### Install and Run pvpn VPN Server Source: https://github.com/moreati/pproxy/blob/master/README.rst This snippet demonstrates how to install the pvpn Python package and run it as a VPN server. It covers the installation command and the server startup command with example parameters. ```bash pip3 install pvpn pvpn -wg 9999 -r http://remote_server:remote_port ``` -------------------------------- ### PyPy3 Quickstart for pproxy Source: https://github.com/moreati/pproxy/blob/master/README.rst Provides instructions for setting up PyPy3 and installing necessary dependencies for pproxy, including asyncio and pproxy itself. ```Shell $ pypy3 -m ensurepip $ pypy3 -m pip install asyncio pproxy ``` -------------------------------- ### Start pproxy with Rules and Remote Proxy Source: https://github.com/moreati/pproxy/blob/master/README.rst This example demonstrates how to start the pproxy server, specifying a remote HTTP proxy and providing rules for traffic management. It shows the server's output indicating the protocols it serves and the connections it establishes. ```bash $ pproxy -r http://aa.bb.cc.dd:8080?rules -vv Serving on :8080 by http,socks4,socks5 http ::1:57768 -> http aa.bb.cc.dd:8080 -> www.googleapis.com:443 http ::1:57772 -> www.yahoo.com:80 socks4 ::1:57770 -> http aa.bb.cc.dd:8080 -> www.youtube.com:443 ``` -------------------------------- ### pvpn Server Output Example Source: https://github.com/moreati/pproxy/blob/master/README.rst This snippet shows the typical output when a pvpn VPN server starts successfully. It indicates the ports it is serving on and network connection details. ```bash Serving on UDP :500 :4500... Serving on UDP :9000 (WIREGUARD)... TCP xx.xx.xx.xx:xx -> HTTP xx.xx.xx.xx:xx -> xx.xx.xx.xx:xx ``` -------------------------------- ### pproxy Server API Example Source: https://github.com/moreati/pproxy/blob/master/README.rst Provides an example of setting up a pproxy server. It configures the server to listen on a specific address and forwards connections to a remote proxy server, handling graceful shutdown. ```python import asyncio import pproxy server = pproxy.Server('ss://0.0.0.0:1234') remote = pproxy.Connection('ss://1.2.3.4:5678') args = dict( rserver = [remote], verbose = print ) loop = asyncio.get_event_loop() handler = loop.run_until_complete(server.start_server(args)) try: loop.run_forever() except KeyboardInterrupt: print('exit!') handler.close() loop.run_until_complete(handler.wait_closed()) loop.run_until_complete(loop.shutdown_asyncgens()) loop.close() ``` -------------------------------- ### pproxy TCP Client API Example Source: https://github.com/moreati/pproxy/blob/master/README.rst Demonstrates how to establish a TCP connection through a pproxy server. It connects to a remote host and port, sends an HTTP GET request, and prints the response. ```python import asyncio import pproxy async def test_tcp(proxy_uri): conn = pproxy.Connection(proxy_uri) reader, writer = await conn.tcp_connect('google.com', 80) writer.write(b'GET / HTTP/1.1\r\n\r\n') data = await reader.read(1024*16) print(data.decode()) asyncio.run(test_tcp('ss://aes-256-cfb:password@remote_host:remote_port')) ``` -------------------------------- ### Install pproxy Source: https://github.com/moreati/pproxy/blob/master/README.rst Installs the pproxy package using pip. The optional '[accelerated]' extra installs PyCryptodome for better performance with C ciphers. ```bash pip3 install pproxy Successfully installed pproxy-1.9.5 ``` ```bash pip3 install pproxy[accelerated] Successfully installed pycryptodome-3.6.4 ``` -------------------------------- ### Start pproxy with Base64 Encoded Cipher Source: https://github.com/moreati/pproxy/blob/master/README.rst This example demonstrates using a base64 encoded string for cipher configuration in pproxy, which is equivalent to providing the cipher and key directly. This is useful for passing credentials securely. ```bash $ pproxy -l ss://Y2hhY2hhMjA6Y2lwaGVyX2tleQ==@:12345 ``` -------------------------------- ### Start pproxy with ShadowsocksR and TLS Plugin Source: https://github.com/moreati/pproxy/blob/master/README.rst This example shows how to configure pproxy with ShadowsocksR (SSR) protocol, specifying a cipher, password, and