### Install sniproxy using installer script Source: https://pkg.go.dev/github.com/mosajjal/sniproxy Installs sniproxy by downloading and executing an installer script. This is a convenient method for quick setup. ```bash bash <(curl -L https://raw.githubusercontent.com/mosajjal/sniproxy/master/install.sh) ``` -------------------------------- ### Install sniproxy using go install Source: https://pkg.go.dev/github.com/mosajjal/sniproxy Installs the sniproxy binary using the go install command. Ensure you have Go installed and configured. ```go go install github.com/mosajjal/sniproxy@latest ``` -------------------------------- ### Customize SNI Proxy HTTP Port Source: https://pkg.go.dev/github.com/mosajjal/sniproxy Modify the `ExecStart` line within the SNI Proxy systemd service file to specify a custom port for HTTP traffic. This example changes the HTTP port to 8080. ```bash ExecStart=/opt/sniproxy/sniproxy httpPort 8080 ``` -------------------------------- ### Allow Ports with UFW Source: https://pkg.go.dev/github.com/mosajjal/sniproxy Configure the Uncomplicated Firewall (ufw) to allow incoming traffic on ports 80 (TCP), 443 (TCP), and 53 (UDP). Reload the firewall to apply changes. ```bash sudo ufw allow 80/tcp sudo ufw allow 443/tcp sudo ufw allow 53/udp sudo ufw reload ``` -------------------------------- ### Run sniproxy using Docker Source: https://pkg.go.dev/github.com/mosajjal/sniproxy Runs sniproxy in a Docker container, exposing ports 80, 443, and 53/udp. It mounts the current directory to /tmp/ and specifies a domain list path. ```docker docker run -d --pull always -p 80:80 -p 443:443 -p 53:53/udp -v "$(pwd):/tmp/" ghcr.io/mosajjal/sniproxy:latest --domainListPath https://raw.githubusercontent.com/mosajjal/sniproxy/master/domains.csv ``` -------------------------------- ### SNIPROXY Command Line Flags Source: https://pkg.go.dev/github.com/mosajjal/sniproxy These flags configure SNIPROXY's behavior, including routing, DNS settings, and proxy options. Use them to customize the proxy's operation. ```bash --allDomains Route all HTTP(s) traffic through the SNI proxy --bindDnsOverQuic enable DNS over QUIC as well as UDP --bindDnsOverTcp enable DNS over TCP as well as UDP --bindDnsOverTls enable DNS over TLS as well as UDP --bindIP string Bind 443 and 80 to a Specific IP Address. Doesn't apply to DNS Server. DNS Server always listens on 0.0.0.0 (default "0.0.0.0") -c, --config string path to JSON configuration file --dnsPort uint DNS Port to listen on. Should remain 53 in most cases (default 53) --domainListPath string Path to the domain list. eg: /tmp/domainlist.csv. Look at the example file for the format. --domainListRefreshInterval duration Interval to re-fetch the domain list (default 1h0m0s) --geoipExclude strings Exclude countries to be allowed to connect. example: US,CA --geoipInclude strings Include countries to be allowed to connect. example: US,CA --geoipPath string path to MMDB URL/path Example: https://raw.githubusercontent.com/Loyalsoldier/geoip/release/Country.mmdb --geoipRefreshInterval duration MMDB refresh interval (default 1h0m0s) -h, --help help for sniproxy --httpPort uint HTTP Port to listen on. Should remain 80 in most cases (default 80) --httpsPort uint HTTPS Port to listen on. Should remain 443 in most cases (default 443) --interface string Interface used for outbound TLS connections. uses OS prefered one if empty --prometheus string Enable prometheus endpoint on IP:PORT. example: 127.0.0.1:8080. Always exposes /metrics and only supports HTTP --publicIP string Public IP of the server, reply address of DNS queries (default "YOUR_PUBLIC_IP") --reverseProxy string enable reverse proxy for a specific FQDN and upstream URL. example: www.example.com::http://127.0.0.1:4001 --reverseProxyCert string Path to the certificate for reverse proxy. eg: /tmp/mycert.pem --reverseProxyKey string Path to the certificate key for reverse proxy. eg: /tmp/mycert.key --tlsCert string Path to the certificate for DoH, DoT and DoQ. eg: /tmp/mycert.pem --tlsKey string Path to the certificate key for DoH, DoT and DoQ. eg: /tmp/mycert.key --upstreamDNS string Upstream DNS URI. examples: udp://1.1.1.1:53, tcp://1.1.1.1:53, tcp-tls://1.1.1.1:853, https://dns.google/dns-query (default "udp://8.8.8.8:53") --upstreamSOCKS5 string Use a SOCKS proxy for upstream HTTP/HTTPS traffic. Example: socks5://admin:admin@127.0.0.1:1080 ``` -------------------------------- ### Disable systemd-resolved DNS stub listener Source: https://pkg.go.dev/github.com/mosajjal/sniproxy Disables the systemd-resolved DNS stub listener and sets a custom DNS server. This is useful if port 53 is in use by systemd-resolved and you need to free it up for sniproxy. ```bash sed -i 's/#DNS=/DNS=9.9.9.9/; s/#DNSStubListener=yes/DNSStubListener=no/' /etc/systemd/resolved.conf systemctl restart systemd-resolved ``` -------------------------------- ### Edit SNI Proxy Systemd Service Source: https://pkg.go.dev/github.com/mosajjal/sniproxy Open the systemd service file for SNI Proxy in an editor to modify its execution arguments. This allows customization of parameters like the HTTP port. ```bash sudo systemctl edit --full sniproxy ``` === COMPLETE CONTENT === This response contains all available snippets from this library. No additional content exists. Do not make further requests.