{"id":13752389,"url":"https://github.com/wadahiro/go-transproxy","last_synced_at":"2026-01-12T01:52:19.030Z","repository":{"id":45971412,"uuid":"101277891","full_name":"wadahiro/go-transproxy","owner":"wadahiro","description":"Transparent proxy servers for HTTP, HTTPS, DNS and TCP.","archived":false,"fork":false,"pushed_at":"2021-07-09T06:51:20.000Z","size":43,"stargazers_count":169,"open_issues_count":2,"forks_count":29,"subscribers_count":10,"default_branch":"master","last_synced_at":"2025-05-09T19:46:20.601Z","etag":null,"topics":["go","transparent-proxy"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/wadahiro.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-08-24T09:29:22.000Z","updated_at":"2025-05-05T20:10:37.000Z","dependencies_parsed_at":"2022-07-18T09:08:52.910Z","dependency_job_id":null,"html_url":"https://github.com/wadahiro/go-transproxy","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"purl":"pkg:github/wadahiro/go-transproxy","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wadahiro%2Fgo-transproxy","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wadahiro%2Fgo-transproxy/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wadahiro%2Fgo-transproxy/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wadahiro%2Fgo-transproxy/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/wadahiro","download_url":"https://codeload.github.com/wadahiro/go-transproxy/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/wadahiro%2Fgo-transproxy/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":28331260,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-01-12T00:36:25.062Z","status":"ssl_error","status_checked_at":"2026-01-12T00:36:15.229Z","response_time":60,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["go","transparent-proxy"],"created_at":"2024-08-03T09:01:05.042Z","updated_at":"2026-01-12T01:52:18.991Z","avatar_url":"https://github.com/wadahiro.png","language":"Go","funding_links":[],"categories":["Go"],"sub_categories":[],"readme":"# go-transproxy\n\nTransparent proxy servers for HTTP, HTTPS, DNS and TCP. \nThis repository is heavily under development.\n\n## Description\n\n**go-transproxy** provides transparent proxy servers for HTTP, HTTPS, DNS and TCP with single binary.\nNothing needs to setup many tools. Nothing needs to configure iptables.\n**go-transproxy** will start multiple proxy servers for these protocols.\nFutheremore, it will configure iptables automatically.\n\n**go-transproxy** also provides two types of explicit proxy(not transparent proxy).\nOne is a simple proxy delegating to upstream your proxy, another is for adding `Proxy-Authorization` header automatically.\n\n## Requirement\n\n**go-transproxy** supports only Linux iptables.\n\n## Install\n\n### Binaly install\nDownload from [Releases page](https://github.com/wadahiro/go-transproxy/releases).\n\n### Source install\nUse Go 1.13 for the build.\n\n```\nmake\n```\n\n## Usage\n\n```\nUsage:\n\n  transproxy [options]\n\nOptions:\n\n  -disable-iptables\n    \tDisable automatic iptables configuration\n  -dns-over-https-enabled\n        Use DNS-over-HTTPS service as public DNS\n  -dns-over-https-endpoint string\n        DNS-over-HTTPS endpoint URL (default \"https://dns.google.com/resolve\")\n  -dns-over-tcp-disabled\n        Disable DNS-over-TCP for querying to public DNS\n  -dns-proxy-listen [host]:port\n        DNS Proxy listen address, as [host]:port (default \":3131\")\n  -dns-tcp\n        DNS Listen on TCP (default true)\n  -dns-udp\n        DNS Listen on UDP (default true)\n  -explicit-proxy-listen [host]:port\n        Explicit Proxy listen address for HTTP/HTTPS, as [host]:port Note: This proxy doesn't use authentication info of the `http_proxy` and `https_proxy` environment variables (default \":3132\")\n  -explicit-proxy-only\n        Boot Explicit Proxies only\n  -explicit-proxy-with-auth-listen [host]:port\n        Explicit Proxy with auth listen address for HTTP/HTTPS, as [host]:port Note: This proxy uses authentication info of the `http_proxy` and `https_proxy` environment variables (default \":3133\")\n  -http-proxy-listen [host]:port\n        HTTP Proxy listen address, as [host]:port (default \":3129\")\n  -https-proxy-listen [host]:port\n        HTTPS Proxy listen address, as [host]:port (default \":3130\")\n  -loglevel string\n        Log level, one of: debug, info, warn, error, fatal, panic (default \"info\")\n  -private-dns string\n        Private DNS address for no_proxy targets (IP[:port])\n  -public-dns string\n        Public DNS address (IP[:port]) Note: Your proxy needs to support CONNECT method to the Public DNS port, and the public DNS needs to support TCP\n  -tcp-proxy-dports port1,port2,...\n        TCP Proxy dports, as port1,port2,... (default \"22\")\n  -tcp-proxy-listen [host]:port\n        TCP Proxy listen address, as [host]:port (default \":3128\")\n```\n\nProxy configuration is used from standard environment variables, `http_proxy`, `https_proxy` and `no_proxy`.\nAlso you can use **IP Address**, **CIDR**, **Suffix Domain Name** in `no_proxy`.\n\n### Example \n\n```\n# Set your proxy environment\nexport http_proxy=http://foo:bar@yourproxy.example.org:3128\n\n# Set no_proxy if you need to access directly for internal\nexport no_proxy=example.org,192.168.0.0/24\n\n# Start go-transproxy with admin privileges(sudo)\nsudo -E transproxy -private-dns 192.168.0.100 -public-dns 8.8.8.8\n```\n\nFor testing, using docker is easy way. Now, you can access to google from docker container with no proxy configuration as follows.\n\n```\ndocker run --rm -it centos curl http://www.google.com\n\u003cHTML\u003e\u003cHEAD\u003e\u003cmeta http-equiv=\"content-type\" content=\"text/html;charset=utf-8\"\u003e\n\u003cTITLE\u003e302 Moved\u003c/TITLE\u003e\u003c/HEAD\u003e\u003cBODY\u003e\n\u003cH1\u003e302 Moved\u003c/H1\u003e\nThe document has moved\n\u003cA HREF=\"http://www.google.co.jp/?gfe_rd=cr\u0026amp;dcr=0\u0026amp;ei=GCKtWbD0AaLEXuTmr7gK\"\u003ehere\u003c/A\u003e.\n\u003c/BODY\u003e\u003c/HTML\u003e\n```\n\nIf your proxy doesn't support CONNECT method to DNS port, it cannot resolve public domain name transparently.\nFortunately, Google privides [DNS-over-HTTPS service](https://developers.google.com/speed/public-dns/docs/dns-over-https), so you can use this service as public DNS by adding `-dns-over-https-enabled` option instead of `-public-dns` option as below even if your proxy supports CONNECT method to 443 port only.\n\n```\nsudo -E transproxy -private-dns 192.168.0.100 -dns-over-https-enabled\n```\n\nIf you can resolve all domains directly from local LAN, run command without dns related options as below. \nIt disables DNS-Proxy.\n\n```\nsudo -E transproxy\n```\n\nIf you need to use both public DNS and private DNS, and need to use public DNS directly, run command with `-dns-over-tcp-disabled` option as below.\nIt suppresses to insert a iptables OUTPUT rule for DNS over TCP.\n\n```\nsudo -E transproxy -private-dns 192.168.0.100 -public-dns 172.16.0.1 -dns-over-tcp-disabled\n```\n\nIf you want to use an application which access to internet using port 5000, run command with `-tcp-proxy-dports` option as below.\n\n```\nsudo -E transproxy -private-dns 192.168.0.100 -public-dns 8.8.8.8 -tcp-proxy-dports 22,5000\n```\n\n## Current Limitation\n\n* HTTP proxy: Only works with HTTP host header.\n* HTTPS proxy: `no_proxy` only works with IP Address and CIDR if your https client doesn't support [SNI](https://en.wikipedia.org/wiki/Server_Name_Indication).\n* TCP proxy: `no_proxy` only works with IP Address and CIDR.\n\n## Licence\n\nLicensed under the [MIT](/LICENSE) license.\n\n## Author\n\n[Hiroyuki Wada](https://github.com/wadahiro)\n\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwadahiro%2Fgo-transproxy","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwadahiro%2Fgo-transproxy","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwadahiro%2Fgo-transproxy/lists"}