a plugin ('tls1.2_ticket_auth') to emulate TLS traffic for enhanced stealth. ```bash $ pproxy -l ssr://chacha20:mypass@0.0.0.0:443/,tls1.2_ticket_auth,verify_simple ``` -------------------------------- ### Start pproxy with Unix Domain Socket and SSL Source: https://github.com/moreati/pproxy/blob/master/README.rst This complex example shows pproxy listening on a Unix domain socket with cipher encryption (salsa20) and OTA packet protocol enabled. It also configures a remote HTTPS proxy with basic HTTP authentication. ```bash $ pproxy -l ss://salsa20!:complex_cipher_key@/tmp/pproxy_socket -r http+ssl://domain1.com:443#username:password ``` -------------------------------- ### QUIC Protocol Setup Source: https://github.com/moreati/pproxy/blob/master/README.rst Demonstrates how to proxy traffic using the QUIC protocol, which is a UDP-based stream protocol used in HTTP/3. Requires the 'aioquic' library and SSL certificates. ```bash pip3 install aioquic $ pproxy --ssl ssl.crt,ssl.key -l quic+http://:1234 On the client: $ pproxy -r quic+http://server:1234 ``` -------------------------------- ### pproxy UDP Client API Example Source: https://github.com/moreati/pproxy/blob/master/README.rst Shows how to send data over UDP using the pproxy client API. It sends a DNS query to Google's DNS server and prints the received answer. ```python import asyncio import pproxy async def test_udp(proxy_uri): conn = pproxy.Connection(proxy_uri) answer = asyncio.Future() await conn.udp_sendto('8.8.8.8', 53, b'hello the world', answer.set_result) await answer print(answer.result()) asyncio.run(test_udp('ss://chacha20:password@remote_host:remote_port')) ``` -------------------------------- ### WebSocket Tunneling - Remote Setup Source: https://github.com/moreati/pproxy/blob/master/README.rst Initializes a pproxy server on a remote machine to listen for WebSocket connections and forward traffic to a specified local proxy. This is the first step in setting up a WebSocket tunnel. ```bash $ pproxy -l ws://:80 -r tunnel:///tmp/myproxy -v $ pproxy -l ss://chacha20:abc@/tmp/myproxy -v ``` -------------------------------- ### TCP Raw Connection Tunnel Source: https://github.com/moreati/pproxy/blob/master/README.rst This example shows how to set up a raw TCP tunnel with pproxy, allowing direct TCP connections to a specified host. It's demonstrated with a 'google.com' host and accessed via curl. ```bash $ pproxy -l tunnel{google.com}://:80 $ curl -H "Host: google.com" http://localhost ``` -------------------------------- ### PF Redirect Example (MacOS) Source: https://github.com/moreati/pproxy/blob/master/README.rst This example demonstrates how to use pfctl on macOS to redirect network traffic. It redirects TCP traffic on port 80 to a local pproxy listener (port 8080), which then tunnels it to a remote SOCKS5 server. ```bash $ sudo pfctl -ef /dev/stdin rdr pass on lo0 inet proto tcp from any to any port 80 -> 127.0.0.1 port 8080 pass out on en0 route-to lo0 inet proto tcp from any to any port 80 keep state ^D $ sudo pproxy -l pf://:8080 -r socks5://remote_socks5_server:1324 -vv ``` -------------------------------- ### Backward Proxy with SSH Jump Source: https://github.com/moreati/pproxy/blob/master/README.rst Demonstrates a complex backward proxy setup where the server connects to the client via an SSH jump server. This allows proxying traffic through multiple hops. ```bash $ pproxy -l http+in://jumpserver__http://client_ip:8081 ``` -------------------------------- ### Run pproxy Source: https://github.com/moreati/pproxy/blob/master/README.rst Starts the pproxy server. By default, it serves on port 8080 with HTTP, SOCKS4, and SOCKS5 protocols. It can also be configured to serve specific protocols like Shadowsocks with a given cipher and password. ```bash pproxy Serving on :8080 by http,socks4,socks5 ^C ``` ```bash pproxy -l ss://chacha20:abc@:8080 Serving on :8080 by ss (chacha20-py) ``` -------------------------------- ### Load Balancing with Random Choice Source: https://github.com/moreati/pproxy/blob/master/README.rst Demonstrates load balancing using the 'rc' (random choice) algorithm for UDP traffic. This example shows how to distribute UDP traffic to multiple tunnel endpoints randomly. ```bash $ pproxy -ul tunnel://:53 -ur tunnel://8.8.8.8:53 -ur tunnel://8.8.4.4:53 -s rc -vv UDP tunnel ::1:35378 -> tunnel 8.8.8.8:53 UDP tunnel ::1:35378 -> tunnel 8.8.4.4:53 ``` -------------------------------- ### Multiple Jumps Proxy Chaining Source: https://github.com/moreati/pproxy/blob/master/README.rst This example illustrates how to chain multiple proxy servers together using pproxy. Traffic is routed sequentially through server1, then server2, and finally server3, with server3 handling the actual connection. ```bash $ pproxy -r http://server1__ss://server2__socks://server3 ``` -------------------------------- ### Route Traffic with Local Bind IP Syntax Source: https://github.com/moreati/pproxy/blob/master/README.rst This example demonstrates using the '@localbind' URI syntax in pproxy to route traffic based on rules to specific local IP interfaces. It shows how to direct traffic matched by 'rule1' and 'rule2' to different destinations. ```bash $ pproxy -l ss://:8000/@in -r ss://111.0.0.2:8000/@111.0.0.1?rule1 -r ss://222.0.0.2:8000/@222.0.0.1?rule2 ``` -------------------------------- ### SSH Remote Forwarding Example Source: https://github.com/moreati/pproxy/blob/master/README.rst Demonstrates SSH remote forwarding where a TCP port on a remote server is forwarded to a local machine. This allows local services to be accessed from the remote server. ```bash $ pproxy -l ssh://server__tunnel://0.0.0.0:1234 -r tunnel://127.0.0.1:1234 TCP :1234 on remote server is forwarded to 127.0.0.1:1234 on local server ``` -------------------------------- ### Start pproxy with SSL/TLS Server and PAC file Source: https://github.com/moreati/pproxy/blob/master/README.rst This configuration enables pproxy to act as an SSL/TLS server, listening on both HTTP and HTTPS ports. It specifies certificate and key files for SSL/TLS and enables the PAC (Proxy Auto-Config) feature. ```bash $ pproxy -l http+ssl://0.0.0.0:443 -l http://0.0.0.0:80 --ssl server.crt,server.key --pac /autopac ``` -------------------------------- ### Load Balancing with Round Robin Source: https://github.com/moreati/pproxy/blob/master/README.rst Sets up proxying with multiple backend servers and uses the 'rr' (round robin) scheduling algorithm for load distribution. This example shows how to balance HTTP, SS, and SOCKS5 traffic across different servers. ```bash $ pproxy -r http://server1 -r ss://server2 -r socks5://server3 -s rr -vv http ::1:42356 -> http server1 -> google.com:443 http ::1:42357 -> ss server2 -> google.com:443 http ::1:42358 -> socks5 server3 -> google.com:443 http ::1:42359 -> http server1 -> google.com:443 ``` -------------------------------- ### WebSocket Tunneling - Local Setup Source: https://github.com/moreati/pproxy/blob/master/README.rst Connects a local pproxy client to a remote WebSocket server. This establishes the second part of the WebSocket tunnel, allowing local traffic to be forwarded through the remote WebSocket listener. ```bash $ pproxy -l tunnel://:1234 -r ws://remote_ip:80 -vv Then port :1234 on local machine is connected to the /tmp/myproxy on remote machine by WebSocket tunnel. ``` -------------------------------- ### SSH Client Tunnel - Password Authentication Source: https://github.com/moreati/pproxy/blob/master/README.rst Configures pproxy to use an SSH client tunnel for proxying traffic. This example shows how to authenticate to the SSH server using a username and password. ```bash $ pproxy -l http://:8080 -r ssh://remote_server.com/#login:password ``` -------------------------------- ### Start pproxy with Cipher Encryption (chacha20) Source: https://github.com/moreati/pproxy/blob/master/README.rst This command shows how to configure pproxy for encrypted communication using the chacha20 stream cipher. It specifies local listening ports and remote proxy details, including the cipher and a secret key. ```bash $ pproxy -l ss://:8888 -r ss://chacha20:cipher_key@aa.bb.cc.dd:12345 -vv ``` -------------------------------- ### Basic UDP Tunneling Source: https://github.com/moreati/pproxy/blob/master/README.rst Establishes a UDP tunnel through a remote server using the 'ss' (Shadowsocks) protocol. This example shows how to proxy UDP traffic from a local machine to a remote destination via