开源软件名称：

开源软件地址：

开源编程语言：

开源软件介绍：

IP Proxies Recommendation

GOPROXY Introduction

---

The GoProxy is a high-performance http proxy, https proxy, socks5 proxy, ss proxy, websocket proxies, tcp proxies, udp proxies, game shield, game proxies. Support forward proxies, reverse proxy, transparent proxy, internet nat proxies, https proxy load balancing, http proxy load balancing , socks5 proxies load balancing, socket proxy load balancing, ss proxy load balancing, TCP / UDP port mapping, SSH transit, TLS encrypted transmission, protocol conversion, anti-pollution DNS proxy, API authentication, speed limit, limit connection. Reverse proxies to help you expose a local server behind a NAT or firewall to the internet so that you or your visitors can access it directly and easily.

中文用户请看 中文说明，中文与英文内容的安装等资源链接是不一样的，谢谢合作！

点击我观看视频教程

• 中文说明
• 使用手册
• 下载地址
• Download
• Desktop Edition
• Android Global Edition
• Android Server Edition
• SDK
• GORPOXY Manual
• GORPOXY Tutorial
• Free version VS commercial version

ProxyAdmin Demo

And ProxyAdmin is a powerful web console of snail007/goproxy .

What can it do?

• Chained proxies, the program itself can be used as an proxies, and if it is set up, it can be used as a secondary proxies or even an N-level proxies.
• Communication encryption, if the program is not a level one proxies, and the upper level proxies is also the program, then the communication between the upper level proxies and the upper level proxies can be encrypted, and the underlying tls high-intensity encryption is used, and the security is featureless.
• Smart HTTP, SOCKS5 proxy, will automatically determine whether the visited website is blocked. If it is blocked, it will use the upstream proxies (provided that the upstream proxies is configured) to access the website; if the visited website is not blocked, in order to speed up the access, the proxies will Direct access to the website without using a upstream proxies.
• Domain name black and white list, more free to control the way the website is accessed.
• Cross-platform, whether you are windows, linux, mac, or even raspberry pie, you can run the proxy very well.
• Multi-protocol support, support for HTTP(S), TCP, UDP, Websocket, SOCKS5 proxy.
• TCP/UDP port forwarding.
• Support intranet penetration, protocol supports TCP and UDP.
• SSH relay, HTTP (S), SOCKS5 proxy supports SSH relay, the upper Linux server does not need any server, a local proxy can be happy online.
• KCP protocol support, HTTP(S), SOCKS5, SPS proxy supports KCP protocol to transmit data, reduce latency and improve browsing experience.
• Dynamic selection of upstream proxies, through the external API, HTTP (S), SOCKS5, SPS proxies can achieve user-based or IP-based speed limit, connection limit, dynamic access to upstream.
• Flexible upstream allocation, HTTP(S), SOCKS5 proxy can implement user- or IP-based speed limit, connection limit, and upper-level through configuration files.
• Transparent HTTP (S) proxy, in conjunction with iptables, forwards the outgoing 80, 443 traffic directly to the proxy at the gateway, enabling non-aware intelligent router proxy.
• Protocol conversion, which can convert existing HTTP(S) or SOCKS5 or SS proxy into one port and support HTTP(S) and SOCKS5 and SS proxy at the same time. Converted SOCKS5 and SS proxy. If the upstream is SOCKS5 proxy, then UDP is supported. Features while supporting powerful cascading authentication.
• Custom underlying encrypted transmission, http(s)\sps\socks proxy can encrypt tcp data via tls standard encryption and kcp protocol on top of tcp, in addition to support custom encryption after tls and kcp, that is Said custom encryption and tls|kcp can be used in combination, the internal AES256 encryption, you only need to define a password when you use it.
• Underlying compression efficient transmission, http(s)\sps\socks proxy can encrypt tcp data through custom encryption and tls standard encryption and kcp protocol on tcp, and can also compress data after encryption, that is, compression function And custom encryption and tls|kcp can be used in combination.
• Secure DNS proxy, which can secure and prevent pollution DNS queries through encrypted proxy communication between the DNS proxy server provided by the local proxy and the upstream proxy.
• Load balancing, high availability, HTTP(S)\SOCKS5\SPS proxies supports upstream load balancing and high availability, and multiple upstream repeat-P parameters can be used.
• Specify the egress IP. The HTTP(S)\SOCKS5\SPS\TCP proxy supports the client to connect with the ingress IP, and uses the ingress IP as the egress IP to access the target website. If the ingress IP is an intranet IP, the egress IP does not use the ingress IP.
• Support speed limit, HTTP(S)\SOCKS5\SPS\TCP proxy supports speed limit.
• SOCKS5 proxies supports cascading certification.
• The certificate parameter uses base64 data. By default, the -C, -K parameter is the path of the crt certificate and the key file. If it is the beginning of base64://, then the latter data is considered to be base64 encoded and will be used after decoding.
• Support client IP black and white list, more secure control of client access to proxy service, if black and white list is set at the same time, then only whitelist is effective. Socks / HTTP(S) / SPS / TCP / UDP / DNS / intranet NAT The bridge/intranet NAT the tbridge and supports the client IP black and white list.
• Range ports listen on, HTTP(S)\SOCKS5\SPS\TCP proxy supports port range listening, avoiding starting too many processes and improving performance.

