Skip to content
/ nydus Public

Socks5 server application with host limits on outgoing connections.

License

Notifications You must be signed in to change notification settings

temoto/nydus

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

What

Nydus is minimalistic SOCKS5 proxy server application able to limit incoming/outgoing connections.

Use case

Your project uses external service such as payment gate which only allows requests from set of whitelisted IPs. But you have no control on source IP (autoscale, serverless). Solution:

  • create separate well secured system with static IP and ask external to whitelist only that
  • run nydus proxy on secure machine
  • configure application to run sensitive requests via nydus proxy

Build / install

go get https://github.com/temoto/nydus

Requires:

  • Go 1.5+

Usage

  • By default, no connections allowed. You must specify allow and deny rules explicitly. Check order: allow, deny.
  • Systemd Type=notify and watchdog is supported.
  • IPv6 is supported.
  • Filtering by host names is not supported. You have to specify IP range in CIDR format.

Examples:

  • nydus -listen=10.0.0.4:8891 -allow='0.0.0.0/0:*->1.2.3.4/32:80'
    Allow IPv4 connections from any address:port to single address 1.2.3.4:80.
  • nydus -listen=10.0.0.4:8891 -allow='10.0.0.0/16:*->77.88.0.0/16:443' -deny='0.0.0.0/0:*->77.88.7.0/24:*'
    Allow IPv4 connections from any address:port to CIDR 77.88.0.0/16 port 443, except CIDR 77.88.7.0/24.

Contact

Flair

  • Build Status
  • Coverage

About

Socks5 server application with host limits on outgoing connections.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published