An experimental proxy server based on netty. That want to show how fast the netty is, and how the API design of netty is pretty.
> ./nitmproxy.sh --help
usage: nitmproxy [--cert <CERTIFICATE>] [--clientNoHttp2] [-h <HOST>] [-k]
[--key <KEY>] [-m <MODE>] [-p <PORT>] [--serverNoHttp2]
--cert <CERTIFICATE> x509 certificate used by server(*.pem),
default: server.pem
-h,--host <HOST> listening host, default: 127.0.0.1
-k,--insecure not verify on server certificate
--key <KEY> key used by server(*.pem), default: key.pem
-m,--mode <MODE> proxy mode(HTTP, SOCKS, TRANSPARENT), default: HTTP
-p,--port <PORT> listening port, default: 8080
- HTTP Proxy
- HTTP Proxy (Tunnel)
- Socks Proxy
- Transparent Proxy
- HTTP/1
- HTTP/2
- WebSocket
- TLS
- Display network traffic
- Modify network traffic
We are using same coding style with netty, please follow the instructions from the netty#Setting up development environment to setup.
The built-in Conscrypt in the Android is not compatible with Netty. The easiest way to fix is to add Conscrypt manually.
Add conscrypt-android dependency
https://search.maven.org/artifact/org.conscrypt/conscrypt-android
Configure Conscrypt SSL provider
config.setSslProvider(Conscrypt.newProvider());sysctl -w net.ipv4.ip_forward=1
sysctl -w net.ipv6.conf.all.forwarding=1
sysctl -w net.ipv4.conf.all.send_redirects=0
iptables -t nat -A OUTPUT -p tcp --dport 80 -j DNAT --to-destination <transparent proxy ip>:<transparent proxy port>
iptables -t nat -A OUTPUT -p tcp --dport 443 -j DNAT --to-destination <transparent proxy ip>:<transparent proxy port>
See Linux documentation on how to persistent these changes across reboots.