This is the project we used to build enterprise-oriented generic proxy solutions, including but not limited to proxy / reverse proxy (WIP) / load balancer (TBD) / nat traversal (TBD).
The G3 project consists of many applications, each of which has a separate subdirectory containing its own code, documentation, etc.
In addition to the application directories, there are some public directories:
- doc Contains project-level documentation.
- sphinx is used to generate HTML reference documents for each application.
- scripts Contains various auxiliary scripts, including coverage testing, packaging scripts, etc.
A generic forward proxy solution, but you can also use it as tcp streaming / transparent proxy / reverse proxy as we have basic support built in.
- Async Rust: fast and reliable
- Http1 / Socks5 forward proxy protocol, SNI Proxy and TCP TPROXY
- easy-proxy Well-Known URI
- Proxy Chaining, with support for dynamic selection of upstream proxies
- Plenty of egress route selection methods, with support for custom egress selection agent
- TCP/TLS Stream Proxy, Basic HTTP Reverse Proxy
- TLS over OpenSSL or BoringSSL or AWS-LC or Tongsuo, and even rustls
- TLS MITM interception, decrypted traffic dump, HTTP1/HTTP2/IMAP/SMTP interception
- ICAP adaptation for HTTP1/HTTP2/IMAP/SMTP, can integrate seamlessly with 3rd-party security products
- Graceful reload
- Customizable load balancing and failover strategies
- User Auth, with a rich set of config options
- Can set differential site config for each user
- Rich ACL/Limit rules, at ingress / egress / user level
- Rich monitoring metrics, at ingress / egress / user / user-site level
- Support for a variety of observability tools
README | User Guide | Reference Doc
A StatsD compatible stats aggregator.
A work in progress reverse proxy solution.
A benchmark tool that supports HTTP 1.x, HTTP 2, HTTP 3, TLS Handshake, DNS and Cloudflare Keyless.
A tool to make root CA / intermediate CA / TLS server / TLS client certificates.
Fake certificate generator for g3proxy.
IP location lookup service for g3proxy GeoIP support.
A simple implementation of Cloudflare keyless server.
Only Linux is fully supported yet. The code will compile on FreeBSD, NetBSD, macOS and Windows, but we haven't tested it there.
Feel free to open PRs to add support for other platforms.
Follow Dev-Setup.
Follow Standards.
See Packaging.
See Static Linking.
See OpenSSL Variants.
See Long-Term Support.
Please check Contributing for more details.
Please check Code of Conduct for more details.
If you discover a potential security issue in this project, or think you may have discovered a security issue, we ask that you notify Bytedance Security via our security center or vulnerability reporting email.
Please do not create a public GitHub issue.
This project is licensed under the Apache-2.0 License.
g3proxy has joined 404Starlink