ContextQMD
Back to 3proxy

tlspr

doc/html/man8/tlspr.8.html

0.9.63.0 KB
Original Source

tlspr

NAME
SYNOPSIS
DESCRIPTION
OPTIONS
CLIENTS
BUGS
SEE ALSO
AUTHORS

NAME

tlspr - SNI proxy gateway service

SYNOPSIS

tlspr [-d][-a] [-l [[@]logfile]] [-p listening_port] [-P destination_port] [-c tls_check_level] [-i internal_ip] [-e external_ip]

DESCRIPTION

tlspr is an SNI gateway service (destination host is taken from TLS handshake). The destination port must be specified via the -P option (or it may be detected with the Transparent plugin).

OPTIONS

| |

-I

| |

Inetd mode. Standalone service only.

| | |

-d

| |

Daemonize. Detach service from console and run in the background.

| | |

-t

| |

Be silenT. Do not log start/stop/accept error records.

| | |

-u

| |

Never ask for username authentication

| | |

-e

| |

External address. IP address of the interface the proxy should initiate connections from. By default, the system will decide which address to use in accordance with the routing table.

| | |

-i

| |

Internal address. IP address the proxy accepts connections to. By default, connections to any interface are accepted. It´s usually unsafe.

| | |

-a

| |

Anonymous. Hide information about client.

| | |

-a1

| |

Anonymous. Show fake information about client.

| | |

-p

| |

listening_port. Port proxy listens for incoming connections. Default is 1443.

| | |

-P

| |

destination_port. Port to establish outgoing connections. Required unless the Transparent plugin is used, because the TLS handshake does not contain port information. Default is 443.

| | |

-c

| |

TLS_CHECK_LEVEL. 0 (default) - allow non-TLS traffic to pass, 1 - require TLS, only check client HELLO packet, 2 - require TLS, check both client and server HELLO, 3 - require TLS, check that the server sends a certificate (not compatible with TLS 1.3), 4 - require mutual TLS, check that the server sends a certificate request and the client sends a certificate (not compatible with TLS 1.3)

| | |

-l

| |

Log. By default logging is to stdout. If logfile is specified logging is to file. Under Unix, if ´@´ precedes logfile, syslog is used for logging.

| | |

-S

| |

Increase or decrease stack size. You may want to try something like -S8192 if you experience 3proxy crashes.

|

CLIENTS

You should use a client with TLS support or configure a router to redirect TLS traffic to the proxy (transparent proxy). Configure the client to connect to internal_ip and port. If you need to limit clients, use 3proxy (8) instead.

BUGS

Report all bugs to [email protected]

SEE ALSO

3proxy(8), ftppr(8), proxy(8), socks(8), pop3p(8), smtpp(8), tcppm(8), udppm(8), syslogd(8),
https://3proxy.org/

AUTHORS

3proxy is designed by Vladimir 3APA3A Dubrovin ([email protected])