an intermediate server. ```bash $ pproxy -ul ss://remote_server:13245 ``` -------------------------------- ### UDP DNS Tunnel Source: https://github.com/moreati/pproxy/blob/master/README.rst This example demonstrates setting up a UDP tunnel with pproxy, specifically for DNS traffic. It routes UDP traffic to a specified IP address (8.8.8.8) on port 53 and shows how to query it using nslookup. ```bash $ pproxy -ul tunnel{8.8.8.8}://:53 $ nslookup google.com localhost ``` -------------------------------- ### Complex SSH Remote Forwarding with SS Source: https://github.com/moreati/pproxy/blob/master/README.rst An advanced example of SSH remote forwarding combined with the SS protocol. It shows how to forward a listening port on a remote SSH server through multiple SSH hops to an SS proxy. ```bash $ pproxy -l ssh://server1__ssh://server2__ss://0.0.0.0:1234 -r ss://server3:1234 It is a complicated example. SSH server2 is jumped from SSH server1, and ss://0.0.0.0:1234 on server2 is listened. Traffic is forwarded to ss://server3:1234. ``` -------------------------------- ### Generate Self-Signed SSL Certificates Source: https://github.com/moreati/pproxy/blob/master/README.rst This sequence of OpenSSL commands guides the user through generating a private key, a certificate signing request (CSR), and finally a self-signed SSL certificate and key pair for use with pproxy's SSL/TLS server. ```bash $ openssl genrsa -des3 -out server.key 1024 $ openssl req -new -key server.key -out server.csr $ cp server.key server.key.org $ openssl rsa -in server.key.org -out server.key $ openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt ``` -------------------------------- ### IPTable NAT Redirect Example (Ubuntu) Source: https://github.com/moreati/pproxy/blob/master/README.rst This snippet shows how to use iptables on Ubuntu to redirect all outgoing TCP traffic destined for port 80 to a local port (5555) where pproxy is listening. This allows pproxy to intercept and tunnel the traffic. ```bash $ sudo iptables -t nat -A OUTPUT -p tcp --dport 80 -j REDIRECT --to-ports 5555 $ pproxy -l redir://:5555 -r http://remote_http_server:3128 -vv ``` -------------------------------- ### pproxy Command-Line Usage Source: https://github.com/moreati/pproxy/blob/master/README.rst Demonstrates the command-line interface for pproxy, detailing its usage and available optional arguments for configuration. ```APIDOC usage: pproxy [-h] [-l LISTEN] [-r RSERVER] [-ul ULISTEN] [-ur URSERVER] [-b BLOCK] [-a ALIVED] [-v] [--ssl SSLFILE] [--pac PAC] [--get GETS] [--sys] [--test TESTURL] [--version] Proxy server that can tunnel among remote servers by regex rules. Supported protocols: http,socks4,socks5,shadowsocks,shadowsocksr,redirect,pf,tunnel optional arguments: -h, --help show this help message and exit -l LISTEN tcp server uri (default: http+socks4+socks5://:8080/) -r RSERVER tcp remote server uri (default: direct) -ul ULISTEN udp server setting uri (default: none) -ur URSERVER udp remote server uri (default: direct) -b BLOCK block regex rules -a ALIVED check alived server interval (default: 60) -v, --verbose verbose mode --ssl SSLFILE ssl client key and cert file --pac PAC pac file path --get GETS get server list from url --sys use system proxy --test TESTURL test url --version show program's version number and exit ``` -------------------------------- ### pproxy Command-Line Options Source: https://github.com/moreati/pproxy/blob/master/README.rst Lists the available command-line arguments for the pproxy tool, detailing their purpose and default values. ```APIDOC pproxy Command-Line Options: -a ALIVED interval to check remote alive (default: no check) -s {fa,rr,rc,lc} scheduling algorithm (default: first_available) -v print verbose output --ssl SSLFILE certfile[,keyfile] if server listen in ssl mode --pac PAC http PAC path --get GETS http custom {path,file} --sys change system proxy setting (mac, windows) --test TEST test this url for all remote proxies and exit --version show program's version number and exit Online help: ``` -------------------------------- ### pproxy Supported Protocols Source: https://github.com/moreati/pproxy/blob/master/README.rst Lists the various proxy protocols supported by pproxy, along