Vladimir Dubrovin
|
2d6eeff5f3
|
FIx typos, update documentation
|
2026-04-12 13:58:42 +03:00 |
|
Vladimir Dubrovin
|
8cb8be1be8
|
Fix warnings
|
2026-04-08 21:13:45 +03:00 |
|
Vladimir Dubrovin
|
acc6db59a3
|
SNI break (DPI bypass) added
-s option to tlspr (or tls type redirect), requires TCP_NODELAY to be set
auth iponly
allow *
parent 1000 tls 0.0.0.0 0
allow *
proxy -s -i127.0.0.1 -ocTCP_NODELAY -osTCP_NODELAY -p1443
|
2026-04-08 19:21:26 +03:00 |
|
Vladimir Dubrovin
|
bc7e9b2ac6
|
Fix: -P option for tlspr
|
2026-04-08 19:21:26 +03:00 |
|
z3apa3a
|
bc92819572
|
Fix tlspr for compatibility with older compileres
|
2025-03-09 19:16:35 +03:00 |
|
Vladimir Dubrovin
|
94dfa195db
|
char * / unsigned char * conversions fixed
|
2024-05-31 19:53:28 +03:00 |
|
Vladimir Dubrovin
|
013d4bc333
|
tlspr (SNI proxy) implemented
Options -cN - level of TLS check
default - allow non-TLS traffic
1 - require TLS, only check client HELLO packet
2 - require TLS, check both client and server HELLO
3 - require TLS, check server send certificate (not compatible with TLS 1.3)
4 - require mutual TLS, check server send certificate request and client sends certificate (not compatible with TLS 1.3)
-P - default port
examples:
1.
tlspr -p1443 -P443 -c1
(port 1443 may be used to redirect traffic to destination port 143). SNI is used to find destination host
2.
allow * * * 80
parent 1000 http 0.0.0.0 0
allow * * * * CONNECT
parent 1000 tls 0.0.0.0 0
deny * * some.not.allowed.host
allow *
socks
attempts to take destination hostname from SNI in SOCKS
|
2024-05-20 13:01:38 +03:00 |
|