Open Source Linux Proxy Servers
Sort By:
Proxy Servers for Linux
View 51 business solutionsBrowse free open source Proxy Servers and projects for Linux below. Use the toggles on the left to filter open source Proxy Servers by OS, license, language, programming language, and project status.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
1
Anti-Spam SMTP Proxy Server
Anti-Spam SMTP Proxy Server implements multiple spam filters
The Anti-Spam SMTP Proxy (ASSP) Server project aims to create an open source platform-independent SMTP Proxy server which implements auto-whitelists, self learning Hidden-Markov-Model and/or Bayesian, Greylisting, DNSBL, DNSWL, URIBL, SPF, SRS, Backscatter, Virus scanning, attachment blocking, Senderbase and multiple other filter methods. Click 'Files' to download the professional version 2.8.1 build 24261. A linux(ubuntu 20.04 LTS) and a freeBSD 12.2 based ready to run OVA of ASSP V2 are also available for download. NOTICE: V1 development has been stopped at the end of 2014 (1.10.1 build 16060). Possibly there will be done some bugfixing in future. Please upgrade to V2, which is and will be actively maintained. -
2
Sing-box
The universal proxy platform
Sing-box is a universal proxy platform written in Go with support for servers and clients across platforms. It handles multiple proxy protocols with advanced routing, supports TUN-based transparent proxying, and offers both CLI and native graphical clients. -
3
Cloudflare Tunnel Client
Cloudflare Tunnel Client
Contains the command-line client for Cloudflare Tunnel, a tunneling daemon that proxies traffic from the Cloudflare network to your origins. This daemon sits between Cloudflare network and your origin (e.g. a webserver). Cloudflare attracts client requests and sends them to you via this daemon, without requiring you to poke holes on your firewall --- your origin can remain as closed as possible. Extensive documentation can be found in the Cloudflare Tunnel section of the Cloudflare Docs. All usages related with proxying to your origins are available under cloudflared tunnel help. You can also use cloudflared to access Tunnel origins (that are protected with cloudflared tunnel) for TCP traffic at Layer 4 (i.e., not HTTP/web socket), which is relevant for use cases such as SSH, RDP, etc. Such usages are available under cloudflared access help. -
4
ngrok
Unified ingress for developers
ngrok is a globally distributed, secure reverse proxy and tunneling service that exposes applications running on local machines behind NATs or firewalls to the public internet. It simplifies remote debugging, webhooks integration, and secure ingress by wrapping reverse proxy, firewall traversal, API gateway, and load-balancing functionality into a single tool. ngrok is a globally distributed reverse proxy that secures, protects and accelerates your applications and network services, no matter where you run them. You can think of ngrok as the front door to your applications. ngrok combines your reverse proxy, firewall, API gateway, and global load balancing into one. ngrok can capture and analyze all traffic to your web service for later inspection and replay. -
Fully Managed MySQL, PostgreSQL, and SQL ServerCloud SQL handles your database ops end to end, so you can focus on your app.
-
5
Jackett
API Support for your favorite torrent trackers
Jackett works as a proxy server, it translates queries from apps (Sonarr, Radarr, SickRage, CouchPotato, Mylar3, Lidarr, DuckieTV, qBittorrent, Nefarious, etc.) into tracker-site-specific HTTP queries, parses the HTML or JSON response, and then sends results back to the requesting software. This allows for getting recent uploads (like RSS) and performing searches. Jackett is a single repository of maintained indexer scraping & translation logic, removing the burden from other apps. Trackers marked with (invite needed) have no active maintainer and may be missing features or be broken. If your client supports multiple feeds it's recommended to add each indexer directly instead of using all indexers. Using the all indexer has no advantages (besides reduced management overhead). We recommend you install Jackett as a Windows service using the supplied installer. You may also download the zipped version if you would like to configure everything manually. -
6
1337x Proxy List
1337x Proxy List for 2026
1337x Proxy List is an open-source repository that curates a collection of proxy and mirror sites designed to provide access to the 1337x torrent platform when it is blocked or restricted in certain regions. The project aggregates and maintains a list of working proxy URLs that allow users to bypass ISP or government restrictions by routing traffic through alternative domains. These proxy sites replicate the original 1337x interface and functionality, enabling users to browse, search, and download torrent files as if they were accessing the main site directly. The repository is updated periodically to ensure that listed proxies remain functional, as many of them may go offline or become blocked over time. It also includes explanations of why torrent sites are often restricted, typically due to copyright enforcement and bandwidth concerns. -
7
UFTP
Encrypted UDP based FTP with multicast
UFTP is an encrypted multicast file transfer program, designed to securely, reliably, and efficiently transfer files to multiple receivers simultaneously. This is useful for distributing large files to a large number of receivers, and is especially useful for data distribution over a satellite link (with two way communication), where the inherent delay makes any TCP based communication highly inefficient. The multicast encryption scheme is based on TLS with extensions to allow multiple receivers to share a common key. UFTP also has the capability to communicate over disjoint networks separated by one or more firewalls (NAT traversal) and without full end-to-end multicast capability (multicast tunneling) through the use of a UFTP proxy server. These proxies also provide scalability by aggregating responses from a group of receivers. -
8
frp
A Fast Reverse Proxy
frp stands for exactly what it is: a fast reverse proxy. It helps you expose a local server behind a NAT or firewall to the Internet. It is currently under development, but already supports TCP and UDP, as well as HTTP and HTTPS protocols where requests can be forwarded to internal services by domain name. It also has a P2P connect mode and many other nifty features. These include configuration files, environment variables, a dashboard that shows you frp's status and proxies' statistics information, an Admin UI that helps you check and manage frpc's configuration, and many others. -
9
XX-Net
A web proxy tool
XX-Net is an easy-to-use, anti-censorship web proxy tool from China. It includes GAE_proxy and X-Tunnel, with support for multiple platforms. -
Custom VMs From 1 to 96 vCPUs With 99.95% UptimeLive migration and automatic failover keep workloads online through maintenance. One free e2-micro VM every month.