with their associated URI schemes for configuration. ```APIDOC +-------------------+------------+------------+------------+------------+--------------+ | shadowsocksR | ✔ | ✔ | | | ssr:// | +-------------------+------------+------------+------------+------------+--------------+ | trojan | ✔ | ✔ | | | trojan:// | +-------------------+------------+------------+------------+------------+--------------+ | ssh tunnel | | ✔ | | | ssh:// | +-------------------+------------+------------+------------+------------+--------------+ | quic | ✔ by UDP | ✔ by UDP | ✔ | ✔ | http+quic:// | +-------------------+------------+------------+------------+------------+--------------+ | iptables nat | ✔ | | | | redir:// | +-------------------+------------+------------+------------+------------+--------------+ | pfctl nat (macos) | ✔ | | | | pf:// | +-------------------+------------+------------+------------+------------+--------------+ | echo | ✔ | | ✔ | | echo:// | +-------------------+------------+------------+------------+------------+--------------+ | tunnel | ✔ | ✔ | ✔ | ✔ | tunnel:// | | (raw socket) | | | | | tunnel{ip}://| +-------------------+------------+------------+------------+------------+--------------+ | websocket | ✔ | ✔ | | | ws:// | | (simple tunnel) | | | | | ws{dst_ip}://| +-------------------+------------+------------+------------+------------+--------------+ | xxx over TLS | ✔ | ✔ | | | xxx+ssl:// | +-------------------+------------+------------+------------+------------+--------------+ | AUTO DETECT | ✔ | | ✔ | | a+b+c+d:// | +-------------------+------------+------------+------------+------------+--------------+ ``` -------------------------------- ### pproxy Scheduling Algorithms Source: https://github.com/moreati/pproxy/blob/master/README.rst Details the scheduling algorithms available for pproxy, indicating their support for TCP and UDP traffic, and the associated command-line parameters. ```APIDOC +-------------------+------------+------------+------------+------------+ | Name | TCP | UDP | Parameter | Default | +===================+============+============+============+============+ | first_available | ✔ | ✔ | -s fa | ✔ | +-------------------+------------+------------+------------+------------+ | round_robin | ✔ | ✔ | -s rr | | +-------------------+------------+------------+------------+------------+ | random_choice | ✔ | ✔ | -s rc | | +-------------------+------------+------------+------------+------------+ | least_connection | ✔ | | -s lc | | +-------------------+------------+------------+------------+------------+ ``` -------------------------------- ### Run pproxy with Docker Source: https://github.com/moreati/pproxy/blob/master/README.rst Runs the pproxy container using Docker. It supports both Python 3 and PyPy 3 versions, allowing users to map ports and specify proxy configurations via command-line arguments. ```docker docker run -it -p 8080:8080 mosajjal/pproxy:latest -l http://:8080 -vv ``` ```docker docker run -it -p 8080:8080 mosajjal/pproxy:latest-pypy -l http://:8080 -vv ``` -------------------------------- ### Backward Proxy - Server Configuration Source: https://github.com/moreati/pproxy/blob/master/README.rst Sets up the pproxy server to listen for incoming backward proxy connections from clients. The server waits for client proxy requests on a specified port. ```bash $ pproxy -l http+in://client_ip:8081 ``` -------------------------------- ### pproxy Supported Schemes Source: https://github.com/moreati/pproxy/blob/master/README.rst Details the various network protocols supported by pproxy, including their function and usage context. ```APIDOC Supported Schemes: http: HTTP protocol (CONNECT) httponly: HTTP protocol (GET/POST), works only on http traffic. socks4: SOCKS4 protocol socks5: SOCKS5 protocol ss: Shadowsocks protocol ssr: ShadowsocksR (SSR) protocol trojan: Trojan protocol (https://trojan-gfw.github.io/trojan/protocol) ssh: SSH client tunnel redir: Redirect (iptables NAT) pf: pfctl (macOS pf NAT) ssl: Unsecured SSL/TLS (no certificate validation) secure: Secured SSL/TLS (with certificate validation) tunnel: Raw connection ws: WebSocket connection echo: Echo-back service direct: Direct connection ``` -------------------------------- ### SSH