option -O to use SO_ORIGINAL_DST from client connection" from fopina Jul 25, 2016
proxcat.py initial import into github Oct 29, 2012



A small command-line TCP proxy utility written in Python

Tim Newsham 29 Oct 2012


This is a small command-line TCP proxy utility written in python. It is designed to have very minimal requirements - it runs directly from python (tested in python 2.7) from a single source file (unless the auto-certificate option is used). When running, the proxy accepts incoming TCP connections and copies data to a TCP connection to another machine. Options allow for SSL and IPv6 connections and for the logging of all data. Data is logged in a format that preserves connection, timing and direction information and a small utility is provided to dump out the information in various formats. A small utility is also provided for generating CA and SSL certificates. This utility is the only component that relies on an external python library, but it can be run on a different machine if necessary.


  • A normal TCP proxy is straightforward:

  • For SSL, first create and install a CA cert

    • $ ./ca.py -c
    • $ ./pkcs12.sh ca # if you need a pkcs12 certificate
    • take ca.pem or ca.pfx and install it as a root certificate in your testing browser
  • Run the proxy using an auto-generated certificate:

  • Or manually generate a certificate (possibly on another machine) and then run the proxy using that certificate:

  • To view data logged to a file by prox.py, use proxcat:

    • $ ./proxcat.py -x log.txt


TcpProx requires a python interpreter and the M2Crypto package from http://www.heikkitoivonen.net/m2crypto/. The prox.py program can be run with only the prox.py file and without the M2Crypto package installed if the -A option is not used.