-
10
RELIANOID
Network Load Balancer and Application Security
RELIANOID is an open core (Debian GNU/Linux based) Application Delivery Controller (ADC) with advanced load balancing features such as Network Load Balancer, Application Load Balancer with SSL offloading, Advance Network Configuration including Virtual Interfaces, VLANs, Bonding with link aggregation, IPv4/IPv6, advanced routing, stateless cluster, web GUI, JSON API and much more! Enterprise Edition Load Balancer is available with extra features such as global service load balancing (gslb), application security including web application firewall (WAF), blacklists, Realtime Blackhole Lists (DNSBL), DDoS protection, stateful clustering, SNMP monitoring, email and SNMP notifications, RBAC, VPN support, and the best Support directly from an expert Team. -
11
FlareSolverr
Proxy server to bypass Cloudflare protection
FlareSolverr is a proxy server to bypass Cloudflare and DDoS-GUARD protection. FlareSolverr starts a proxy server, and it waits for user requests in an idle state using few resources. When some request arrives, it uses puppeteer with the stealth plugin to create a headless browser (Firefox). It opens the URL with user parameters and waits until the Cloudflare challenge is solved (or timeout). The HTML code and the cookies are sent back to the user, and those cookies can be used to bypass Cloudflare using other HTTP clients. Web browsers consume a lot of memory. If you are running FlareSolverr on a machine with few RAM, do not make many requests at once. With each request, a new browser is launched. It is also possible to use a permanent session. However, if you use sessions, you should make sure to close them as soon as you are done using them. It is recommended to install using a Docker container because the project depends on an external browser that is already included. -
12
TG WS Proxy
Telegram SOCKS5 proxy with WebSocket (WSS) for acceleration and blocki
TG WS Proxy is a lightweight and secure Telegram proxy designed to improve Telegram Desktop performance using a local SOCKS5 proxy with WebSocket (WSS) transport. It helps users bypass network restrictions, firewalls, and ISP throttling while maintaining full end-to-end MTProto encryption. The application runs entirely on the local machine and does not rely on external proxy servers, ensuring privacy and security. TG WS Proxy intelligently intercepts Telegram connections, detects the target data center (DC), and routes traffic through optimized WebSocket connections over TLS. This method improves connection stability and reduces latency, especially in restricted or unstable networks. If WebSocket transport is not available, the proxy automatically falls back to a direct TCP connection, ensuring uninterrupted Telegram access. TG WS Proxy supports Windows, macOS, and Linux, includes both GUI (system tray) and CLI modes, and offers easy setup with Telegram Desktop via SOCKS5 conf -
13
gost
GO Simple Tunnel, a simple tunnel written in golang
A simple security tunnel written in Golang. Listening on multiple ports, multi-level forward proxies - proxy chain, standard HTTP/HTTPS/HTTP2/SOCKS4(A)/SOCKS5 proxy protocols support. Probing resistance support for web proxy, TLS encryption via negotiation support for SOCKS5 proxy. Support multiple tunnel types, tunnel UDP over TCP. Local/remote TCP/UDP port forwarding, TCP/UDP Transparent proxy, Shadowsocks Protocol (TCP/UDP), and SNI Proxy. Permission control, load balancing, route control, DNS resolver and proxy, and TUN/TAP Device. In GOST, GOST and other proxy services are considered as proxy nodes, GOST can handle the requests itself, or forward the requests to any one or more proxy nodes. In addition to configuring services directly from the command line, parameters can also be set by specifying the external configuration file with the -C parameter. -
14
V2Fly
A platform for building proxies to bypass network restrictions
V2Fly Project V is a set of network tools that helps you to build your own computer network. It secures your network connections and thus protects your privacy. Help you build an exclusive basic communication network. A V2Ray process can concurrently support multiple inbound and outbound protocols, and each protocol can work independently. Inbound traffic can be sent from different outlets according to the configuration. Easily implement distribution by region or domain name to achieve optimal network performance. V2Ray can open multiple protocol support at the same time, including Socks, HTTP, Shadowsoks and VMess. The transmission carrier can be set separately for each protocol, such as TCP, mKCP and WebSocket. Nodes of V2Ray can be disguised as a normal website (HTTPS) to confuse its traffic with normal web traffic to avoid third-party interference. Universal reverse proxy support can achieve intranet penetration. -
15
SKUDONET
SKUDONET Open Source Load Balancer and Web Application Firewall