Client Tunnel - Private Key Authentication Source: https://github.com/moreati/pproxy/blob/master/README.rst Sets up an SSH client tunnel for pproxy, authenticating to the SSH server using a private key. The private key path is specified after a double colon. ```bash $ pproxy -l http://:8080 -r ssh://remote_server.com/#login::private_key_path ``` -------------------------------- ### pproxy Configuration Parameters Source: https://github.com/moreati/pproxy/blob/master/README.rst Details common configuration parameters for pproxy, including network address formats, plugin specifications, and authentication methods. URIs can be joined with '__' for tunneling. ```apidoc netloc: Format: "hostname:port" or "/unix_domain_socket". If hostname is empty, server listens on all interfaces. Valid examples: localhost:8080, 0.0.0.0:8123, /tmp/domain_socket, :8123 localbind: Format: "@in" or "@ipv4_address" or "@ipv6_address". Valid examples: @in, @192.168.1.15, @::1 plugins: Format: Multiple plugins joined by ",". Supported plugins: plain, origin, http_simple, tls1.2_ticket_auth, verify_simple, verify_deflate. Valid example: /,tls1.2_ticket_auth,verify_simple rules: Format: Filename containing regex rules. auth: Format: Username, colon ':', and password. URI Tunneling: Format: URIs joined by "__" to indicate tunneling. Example: ss://1.2.3.4:1324__http://4.5.6.7:4321 ``` -------------------------------- ### Apply CLI Proxy Source: https://github.com/moreati/pproxy/blob/master/README.rst Sets environment variables to direct HTTP and HTTPS traffic through a locally running pproxy instance, typically used on macOS and Linux systems. ```bash export http_proxy=http://localhost:8080 export https_proxy=http://localhost:8080 ``` -------------------------------- ### pproxy Cipher Table Source: https://github.com/moreati/pproxy/blob/master/README.rst Lists supported ciphers, their key sizes, and implementation notes. Some pure Python ciphers are slow and may require PyPy or pycryptodome for better performance. AEAD ciphers have specific protocol requirements. ```apidoc Cipher Name | Key Size | IV Size | Notes --------------------|----------|---------|---------------------- aes-256-ctr | | | aes-256-ofb | | | aes-256-cfb8 | | | aes-256-cfb1-py | | | slow, pure python aes-256-gcm | 32 | 32 | AEAD aes-192-gcm | 24 | 24 | AEAD aes-128-gcm | 16 | 16 | AEAD camellia-256-cfb | 32 | 16 | 4 camellia-192-cfb | 24 | 16 | 4 camellia-128-cfb | 16 | 16 | 4 bf-cfb | 16 | 8 | 1 cast5-cfb | 16 | 8 | 2.5 des-cfb | 8 | 8 | 1.5 rc2-cfb-py | 16 | 8 | 2, pure python idea-cfb-py | 16 | 8 | 2.5, pure python seed-cfb-py | 16 | 16 | 2, pure python ``` -------------------------------- ### pproxy URI Syntax Source: https://github.com/moreati/pproxy/blob/master/README.rst Defines the structure for URIs used by the pproxy tool, including scheme, cipher, plugins, rules, and authentication. ```APIDOC URI Syntax: {scheme}://[{cipher}@]{netloc}/[@{localbind}][,{plugins}][?{rules}][#{auth}] Parameters: scheme: Protocol scheme. Can be linked with '+' for multiple protocols. Supported schemes include: http, httponly, socks4, socks5, ss, ssr, trojan, ssh, redir, pf, ssl, secure, tunnel, ws, echo, direct. Examples: http://, http+socks4+socks5://, http+ssl://, ss+secure://, http+socks5+ss:// Note: ssl:// and secure:// are invalid as standalone schemes. cipher: Cipher format is 'cipher_name:cipher_key'. Cipher can be base64-encoded. Example: "YWVzLTEyOC1nY206dGVzdA==" is equivalent to "aes-128-gcm:test". netloc: Network location (host:port). localbind: Local bind address. plugins: Comma-separated list of plugins. rules: URL query parameters for rules. auth: Authentication details. ``` -------------------------------- ### Backward Proxy - Client Configuration Source: https://github.com/moreati/pproxy/blob/master/README.rst Configures the pproxy client to initiate a connection back to a server that might be behind a NAT. The client listens on a local port and forwards requests to a specified server endpoint. ```bash $ pproxy -l http://:8080 -r http+in://:8081 -v ``` -------------------------------- ### pproxy Cipher Support Source: https://github.com/moreati/pproxy/blob/master/README.rst Provides a comprehensive list of supported