tcpproxy
Proxy TCP connections based on static rules, HTTP Host headers, and SNI server names (Go package or binary)
Top Related Projects
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
A fast TCP/UDP tunnel over HTTP
Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)
Unified ingress for developers
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
Quick Overview
tcpproxy is a simple TCP proxy written in Go. It allows for the forwarding of TCP connections from one address to another, with optional TLS termination and origination. This tool is useful for debugging, testing, and securing network applications.
Pros
- Lightweight and easy to use
- Supports both TLS termination and origination
- Can be used as a library or standalone command-line tool
- Written in Go, making it cross-platform compatible
Cons
- Limited feature set compared to more advanced proxy solutions
- No built-in load balancing capabilities
- Lacks advanced logging and monitoring features
- Not actively maintained (last commit was over 2 years ago)
Code Examples
- Basic TCP proxy:
package main
import (
"log"
"github.com/inetaf/tcpproxy"
)
func main() {
var p tcpproxy.Proxy
p.AddRoute(":80", tcpproxy.To("backend.example.com:80"))
log.Fatal(p.Run())
}
- TLS termination:
package main
import (
"log"
"github.com/inetaf/tcpproxy"
)
func main() {
var p tcpproxy.Proxy
p.AddSNIRoute(":443", "example.com", tcpproxy.To("backend.example.com:80"))
log.Fatal(p.Run())
}
- Using a custom dialer:
package main
import (
"context"
"log"
"net"
"time"
"github.com/inetaf/tcpproxy"
)
func main() {
var p tcpproxy.Proxy
customDialer := &net.Dialer{Timeout: 10 * time.Second}
p.AddRoute(":80", tcpproxy.ToDialer(customDialer, "backend.example.com:80"))
log.Fatal(p.Run())
}
Getting Started
To use tcpproxy in your Go project, first install it:
go get github.com/inetaf/tcpproxy
Then, import it in your Go code:
import "github.com/inetaf/tcpproxy"
Create a new Proxy instance and add routes:
var p tcpproxy.Proxy
p.AddRoute(":80", tcpproxy.To("backend.example.com:80"))
log.Fatal(p.Run())
This will start a TCP proxy listening on port 80 and forwarding connections to backend.example.com:80.
Competitor Comparisons
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
Pros of frp
- More feature-rich, supporting multiple protocols (TCP/UDP/HTTP/HTTPS/STCP)
- Offers a web-based dashboard for monitoring and management
- Provides built-in encryption and compression options
Cons of frp
- More complex setup and configuration
- Higher resource usage due to additional features
- Steeper learning curve for new users
Code Comparison
frp configuration example:
[common]
server_addr = x.x.x.x
server_port = 7000
[ssh]
type = tcp
local_ip = 127.0.0.1
local_port = 22
remote_port = 6000
tcpproxy usage example:
proxy := &tcpproxy.Proxy{}
proxy.AddRoute(":80", tcpproxy.To("10.0.0.1:80"))
log.Fatal(proxy.Run())
frp offers a more comprehensive configuration file with various options, while tcpproxy provides a simpler, programmatic approach to setting up proxies. frp's configuration allows for more detailed control over different types of connections, whereas tcpproxy focuses primarily on TCP proxying with a straightforward API.
A fast TCP/UDP tunnel over HTTP
Pros of Chisel
- Supports multiple protocols (TCP, UDP, SOCKS5) and tunneling methods
- Built-in encryption and authentication for secure connections
- Cross-platform compatibility with easy-to-use CLI
Cons of Chisel
- More complex setup and configuration compared to tcpproxy
- Higher resource usage due to additional features
Code Comparison
tcpproxy:
listener, err := net.Listen("tcp", *listen)
if err != nil {
log.Fatal(err)
}
Chisel:
chisel.NewServer(&chisel.Config{
KeySeed: *key,
Auth: *auth,
Proxy: *proxy,
})
Key Differences
- Functionality: Chisel offers more advanced features like tunneling and encryption, while tcpproxy focuses on simple TCP proxying.
- Ease of use: tcpproxy is straightforward and easy to set up, whereas Chisel requires more configuration but provides greater flexibility.
- Performance: tcpproxy is likely to have lower overhead due to its simplicity, while Chisel may consume more resources to support its additional features.