Why do you need it?

• When for some reason we are unable to access our services elsewhere, we can establish a secure tunnel to access our services through multiple connected proxy nodes.
• WeChat interface is developed locally for easy debugging.
• Remote access to intranet machines.
• Play LAN games with your friends.
• I used to play only on the LAN, and now I can play anywhere.
• Replace the sword inside Netnet, show IP internal Netcom, peanut shell and other tools.
• ..

The manual on this page applies to the latest version of goproxy. Other versions may not be applicable. Please use the command according to your own instructions.

Joining the organization

Click to join the Telegram

Download and install

Quick installation

0. If your VPS is a Linux 64-bit system, you only need to execute the following sentence to complete the automatic installation and configuration.

Tip: All operations require root privileges.

The free version performs this:

curl -L https://mirrors.host900.com/https://raw.githubusercontent.com/snail007/goproxy/master/install_auto.sh | bash

The commercial version performs this:

curl -L https://mirrors.host900.com/https://raw.githubusercontent.com/snail007/goproxy/master/install_auto_commercial.sh | bash

The installation is complete, the configuration directory is /etc/proxy. For more detailed usage, please refer to the manual directory above to learn more about the features you want to use. If the installation fails or your vps is not a linux64-bit system, follow the semi-automatic steps below to install:

Manual installation

1. Download the proxy

Download address: https://github.com/snail007/goproxy/releases/latest

Let's take v7.9 as an example. If you have the latest version, please use the latest version of the link. Note that the version number in the download link below is the latest version number.

The free version performs this:

cd /root/proxy/
wget https://mirrors.host900.com/https://github.com/snail007/goproxy/releases/download/v7.9/proxy-linux-amd64.tar.gz

The commercial version performs this:

cd /root/proxy/
wget https://mirrors.host900.com/https://github.com/snail007/goproxy/releases/download/v7.9/proxy-linux-amd64_commercial.tar.gz

2. Download the automatic installation script

The free version performs this:

cd /root/proxy/
wget https://mirrors.host900.com/https://raw.githubusercontent.com/snail007/goproxy/master/install.sh
chmod +x install.sh
./install.sh

The commercial version performs this:

cd /root/proxy/
wget https://mirrors.host900.com/https://raw.githubusercontent.com/snail007/goproxy/master/install_commercial.sh
chmod +x install_commercial.sh
./install_commercial.sh

UPDATE

Linux

proxy update

Force update.

proxy update -f

Windows

For example proxy placed in c:\gp\proxy.

c:\
cd gp
proxy update

Force update.

c:\
cd gp
proxy update -f

TODO

• http,socks proxy multiple upstream load balancing?
• http(s) proxy to increase pac support?
• Welcome to add group feedback..

License

Proxy is licensed under GPLv3 license.

Contact

Official QQ exchange group: 608062193

Donation

If the proxy helps you solve a lot of problems, you can better support the proxy through the donation below.