ciphers for pproxy, including key/IV lengths and security scores. ```APIDOC Cipher Support: Format: "cipher_name:cipher_key" Base64 encoding is supported for cipher strings. Cipher List: +-----------------+------------+-----------+-------------+ | Cipher | Key Length | IV Length | Score (0-5) | +=================+============+===========+=============+ | table-py | any | 0 | 0 (lowest) | +-----------------+------------+-----------+-------------+ | rc4 | 16 | 0 | 0 (lowest) | +-----------------+------------+-----------+-------------+ | rc4-md5 | 16 | 16 | 0.5 | +-----------------+------------+-----------+-------------+ | chacha20 | 32 | 8 | 5 (highest) | +-----------------+------------+-----------+-------------+ | chacha20-ietf | 32 | 12 | 5 | +-----------------+------------+-----------+-------------+ | chacha20-ietf- | | | | | poly1305-py | 32 | 32 | AEAD | +-----------------+------------+-----------+-------------+ | salsa20 | 32 | 8 | 4.5 | +-----------------+------------+-----------+-------------+ | aes-128-cfb | 16 | 16 | 3 | | aes-128-cfb8 | | | | | aes-128-cfb1-py | | | slow | +-----------------+------------+-----------+-------------+ | aes-192-cfb | 24 | 16 | 3.5 | | aes-192-cfb8 | | | | | aes-192-cfb1-py | | | slow | +-----------------+------------+-----------+-------------+ | aes-256-cfb | 32 | 16 | 4.5 | +-----------------+------------+-----------+-------------+ ``` -------------------------------- ### Trojan Protocol with SSL Source: https://github.com/moreati/pproxy/blob/master/README.rst Configures pproxy to use the Trojan protocol, which is designed to mimic HTTPS traffic. It requires SSL certificate and key files for secure communication. ```bash $ pproxy --ssl ssl.crt,ssl.key -l trojan+tunnel{localhost:80}+ssl://:443#yourpassword -vv If trojan password doesn't match, the tunnal{localhost:80} will be switched to. It looks exactly the same as a common HTTPS website. ``` -------------------------------- ### Apply System Proxy Source: https://github.com/moreati/pproxy/blob/master/README.rst Applies the pproxy tunnel as the system-wide proxy on macOS or Windows. It logs traffic redirection from local sockets to the specified remote server and protocol. ```bash pproxy -r ss://chacha20:abc@server_ip:8080 --sys -vv Serving on :8080 by http,socks4,socks5 System proxy setting -> socks5 localhost:8080 socks5 ::1:57345 -> ss server_ip:8080 -> slack.com:443 socks5 ::1:57345 -> ss server_ip:8080 -> www.google.com:443 ..... (all local traffic log) ...... ``` -------------------------------- ### Define Regex Rules for Google Domains Source: https://github.com/moreati/pproxy/blob/master/README.rst This snippet shows how to define a regular expression file for routing specific domains, particularly focusing on Google-related services. These rules are used by pproxy to determine traffic redirection. ```rst #google domains (?:.+\.)?google.*\.com (?:.+\.)?gstatic\.com (?:.+\.)?gmail\.com (?:.+\.)?ntp\.org (?:.+\.)?glpals\.com (?:.+\.)?akamai.*\.net (?:.+\.)?ggpht\.com (?:.+\.)?android\.com (?:.+\.)?gvt1\.com (?:.+\.)?youtube.*\.com (?:.+\.)?ytimg\.com (?:.+\.)?goo\.gl (?:.+\.)?youtu\.be (?:.+\.)?google\..+ ``` -------------------------------- ### Advanced UDP Tunneling with Multiple Destinations Source: https://github.com/moreati/pproxy/blob/master/README.rst Configures UDP tunnels to multiple destinations through a remote server. It demonstrates proxying UDP traffic to specific IP addresses and ports, such as DNS servers, via an 'ss' tunnel. ```bash $ pproxy -ul tunnel{8.8.8.8}://:53 -ur ss://remote_server:13245 -vv UDP tunnel 127.0.0.1:60573 -> ss remote_server:13245 -> 8.8.8.8:53 UDP tunnel 127.0.0.1:60574 -> ss remote_server:13245 -> 8.8.8.8:53 ``` -------------------------------- ### SSH Jump Configuration Source: https://github.com/moreati/pproxy/blob/master/README.rst Configures pproxy to chain multiple SSH connections for proxying. This allows traffic to be routed through a sequence of SSH servers. ```bash $ pproxy -r ssh://server1__ssh://server2__ssh://server3 First connection to server1 is made. Second, ssh connection to server2 is made from server1. Finally, connect to server3, and use server3 for proxying traffic. ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.