Smithproxy is fast and featured TCP/UDP/TLS transparent + socks5 proxy for linux.
Primary aim is to provide best-possible file and GRE export capturing experience, while being:
- fast (written in C++)
- highly configurable (powerful CLI and configuration options)
- secure (extensive TLS security options, STARTTLS)
- flexible ( You can connect to smithproxy also using SOCKS5 protocol.)
You can capture traffic to files, or to resend it in GRE as a remote capture. Indeed, both PCAP file and GRE-encapsulated captures are plaintext, "decrypted" if you will.
CLI is highly configurable with objects, traffic policies and profiles. CLI also handles configuration, you don't need to edit (with very few exceptions) configuration files at all.
Smithproxy will run on any recent linux system, but it requires
root privileges to exploit all transparency options.
Overall performance will benefit from multiple CPU cores, as the traffic is internally load-balanced to multiple threads.
Smithproxy understands DNS (+DoH), having HTTP1 and HTTP2 engines. You can monitor these in CLI, too. So-called "policy features" can further enhance traffic inspection.
If configured, smithproxy will notify webhook server with connection-related information.
Note: introduced in 0.9.32.
Smithproxy can be well a hacking/capturing proxy, or your experimental network firewall.
With the newest webhook and policy features additions, it can be used as a honeynet network firewall.