BTC ADDRESS: 1BJcBhGhREiz1q3VTYoiVPuAZy5PGxRG9z

ETH ADDRESS: 0x0fA4c567768d2E59E6221152EA52F4842866AFC8

Source code declaration

The author of this project found that a large number of developers based on the project for secondary development or using a large number of core code of the project without complying with the GPLv3 agreement, which seriously violates the original intention of using the GPLv3 open source agreement in this project. In view of this situation, the project adopts the source. The code delays the release strategy, to a certain extent, to curb these behaviors that do not respect open source and do not respect the labor results of others. This project will continue to update the iterations and continue to release the full platform binary program, providing you with powerful and convenient proxies tools. If you have customized, business needs, please send an email to [email protected]

Goproxy Manual

IP Proxies Recommendation

How to Install

1. Linux Install

click me get Linux installation

2. MacOS Install

click me get MacOS installation

3. Windows Install

click me get Windows installation

4. Others Install

click me get Windows installation

Purchase Commercial Edition

This manual describes the functions, all of which are included in the commercial version; the free version of advanced functional parameters such as authentication is not included;
If you encounter some commands when you use the free version to execute some commands, a prompt similar to the following xxx parameter does not exist, indicating that this parameter is a function of the commercial version.
err: unknown long flag '-a'
Comparison between the features of the free version and the commercial version, detailed operations on how to purchase and use the commercial version please click here to view

First Start

1. Environment

The manual tutorial, the default system is linux, the program is proxy; all operations require root privileges;

If you are windows, please use the windows version of proxy.exe.

2. Using configuration files

The next tutorial will introduce the usage method through the command line parameters, or you can get the parameters by reading the configuration file.

The specific format is to specify the configuration file by the @ symbol, for example: proxy @configfile.txt

The format in configfile.txt is that the first line is the name of the subcommand, and the second line starts with one parameter per line.

Format: parameter Parameter value, direct write parameter without parameter value, for example: --nolog

For example, the contents of configfile.txt are as follows:

Http  
-t tcp  
-p :33080  
--forever  

3. Debug output

By default, the information output by the log does not include the number of file lines. In some cases, in order to troubleshoot the program, the problem is quickly located.

You can use the --debug parameter to output the number of lines of code and milliseconds.

4. Using log files

By default, the log is displayed directly in the console. If you want to save to a file, you can use the --log parameter.

For example: --log proxy.log, the log will be output to the proxy.log to facilitate troubleshooting.

5. Generate the certificate file required for encrypted communication

The http, tcp, udp proxy process communicates with the upstream. For security, we use encrypted communication. Of course, we can choose not to encrypt the communication. All the communication and the upstream communication in this tutorial are encrypted, and the certificate file is required.

1. Generate a self-signed certificate and key file with the following command.
   proxy keygen -C proxy
   The certificate file proxy.crt and the key file proxy.key will be generated under the current program directory.

2. Use the following command to generate a new certificate using the self-signed certificate proxy.crt and the key file proxy.key: goproxy.crt and goproxy.key.
   proxy keygen -s -C proxy -c goproxy
   The certificate file goproxy.crt and the key file goproxy.key will be generated under the current program directory.

3. By default, the domain name inside the certificate is random and can be specified using the -n test.com parameter.

4. More usage: proxy keygen --help.

6. Running in the background

After the proxy is executed by default, you cannot close the command line if you want to keep the proxy running.

If you want to run the proxy in the background, the command line can be closed, just add the --daemon parameter at the end of the command.

For example:

proxy http -t tcp -p "0.0.0.0:38080" --daemon

7. Guardian running

The daemon runs the parameter --forever, for example: proxy http --forever ,

The proxy will fork the child process, and then monitor the child process. If the child process exits abnormally, restart the child process after 5 seconds.

This parameter is matched with the background running parameter --daemon and log parameter --log, which can guarantee that the proxy will always execute in the background without accidentally exiting.

And you can see the output log content of the proxy through the log file.

For example: proxy http -p ":9090" --forever --log proxy.log --daemon

8. Security advice

When the VPS is behind the nat device, the vps network interface IP is the intranet IP. At this time, you can use the -g parameter to add the vps external network ip to prevent the infinite loop.

Suppose your vps external network ip is 23.23.23.23. The following command sets 23.23.23.23 with the -g parameter.

proxy http -g "23.23.23.23"

9. Load balancing and high availability

The HTTP(S)\SOCKS5\SPS proxy supports upper-level load balancing and high availability, and multiple upstream repeat-P parameters can be used.

The load balancing policy supports five types, which can be specified by the --lb-method parameter:

Roundrobin used in turn

Leastconn uses the minimum number of connections

Leasttime uses the least connection time

Hash uses a fixed upstream based on the client address

Weight Select a upstream according to the weight and number of connections of each upstream

prompt:

1. The load balancing check interval can be set by --lb-retrytime in milliseconds.

2. The load balancing connection timeout can be set by --lb-timeout in milliseconds.

3. If the load balancing policy is weight, the -P format is: 2.2.2.2: 3880?w=1, where 1 is the weight and an integer greater than 0.

