https://github.com/XOR-op/BoltConn
Privacy-oriented proxy & network manager, supporting WireGuard, L7 firewall, App-based policies and scripted MitM.
https://github.com/XOR-op/BoltConn
firewall http https linux macos mitm proxies proxy rust transparent-proxy tunnel wireguard
Last synced: 5 months ago
JSON representation
Privacy-oriented proxy & network manager, supporting WireGuard, L7 firewall, App-based policies and scripted MitM.
- Host: GitHub
- URL: https://github.com/XOR-op/BoltConn
- Owner: XOR-op
- License: gpl-3.0
- Created: 2022-10-23T09:54:39.000Z (over 3 years ago)
- Default Branch: main
- Last Pushed: 2024-11-29T22:18:42.000Z (about 1 year ago)
- Last Synced: 2024-11-29T22:33:54.083Z (about 1 year ago)
- Topics: firewall, http, https, linux, macos, mitm, proxies, proxy, rust, transparent-proxy, tunnel, wireguard
- Language: Rust
- Homepage:
- Size: 1.3 MB
- Stars: 55
- Watchers: 4
- Forks: 2
- Open Issues: 4
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
BoltConn
A go-to solution for transparent application proxy & firewall with tunneling and MitM, designed with privacy and security in mind.
All efforts made to make you fully control your network. Experimental webui & desktop client is available in [XOR-op/BoltBoard](https://github.com/XOR-op/BoltBoard).
## Features
- **Fine-grained Traffic Control**: Allow VPN-style global control, or dedicated http/socks5 per-inbound control.
- **Rule-based Blocking**: Block ad/tracking traffic on a per-process/per-website/flexible way.
- **Rule-based Tunneling**: Flexible way to tunnel traffic through http/socks5/wireguard/etc outbounds. Able to use compatible rules from similar community.
- **Audit Traffic**: Audit traffic history by accessing API or dumping into SQLite.
- **Modify HTTPS Data**: Manipulate requests and responses inside HTTPS traffic to redirect, block or modify them. Support injecting Javascript now.
For the full features, see [features.md](./docs/features.md).
## Getting Started
### Installation
#### Pre-built binaries
- Download pre-built binaries from [release](https://github.com/XOR-op/BoltConn/releases) and add the path of the binary to `$PATH`.
#### Install latest git version with cargo
```bash
cargo install --locked --git https://github.com/XOR-op/BoltConn
```
### Configuration
Before running BoltConn, you should run these two commands first:
1. Create necessary configuration and runtime files. The default configuration path is `$HOME/.config/boltconn`, and the
default runtime path is `$HOME/.local/share/boltconn`:
```bash
# generate configuration files
boltconn generate init
```
2. Generate root certificates with proper permissions for MitM:
```bash
# generate root certificates and make them readable only by root user (recommended)
sudo -E boltconn generate cert
# or generate them without configuring permissions
boltconn generate cert --rootless
```
### Run BoltConn
```bash
# run BoltConn globally
sudo -E boltconn start
# or run BoltConn with rootless mode (certain features will be unavailable)
boltconn start --rootless
```
### CLI Tools for Management
```bash
boltconn [conn/proxy/rule/tun/reload/...]
```
See `boltconn --help` for more help.
## Documentations
> [!NOTE]
> Documentations are outdated now. Please wait for our update.
Learn more about BoltConn's architecture, RESTful API, and how it compares to other related projects:
- [design.md](./docs/design.md) explains BoltConn's architecture.
- [restful.md](./docs/restful.md) covers BoltConn's RESTful API.
- [features.md](./docs/features.md) lists full features of BoltConn.
## Future Plan
- Stablize Windows support with Wintun driver (it's experimental now).
## License
This software is released under the GPL-3.0 license.