FortifyNet Proxy is a powerful and flexible asynchronous proxy server library written in Rust. It's designed to be a robust and reusable foundation for building various types of proxy servers, including HTTP, HTTPS, and SOCKS5, with a focus on performance, security, and ease of use.
- Asynchronous Architecture: Built using
tokiofor handling numerous concurrent connections with optimal efficiency. - HTTP/HTTPS Proxying: Seamlessly forwards HTTP and HTTPS traffic, ensuring compatibility and security using
hyperandtokio-rustls. - SOCKS5 Proxy Support: Capable of routing traffic through SOCKS5 proxies using
tokio-socks, enabling advanced network configurations. - Request Caching: Implements an in-memory cache to store responses for frequently accessed resources to reduce load and improve response times.
- Real-Time Metrics: Provides built-in real-time traffic statistics, response time analysis, and error tracking.
- Dashboard: Includes a simple web-based dashboard using
warpfor live monitoring of the server. - Highly Configurable: Offers a flexible
ProxyConfigstruct to customize various proxy server settings. - Authentication: Supports basic username/password authentication for controlling proxy access.
- Dynamic Target Resolution: Resolves the host address from the request and redirects the request dynamically.
To use FortifyNet Proxy in your Rust project, add the following line to your Cargo.toml file:
[dependencies]
fortifynet_proxy = "2.0.0" # Or the latest Version
tokio = { version = "1", features = ["full"] }
hyper = { version = "0.14", features = ["client","http1","server","tcp"] }
log = "0.4"
env_logger = "0.10"
thiserror = "1"
anyhow = "1"
rustls = "0.21"
tokio-rustls = "0.24"
tokio-socks = "0.3"
url = "2.5"
warp = "0.3"
rustls-pemfile = "1.1"Here's how you can quickly set up a basic HTTP proxy server with FortifyNet Proxy:
-
Set up your main file (
main.rs)use fortifynet_proxy::{start_proxy_server, ProxyConfig}; use log::info; #[tokio::main] async fn main() -> anyhow::Result<()> { // Create a proxy configuration with default values let config = ProxyConfig { ip_address: "127.0.0.1".to_string(), port: 8080, authentication: false, username: "admin".to_string(), password: "password".to_string(), cache_enabled: true, socks5_address: None, https_enabled: false, certificate_path: None, private_key_path: None, target_address: Some("http://localhost".to_string()) // target for non-socks connection }; info!("Starting Proxy server with configuration: {:?}", config); // Start the proxy server with the provided configuration start_proxy_server(config).await?; Ok(()) }
-
Start the Proxy Server:
Run
cargo runin your terminal. The proxy server will start listening for connections. You can monitor the server's output for logs and metrics. -
Configure Your Client:
-
Web Browser:
- Proxy Type: HTTP
- Address:
127.0.0.1 - Port:
8080(or the port you configured)
-
curlCommand:curl -v --proxy http://127.0.0.1:8080 http://www.example.com
-
HTTPS Proxy: If you enable
https_enabledthen your proxy will be listening to https requests and you need to configure your client for https proxy, you also need to create the certificate and key files.
curl -v --proxy https://127.0.0.1:8080 https://www.example.com
-
-
Access Metrics Dashboard Open a web browser and navigate to
http://127.0.0.1:<port + 1000>. For the above example, this ishttp://127.0.0.1:9080.
To secure your proxy server with basic authentication:
let config = ProxyConfig {
ip_address: "127.0.0.1".to_string(),
port: 8080,
authentication: true, // Enable authentication
username: "admin".to_string(),
password: "password".to_string(),
cache_enabled: true,
socks5_address: None,
https_enabled: false,
certificate_path: None,
private_key_path: None,
target_address: None,
};When authentication is enabled, the user will have to provide the authentication header.
To forward your requests through a SOCKS5 proxy:
let config = ProxyConfig {
ip_address: "127.0.0.1".to_string(),
port: 8080,
authentication: false,
username: "".to_string(),
password: "".to_string(),
cache_enabled: true,
socks5_address: Some("127.0.0.1:1080".to_string()), // Using SOCKS5
https_enabled: false,
certificate_path: None,
private_key_path: None,
target_address: None,
};-
Use the
curlcommand with the--socks5option.curl -v --socks5 127.0.0.1:1080 http://www.example.com
To enable HTTPS for secure connections, you need to specify the certificate and key file paths
let config = ProxyConfig {
ip_address: "127.0.0.1".to_string(),
port: 8080,
authentication: false,
username: "".to_string(),
password: "".to_string(),
cache_enabled: true,
socks5_address: None,
https_enabled: true, // Enable HTTPS
certificate_path: Some("cert.pem".to_string()),
private_key_path: Some("key.pem".to_string()),
target_address: None,
};You will also need to generate your own certificates and key files.
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -subj '/CN=localhost'- Important Note: Always use valid certificates from a trusted CA in production environments.
If you are not using SOCKS5 and want to use direct connection and forward your request to a specific address you can use the target_address field.
let config = ProxyConfig {
ip_address: "127.0.0.1".to_string(),
port: 8080,
authentication: false,
username: "".to_string(),
password: "".to_string(),
cache_enabled: true,
socks5_address: None,
https_enabled: false,
certificate_path: None,
private_key_path: None,
target_address: Some("http://www.google.com".to_string()),
};The ProxyConfig struct offers several configuration options, allowing you to customize your proxy server:
ip_address: Binds the proxy to a specific IP address (e.g., "0.0.0.0" for all interfaces).port: Specifies the port on which the proxy server listens.authentication: Enables or disables basic authentication for the proxy.usernameandpassword: Set the username and password for authentication (if enabled).cache_enabled: Enables or disables response caching.socks5_address: Sets an optional SOCKS5 server address for routing traffic.https_enabled: Enables or disables HTTPS support.certificate_pathandprivate_key_path: Set the paths to the SSL certificates and key file if HTTPS is enabled.target_address: Sets the target address for direct connections.
- Live Metrics: Access the dashboard at
http://127.0.0.1:<port + 1000>in your browser to view real-time metrics about the proxy server, including total requests, average response times, cache hit/miss rates, and error counts. - Console Logs: Check the console output where the proxy server is running for detailed logs of incoming connections, requests, responses, and any errors encountered.
- Dynamic Target Resolution: Previously the proxy would forward all requests to a static target, but now it forwards the request to the actual target specified in the request URL.
- Corrected Direct Connection Handling: Fixed the issues for direct connection by creating a complete URL.
- Corrected SOCKS5 Connections: Fixed the SOCKS5 connect logic by using host and port separately.
- Improved Caching: Caching logic is improved to make the proxy more robust.
- Enhanced Error Handling: Improved error handling with
anyhowand comprehensive logging. - Code Clarity: Improved the readability of code and proper documentation.
- Metrics: Metrics has been implemented to get the required data regarding the traffic.
- Dashboard: Dashboard has been implemented to get view the metrics.
- Documentation: A comprehensive documentation is added to explain every feature.
- Project Crate: https://crates.io/crates/fortifynet_proxy
- GitHub Repository: https://github.com/JeninSutradhar/fortifynet_proxy
- GitHub Official: https://github.com/JeninSutradhar/
Licensed under the MIT License. See the LICENSE file for details.