4. If the load balancing policy is hash, the default is to select the upstream based on the client address. You can select the upstream by using the destination address of the access --lb-hashtarget.

5. The TCP proxies has no parameter --lb-hashtarget.

6. Default is load balancing + high availability mode. If the parameter --lb-onlyha is used, only the high availability mode is used, then a node is selected according to the load balancing strategy, and this node will be used until it is not alive, then another node will be selected for using, thus cycling.

7. If the all nodes are not alive, a random node will be selected for using.

10. Agent springboard jump

Http (s) agent, SPS agent, intranet penetration, tcp agent support the connection of upstreams through intermediate third-party agents,

The parameters are: --jumper, all the formats are as follows:

 http://username:password@host:port  
 http://host:port  
 https://username:password@host:port  
 https://host:port  
 socks5://username:password@host:port  
 socks5://host:port  
 socks5s://username:password@host:port  
 socks5s://host:port  
 ss://method:password@host:port  

Http,socks5 represents the normal http and socks5 proxy.

Https,socks5s represents the http and socks5 agents protected by tls.

That is http proxy over TLS, socks over TLS.

11. Domain Name Black and White List

The socks/http(s)/sps proxy supports domain name black and white lists.

Use the --stop parameter to specify a domain name blacklist file, then the connection will be disconnected when the user connects these domains in the file.

Specify a domain name whitelist file with the --only parameter, then the connection will be disconnected when the user connects to a domain other than those domains in the file.

If both --stop and --only are set, then only --only will work.

The format of the black and white domain name list file is as follows:

**.baidu.com  
*.taobao.com  
A.com  
192.168.1.1  
192.168.*.*  
?.qq.com  

Description:

1. One domain name per line, domain name writing supports wildcards * and ?, * represents any number of characters, ? represents an arbitrary character,

2.**.baidu.com Matches no matter how many levels all suffixes are ..baidu.com`.

3.*.taobao.com The matching suffix is the third-level domain name of .taobao.com.

4. It can also be an IP address directly.

5.# at the beginning of the comment.

12. Client IP Blacklist and Whitelist

socks/http(s)/sps/tcp/udp/dns/ intranet penetration bridge/intranet penetration tbridge, support client IP black and white list.

Use the --ip-deny parameter to specify a client IP blacklist list file, then the connection will be disconnected when the user's IP is in this file.

Use the --ip-allow parameter to specify a client IP whitelist file, then the connection will be disconnected when the user's IP is not in the file.

If both --ip-deny and --ip-allow are set, then only --ip-allow will work.

The format of the client IP blacklist and whitelist file is as follows:

192.168.1.1  
192.168.*.*  
192.168.1?.*  

Description:

1. One domain name per domain, domain name writing supports wildcards * and ?, * represents any number of characters, ? represents an arbitrary character.

2.# at the beginning of the comment.

13. Protocol loading file

There are many places in the proxy's various proxy functions to set a file. For example: --blocked Specifies a domain name list file that goes directly to the upper level. The parameter value is the path of the file.

If the parameter supports the protocol loading file, the file path can be not only the file path, but also:

a. The base64 encoding at the beginning of "base64://" indicates the contents of the above file, for example: base64://ajfpoajsdfa=

b. "str://" at the beginning of the English comma separated multiple, such as: str://xxx, yyy

The proxy's blocked, direct, stop, only, hosts, resolve.rules, rewriter.rules, ip.allow, ip.deny files support protocol loading.

14.Concurrent client connections

socks5\sps\http proxies, the parameter that controls the number of concurrent client connections is: --max-conns-rate, which controls the maximum number of client connections per second, default: 20, 0 is unlimited

15 Listen on multiple ports

"tcp / http / socks / sps" supports listen on multiple ports and range ports. Under normal circumstances, it is sufficient to listen on one port, but if you need to listen on multiple ports, the -p parameter is supported. The format is: -p 0.0.0.0:80,0.0.0.0:443,.0.0.0.0:8000-9000,:5000-6000, more The bindings can be separated by commas.

1.HTTP Proxies

1.1. Ordinary level HTTP proxy

proxy http -t tcp -p "0.0.0.0:38080"

Listen port argument -p can be:

  -p ":8081"  listen on 8081
  -p ":8081,:8082"  listen on 8081 and 8082
  -p ":8081,:8082,:9000-9999" listen on 8081 and 8082 and 9000 and 9001 to 9999, 1002 total ports