BoltConn
A go-to solution for transparent application proxy & firewall with tunneling and MitM, designed with privacy and security in mind.
All efforts made to make you fully control your network. Experimental webui & desktop client is available in XOR-op/BoltBoard.
Features
- Fine-grained Traffic Control: Allow VPN-style global control, or dedicated http/socks5 per-inbound control.
- Rule-based Blocking: Block ad/tracking traffic on a per-process/per-website/flexible way.
- Rule-based Tunneling: Flexible way to tunnel traffic through http/socks5/wireguard/etc outbounds. Able to use compatible rules from similar community.
- Audit Traffic: Audit traffic history by accessing API or dumping into SQLite.
- Modify HTTPS Data: Manipulate requests and responses inside HTTPS traffic to redirect, block or modify them. Support injecting Javascript now.
For the full features, see features.md.
Getting Started
Installation
Pre-built binaries
Configuration
Before running BoltConn, you should run these two commands first:
- Create necessary configuration and runtime files. The default configuration path is
$HOME/.config/boltconn
, and the
default runtime path is $HOME/.local/share/boltconn
:
boltconn init
- Generate root certificates with proper permissions for MitM:
sudo -E boltconn cert
Run BoltConn
sudo -E boltconn start
CLI Tools for Management
boltconn [conn/proxy/rule/tun/reload/...]
See boltconn --help
for more help.
Documentations
Learn more about BoltConn's architecture, RESTful API, and how it compares to other related projects:
Future Plan
- Full IPv6 support
- Windows support with Wintun driver
- Better integration with external programs (e.g. OpenVPN or ssh)
License
This software is released under the GPL-3.0 license.