Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/yinqiwen/snova-asio
Lightweight Proxy Tool
https://github.com/yinqiwen/snova-asio
cpp20 dns-over-https dns-over-tls dns-proxy forward-proxy low-end-devices proxy reverse-proxy sock5-proxy-server
Last synced: 8 days ago
JSON representation
Lightweight Proxy Tool
- Host: GitHub
- URL: https://github.com/yinqiwen/snova-asio
- Owner: yinqiwen
- License: apache-2.0
- Created: 2022-06-08T02:43:05.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2022-09-12T12:52:26.000Z (about 2 years ago)
- Last Synced: 2024-04-15T03:00:32.502Z (7 months ago)
- Topics: cpp20, dns-over-https, dns-over-tls, dns-proxy, forward-proxy, low-end-devices, proxy, reverse-proxy, sock5-proxy-server
- Language: C++
- Homepage:
- Size: 341 KB
- Stars: 35
- Watchers: 5
- Forks: 3
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# snova-asio
[](https://github.com/yinqiwen/snova-asio/actions/workflows/ci.yaml) [](https://github.com/yinqiwen/snova-asio/actions/workflows/codeql.yaml) [](https://github.com/yinqiwen/snova-asio/actions/workflows/super-linter.yaml) [](https://www.codacy.com/gh/yinqiwen/snova-asio/dashboard?utm_source=github.com&utm_medium=referral&utm_content=yinqiwen/snova-asio&utm_campaign=Badge_Grade)    
A lightweight network proxy tool write by c++20 for low-end boxes or embedded devices.
## Features
- Forward Proxy(tcp)
- Reverse Proxy(tcp)
- DNS Proxy(DoT/DoH)
## Usage
Full command options:
```bash
[snova-asio]# ./bazel-bin/snova/app/snova -h
SNOVA:A private proxy tool for low-end boxes.
Usage: ./bazel-bin/snova/app/snova [OPTIONS]
Options:
-h,--help Print this help message and exit
--version Display program version information and exit
--config Config file path, all cli options can be set into a toml file as the config.
--log_file TEXT Log file, default is stdout
--max_log_file_size INT Max log file size
--max_log_file_num INT Max log file number
--alsologtostderr BOOLEAN Also log to stderr
--listen TEXT ... Listen address
--user TEXT Auth user name
--proxy TEXT The proxy server to connect remote mux server.
--remote TEXT Remote server address
--conn_num_per_server UINT Remote server connection number per server.
--conn_expire_secs UINT Remote server connection expire seconds, default 1800s.
--conn_max_inactive_secs UINT
Close connection if it's inactive 'conn_max_inactive_secs' ago.
--max_iobuf_pool_size UINT IOBuf pool max size
--stream_io_timeout_secs UINT
Proxy stream IO timeout secs, default 300s
--stat_log_period_secs UINT Print stat log every 'stat_log_period_secs', set it to 0 to disable stat log.
--client_cipher_method TEXT Client cipher method
--client_cipher_key TEXT Client cipher key
--server_cipher_method TEXT Server cipher method
--server_cipher_key TEXT Server cipher key
--entry BOOLEAN Run as entry node.
--middle BOOLEAN Run as middle node.
--exit BOOLEAN Run as exit node.
--redirect BOOLEAN Run as redirect server for entry node.
--entry_socket_send_buffer_size UINT
Entry server socket send buffer size.
--entry_socket_recv_buffer_size UINT
Entry server socket recv buffer size.
-L TEXT ... Local tunnel options, foramt ::, only works with entry node.
-R TEXT ... Remote tunnel options, foramt ::, only works with exit node.
```
### Private Forward Proxy
First, start exit server on remote machine:
```bash
./snova --exit 1 --listen :48100 --server_cipher_key my_test_cipher_key
```
Second, start entry server on local machine:
```bash
./snova --entry 1 --listen :48100 --client_cipher_key my_test_cipher_key --remote :
```
This step would launch a socks5 proxy server on port 48100.
This tool can also run in a router with redirect mode, eg:
```bash
./snova --entry 1 --redirect 1 --listen 0.0.0.0:48100 --client_cipher_key my_test_cipher_key --remote :
```
Now you can config local entry server as the iptables redirect target.
### Private Forward Proxy With Middle Server
If you want use server E as the proxy exit server, but server E has no right to listen on a public IP; and there is a server M which has a public IP;
First, start middle server on server M:
```bash
./snova --middle 1 --listen :48100 --server_cipher_key my_test_cipher_key
```
Second, start exit server on server E:
```bash
./snova --exit 1 --listen :48100 --client_cipher_key my_test_cipher_key --remote :48100 --user bob
```
Finally, start entry server on local machine to connect middle server M:
```bash
./snova --entry 1 --listen :48100 --client_cipher_key my_test_cipher_key --remote :48100 --user bob
```
This step would launch a socks5 proxy server on port 48100.
### Private Forward Proxy Chains
First, start exit server on remote machine C:
```bash
./snova --exit 1 --listen :48100 --server_cipher_key my_test_cipher_key
```
Second, start middle server on remote machine B:
```bash
# the remote address can be set to middle server ip:port
./snova --middle 1 --listen :48100 --server_cipher_key my_test_cipher_key --client_cipher_key my_test_cipher_key --remote :
```
You can repeate this step if you want more middle servers.
Finally, start entry server on local machine:
```bash
./snova --entry 1 --listen :48100 --client_cipher_key my_test_cipher_key --remote :
```
This step would launch a socks5 proxy server on port 48100.
### Reverse Proxy
#### Local Tunnel
This is an example to expose ssh service on server C to server A via server B by local tunnel mode;
First, start exit server on server B:
```bash
./snova --exit 1 --listen :48100 --server_cipher_key my_test_cipher_key
```
Second, start entry server on server A to connect server B with local tunnel options to ssh service on server C:
```bash
./snova --entry 1 --client_cipher_key my_test_cipher_key --remote :48100 -L 48100::22
```
Now u can connect the ssh service on server C from server A's port 48100:
```bash
ssh username@ -p 48100
```
#### Remote Tunnel
This is an example to expose ssh service on server C to server A via server B by remote tunnel mode;
First, start entry server on server A:
```bash
./snova --entry 1 --listen mux://:48100 --server_cipher_key my_test_cipher_key
```
Second, start exit server on server B connect entry server with remote tunnel options to ssh service on server C:
```bash
./snova --exit 1 --client_cipher_key my_test_cipher_key --remote :48100 -R 48100::22
```
Now u can connect the ssh service on server C from server A's port 48100:
```bash
ssh username@ -p 48100
```
#### Local Tunnel With Middle Server
First, start middle server on server M:
```bash
./snova --middle 1 --listen :48100 --server_cipher_key my_test_cipher_key
```
Second, start exit server on server B connect middle server:
```bash
./snova --exit 1 --client_cipher_key my_test_cipher_key --remote :48100
```
Finally, start entry server on on server A to connect server M with local tunnel options to ssh service on server C:
```bash
./snova --entry 1 --client_cipher_key my_test_cipher_key --remote :48100 -L 48100::22
```
Now u can connect the ssh service on server C from server A's port 48100:
```bash
ssh username@ -p 48100
```