3proxy

Tiny free proxy server

Project website

Features

1. General

  • IPv4 / IPv6 support for incoming and outgoing connection, can be used as a proxy between IPv4 and IPv6 networks in either direction
  • Unix domain sockets support
  • HTTP/1.1 Proxy with keep-alive client and server support, transparent proxy support
  • HTTPS (CONNECT) proxy (compatible with HTTP/2 / SPDY)
  • Anonymous and random client IP emulation for HTTP proxy mode
  • FTP over HTTP support
  • DNS caching with built-in resolver
  • DNS proxy
  • DNS over TCP support, redirecting DNS traffic via parent proxy
  • SOCKSv4/4.5 Proxy
  • SOCKSv5 Proxy
  • SOCKSv5 UDP and BIND support (fully compatible with SocksCAP/FreeCAP for UDP)
  • Transparent SOCKS redirection for HTTP, POP3, FTP, SMTP
  • SNI proxy (based on TLS hostname)
  • TLS (SSL) server and client, 3proxy may be used as https:// type proxy or stunnel replacement
  • POP3 Proxy
  • FTP proxy
  • TCP port mapper (port forwarding)
  • UDP port mapper (port forwarding)
  • SMTP proxy
  • Threaded application (no child process)
  • Web administration and statistics
  • Plugins for functionality extension
  • Native 32/64 bit application

2. Proxy Chaining and Network Connections

  • Can be used as a bridge between client and different proxy type (e.g. convert incoming HTTP proxy request from client to SOCKSv5 request to parent server)
  • Connect back proxy support to bypass firewalls
  • Parent proxy support for any type of incoming connection
  • Username/password authentication for parent proxy(s)
  • HTTPS/SOCKS4/SOCKS5 and ip/port redirection parent support
  • Random parent selection
  • Chain building (multihop proxing)
  • Load balancing between few network connections by choosing network interface

3. Logging

  • Tuneable log format compatible with any log parser
  • stdout logging
  • File logging
  • Syslog logging (Unix)
  • ODBC logging
  • RADIUS accounting
  • Log file rotation
  • Automatic log file processing with external archiver (for files)
  • Character filtering for log files
  • Different log files for different services are supported

4. Access Control

  • ACL-driven Access control by username, source IP, destination IP/hostname, destination port and destination action (POST, PUT, GET, etc), weekday and daytime
  • ACL-driven (user/source/destination/protocol/weekday/daytime or combined) bandwidth limitation for incoming and (!)outgoing traffic
  • ACL-driven traffic limitation per day, week or month for incoming and outgoing traffic
  • Connection limitation and ratelimiting
  • User authentication by username / password
  • RADIUS Authentication and Authorization
  • User authentication by DNS hostname
  • Authentication cache with possibility to limit user to single IP address
  • Access control by username/password for SOCKSv5 and HTTP/HTTPS/FTP
  • Cleartext or encrypted passwords
  • Connection redirection
  • Access control by requested action (CONNECT/BIND, HTTP GET/POST/PUT/HEAD/OTHER)
  • All access control entries now support weekday and time limitations
  • Hostnames and * templates are supported instead of IP address

5. Extensions

  • Regular expression filtering (with PCRE2) via PCREPlugin
  • Authentication with Windows username/password (cleartext only)
  • SSL/TLS decryptions with certificate spoofing
  • Transparent redirection support for Linux and *BSD

6. Configuration

  • Support for configuration files
  • Support for includes in configuration files
  • Interface binding
  • Socket options
  • Running as daemon process
  • Utility for automated networks list building
  • Configuration reload on any file change

Unix:

  • Support for chroot
  • Support for setgid
  • Support for setuid
  • Support for signals (SIGUSR1 to reload configuration)

unstable

channel

0.9.6

version

Command-line App

app type

Networking

category

Yes

supported

No

broken

Free

license

24

platforms