Skip to content
Dispatch TLS Connections based on SNI
Go
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
parser Change licensing to Apache 2.0 Jun 24, 2017
.gitignore Add binary to .gitignore Dec 29, 2015
LICENSE Change licensing to Apache 2.0 Jun 24, 2017
README.md Add option to specify regexp for hostname Dec 29, 2015
config.go Change licensing to Apache 2.0 Jun 24, 2017
main.go Change licensing to Apache 2.0 Jun 24, 2017
server.go
sniff.json Add option to specify regexp for hostname Dec 29, 2015

README.md

sniff

SNIff is a small server that will accept incoming TLS connections, and parse TLS Client Hello messages for the SNI Extension. If one is found, we'll go ahead and forward that connection to a remote (or local!) host.

sniff config

{
    "bind": {
        "host": "localhost",
        "port": 8443
    },
    "servers": [
        {
            "default": false,
            "regexp": false,
            "host": "97.107.130.79",
            "names": [
                "pault.ag",
                "www.pault.ag"
            ],
            "port": 443
        }
    ]
}

The following config will listen on port 8443, and connect any requests to pault.ag or www.pault.ag to port 443 on host 97.107.130.79. If nothing matches this, the socket will be closed.

Changing default to true would send any unmatched hosts (or TLS / SSL connections without SNI) to that host.

By default, the requested domain name is compared literally with the strings inside names. If regexp is true, then the names are interpreted as regular expressions. Each server and name will be checked in the order they appear in the file, stopping with the first match. If there is no match, then the request is sent to the first server with default set.

using the parser

import (
    "fmt"

    "pault.ag/go/sniff/parser"
)

func main() {
    listener, err := net.Listen("tcp", "localhost:2222")
    if err != nil {
        return err
    }
}
You can’t perform that action at this time.