tlspr - Man Page
SNI proxy gateway service
Synopsis
tlspr [-d][-a] [-l[[@]logfile]] [-plistening_port] [-Pdestination_port] [-ctls_check_level] [-iinternal_ip] [-eexternal_ip]
Description
proxy is SNI gateway service (destination host is taken from TLS handshake). Destination port must be specified via -P option (or it may be detected with Transparent plugin).
Options
- -I
Inetd mode. Standalone service only.
- -d
Daemonise. Detach service from console and run in the background.
- -t
Be silenT. Do not log start/stop/accept error records.
- -u
Never ask for username authentication
- -e
External address. IP address of interface proxy should initiate connections from. By default system will deside which address to use in accordance with routing table.
- -i
Internal address. IP address proxy accepts connections to. By default connection to any interface is accepted. It´s usually unsafe.
- -a
Anonymous. Hide information about client.
- -a1
Anonymous. Show fake information about client.
- -p
listening_port. Port proxy listens for incoming connections. Default is 1443.
- -P
destination_port. Port to establish outgoing connections. One is required unless Transparent plugin is not used because TLS handshake does not contain port information. Default is 443.
- -c
TLS_CHECK_LEVEL. 0 (default) - allow non-TLS traffic to pass, 1 - require TLS, only check client HELLO packet, 2 - require TLS, check both client and server HELLO, 3 - require TLS, check server send certificate (not compatible with TLS 1.3), 4 - require mutual TLS, check server send certificate request and client sends certificate (not compatible with TLS 1.3)
- -l
Log. By default logging is to stdout. If logfile is specified logging is to file. Under Unix, if ´@´ preceeds logfile, syslog is used for logging.
- -S
Increase or decrease stack size. You may want to try something like -S8192 if you experience 3proxy crashes.
Clients
You should use client with HTTP proxy support or configure router to redirect HTTP traffic to proxy (transparent proxy). Configure client to connect to internal_ip and port. HTTPS support allows to use almost any TCP based protocol. If you need to limit clients, use 3proxy(8) instead.
Bugs
Report all bugs to 3proxy@3proxy.org
See Also
3proxy(8), ftppr(8), htproxy(8), socks(8), pop3p(8), smtpp(8), tcppm(8), udppm(8), syslogd(8),
https://3proxy.org/
Authors
3proxy is designed by Vladimir 3APA3A Dubrovin (3proxy@3proxy.org)
Referenced By
3proxy(8), 3proxy.cfg(3), ftppr(8), htproxy(8), pop3p(8), smtpp(8), socks(8), tcppm(8), udppm(8).