Use Cases
- tcpproxy: Ideal for simple TCP proxying needs with minimal setup
- Chisel: Better suited for complex networking scenarios requiring secure tunneling and multi-protocol support
Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)
Pros of sslh
- Supports multiple protocols (SSH, HTTP, SSL, etc.) on a single port
- Includes built-in failover and load balancing capabilities
- More mature project with a longer development history
Cons of sslh
- Written in C, which may be less accessible for some developers
- Configuration can be more complex due to its multi-protocol nature
- May have higher resource usage due to protocol detection overhead
Code Comparison
sslh (C):
/* Read from client */
n = read(client_sock, buffer, sizeof(buffer));
if (n == -1) {
perror("read");
return;
}
tcpproxy (Go):
// Read from client
n, err := src.Read(buf)
if err != nil {
log.Printf("error reading from %s->%s: %s", src.RemoteAddr(), dst.RemoteAddr(), err)
return
}
Both projects handle reading from client connections, but tcpproxy uses Go's error handling approach, while sslh uses C-style error checking with perror()
.
sslh offers more advanced protocol multiplexing features, making it suitable for complex setups. tcpproxy, being written in Go, may be easier to extend and maintain for developers familiar with the language. tcpproxy focuses on simple TCP proxying, while sslh provides broader protocol support and additional features like failover and load balancing.
Unified ingress for developers
Pros of ngrok
- Provides secure tunneling to localhost, allowing easy exposure of local servers to the internet
- Offers a user-friendly web interface for managing tunnels and inspecting traffic
- Supports custom subdomains and wildcard domains for easier access
Cons of ngrok
- Requires an account and authentication for full functionality
- May have limitations on free tier usage, including bandwidth and number of tunnels
- More complex setup compared to simple TCP proxying
Code Comparison
ngrok (Go):
tunnel := &Tunnel{
PublicUrl: "https://example.ngrok.io",
Protocol: "https",
Config: config,
}
tcpproxy (Go):
var p tcpproxy.Proxy
p.AddRoute(":80", tcpproxy.To("10.0.0.1:8080"))
log.Fatal(p.Run())
Summary
ngrok is a feature-rich tunneling solution that provides secure access to localhost servers from the internet, with a user-friendly interface and additional features like custom domains. However, it requires authentication and may have usage limitations.
tcpproxy is a simpler, lightweight TCP proxy library that focuses on efficient TCP connection forwarding without additional features like tunneling or web interfaces. It's more suitable for basic proxying needs within a local network or controlled environment.
Choose ngrok for exposing local servers to the internet with added security and management features, or tcpproxy for simple, efficient TCP proxying within a network.
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
Pros of nps
- More comprehensive feature set, including file transfer and web management
- Supports multiple protocols (TCP, UDP, HTTP, HTTPS, SOCKS5)
- Built-in web GUI for easier management and monitoring
Cons of nps
- More complex setup and configuration
- Potentially higher resource usage due to additional features
- Less focused on pure TCP proxying compared to tcpproxy
Code Comparison
nps (client configuration):
client := &nps.Client{
ServerAddr: "server_address:8024",
Vkey: "your_vkey",
Type: "tcp",
LocalAddr: "127.0.0.1:80",
RemoteAddr: "127.0.0.1:8080",
}
tcpproxy (basic usage):
var p tcpproxy.Proxy
p.AddRoute(":80", tcpproxy.To("backend.example.com:8080"))
log.Fatal(p.Run())
Summary
nps offers a more feature-rich solution with support for multiple protocols and a web GUI, making it suitable for complex networking scenarios. However, this comes at the cost of increased complexity and potentially higher resource usage. tcpproxy, on the other hand, provides a simpler and more focused TCP proxying solution, which may be preferable for users who only need basic TCP proxy functionality.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual CopilotREADME
tcpproxy
For library usage, see https://pkg.go.dev/github.com/inetaf/tcpproxy/
For CLI usage, see https://github.com/inetaf/tcpproxy/blob/master/cmd/tlsrouter/README.md
Top Related Projects
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
A fast TCP/UDP tunnel over HTTP
Applicative Protocol Multiplexer (e.g. share SSH and HTTPS on the same port)
Unified ingress for developers
一款轻量级、高性能、功能强大的内网穿透代理服务器。支持tcp、udp、socks5、http等几乎所有流量转发,可用来访问内网网站、本地支付接口调试、ssh访问、远程桌面,内网dns解析、内网socks5代理等等……,并带有功能强大的web管理端。a lightweight, high-performance, powerful intranet penetration proxy server, with a powerful web management terminal.
Convert designs to code with AI
Introducing Visual Copilot: A new AI model to turn Figma designs to high quality code using your components.
Try Visual Copilot