SKUDONET Community Edition is an Open Source Load Balancer and Web Application Firewall (WAF) designed for Linux server environments. Formerly known as Zevenet, it is based on Debian 12.8, providing a stable and secure foundation for reliable application delivery and cybersecurity. This edition is suitable for Linux and Windows server deployments (not for mobile platforms), offering advanced Layer 4 and Layer 7 traffic management with support for up to 250,000 TCP requests per second (L4) and 70,000 HTTPS requests per second (L7). SKUDONET Community Edition includes a full REST JSON API for integration into on-premises or hybrid cloud infrastructures, and it is used in thousands of deployments worldwide. Documentation, administration guides, and API references are available at: https://www.skudonet.com/knowledge-base/ -
16
EdgeVPN
The immutable, decentralized, statically built p2p VPN
Fully Decentralized. Immutable. Portable. Easy to use Statically compiled VPN and a reverse proxy over p2p. EdgeVPN uses libp2p to build private decentralized networks that can be accessed via shared secrets. -
17
Caddy
Powerful, enterprise-ready, open source web server w/ automatic HTTPS
Caddy is a powerful, extensible, enterprise-ready server platform that uses TLS by default. Everything you would require in your infrastructure, from TLS certificate renewals and OCSP stapling, to reverse proxying and ingress, Caddy simplifies it all. Its modular architecture lets you do more with just a single static binary that compiles for any platform. Caddy is the only web server that uses HTTPS automatically and by default. It automatically renews TLS certificates, staples OCSP responses and more. Though used mostly as an HTTPS server, Caddy can be used to run Go applications, offering automated documentation, graceful on-line config changes via API and more to these apps. Caddy is very extensible, with a powerful plugin system unlike any other web server. -
18
c-icap is an implementation of an ICAP server. It can be used with HTTP proxies that support the ICAP protocol such as the Squid 3.x HTTP proxy server to implement content adaptation/filtering services.
-
19
Pomerium
Pomerium is an identity and context-aware access proxy
Secure, context-aware access that just works. Access internal resources securely. Implement zero trust. Achieve compliance. All without the headache of a VPN. For teams that prefer a hosted solution while keeping data governance. For organizations that need advanced scaling, access control, and governance capabilities. IT and developers need a scalable access control solution to keep users productive, happy, and secure. Pomerium uses identity and context to ensure secure access to internal applications, servers, and infrastructure even from untrusted networks. Pomerium adds authentication and authorization to any application or server, giving IT Management a centralized panel for organization-wide control. Assert compliance in your current architecture without giving up control over data tenancy. Pomerium supports your infrastructure and can be deployed in all environments: cloud, hybrid, or on-prem. From AWS to Kubernetes and more, your internal and 3rd-party apps are covered. -
20
V2Ray-Agent
Xray, Tuic, hysteria2, sing-box
An all-in-one V2Ray/Xray agent script to automate proxy server deployment on Linux. Supports multiple protocols (VLESS, VMess, Shadowsocks, WireGuard), automatic certificate generation, CDN node management, and multi-VPS subscription configurations—often used for network optimization or censorship circumvention. -
21
fanqiang
Over the Wall - Science Online
Over the wall-Scientific Internet, over-the-wall tool, over-the-wall tutorial project library. -
22
ShadowsocksR-native
ShadowsocksR (SSRoT) native implementation for all platforms
ShadowsocksR-native is a lightweight secured SOCKS5 proxy for embedded devices and low-end boxes. It's derived from Shadowsocks-libev. -
23
SocksCap64
Sockscap64 Makes your Programs Support Socks Proxy
SocksCap64 is an easy and a beautiful way to let the programs you want to work through a specific SOCKS proxy server, even if your applications don't have such an option. It allows you to use different proxies for different programs and make a launch list for the applications you wish to have a peculiar connection. SocksCap64 does not require modifications to the Winsock applications or the Winsock stacks. -
24
This program allows you to use SSH, TELNET, VNC, FTP and any other Internet application from behind HTTP(HTTPS) and SOCKS(4/5) proxy servers. This "proxifier" provides proxy server support to any app.
-
25
OAuth2 Proxy
A reverse proxy that provides authentication with Google, Azure, etc.
A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. If you are running a version older than v6.0.0 we strongly recommend you please update to the current version. After returning from the authentication provider, the OAuth tokens are stored in the configured session store (cookie, redis, ...) and a cookie is set. The request is forwarded to the upstream server with added user info and authentication headers (depending on the configuration) oauth2-proxy can be configured via command line options, environment variables or config file (in decreasing order of precedence, i.e. command line options will overwrite environment variables and environment variables will overwrite configuration file settings).
