Open Source Linux Proxy Servers - Page 2
Sort By:
Proxy Servers for Linux
View 51 business solutions-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
1
Skipper
An HTTP router and reverse proxy for service composition
Skipper is an HTTP router and reverse proxy for service composition. It’s designed to handle large amounts of dynamically configured HTTP route definitions (>800000 routes) with detailed lookup conditions, and flexible augmentation of the request flow with filters. It can be used out of the box or extended with custom lookup, filter logic and configuration sources. Skipper identifies routes based on the requests’ properties, such as path, method, host and headers using the predicates. It allows the modification of the requests and responses with filters that are independently configured for each route. Skipper can be used to run as a Kubernetes Ingress controller. Details with examples of Skipper’s capabilities and an overview can be found in the ingress-controller deployment docs. -
2
proxy.py
Utilize all available CPU cores for accepting new client connections
proxy.py is made with performance in mind. By default, proxy.py will try to utilize all available CPU cores to it for accepting new client connections. This is achieved by starting AcceptorPool which listens on configured server port. Then, AcceptorPool starts Acceptor processes (--num-acceptors) to accept incoming client connections. Alongside, if --threadless is enabled, ThreadlessPool is setup which starts Threadless processes (--num-workers) to handle the incoming client connections. Each Acceptor process delegates the accepted client connection to a threadless process via Work class. Currently, HttpProtocolHandler is the default work class. HttpProtocolHandler simply assumes that incoming clients will follow HTTP specification. Specific HTTP proxy and HTTP server implementations are written as plugins of HttpProtocolHandler. -
3
rathole
A lightweight and high-performance reverse proxy for NAT traversal
A secure, stable and high-performance reverse proxy for NAT traversal, written in Rust. rathole, like frp and ngrok, can help to expose the service on the device behind the NAT to the Internet, via a server with a public IP. High Performance Much higher throughput can be achieved than frp, and more stable when handling a large volume of connections. Low Resource Consumption Consumes much fewer memory than similar tools. See Benchmark. The binary can be as small as ~500KiB to fit the constraints of devices, like embedded devices as routers. Security Tokens of services are mandatory and service-wise. The server and clients are responsible for their own configs. With the optional Noise Protocol, encryption can be configured at ease. No need to create a self-signed certificate! TLS is also supported. -
4
SocksCap64
Sockscap64 Makes your Programs Support Socks Proxy
SocksCap64 is an easy and a beautiful way to let the programs you want to work through a specific SOCKS proxy server, even if your applications don't have such an option. It allows you to use different proxies for different programs and make a launch list for the applications you wish to have a peculiar connection. SocksCap64 does not require modifications to the Winsock applications or the Winsock stacks. -
AI-generated apps that pass security reviewRetool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
-
5
OAuth2 Proxy
A reverse proxy that provides authentication with Google, Azure, etc.
A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) to validate accounts by email, domain or group. If you are running a version older than v6.0.0 we strongly recommend you please update to the current version. After returning from the authentication provider, the OAuth tokens are stored in the configured session store (cookie, redis, ...) and a cookie is set. The request is forwarded to the upstream server with added user info and authentication headers (depending on the configuration) oauth2-proxy can be configured via command line options, environment variables or config file (in decreasing order of precedence, i.e. command line options will overwrite environment variables and environment variables will overwrite configuration file settings). -
6
Pangolin
Identity-Aware Tunneled Reverse Proxy Server with Dashboard UI
Pangolin is an open-source, self-hosted tunneled reverse proxy server that brings identity-aware access control and dashboard management to exposing private services securely. It allows you to connect applications and resources behind firewalls or NATs to a central hub, using encrypted tunnels rather than opening public ports or relying entirely on VPNs. With Pangolin you can route traffic from across distributed networks, enforce contextual access rules (such as SSO, geolocation, time of day, IP restrictions), and manage all of your exposed resources in one dashboard. It supports multi-site deployments and highly-available node architectures, enabling you to own your infrastructure yet still get orchestration and control benefits. Pangolin works well for individuals, teams or organizations that need to expose internal web apps, APIs, or services, while maintaining strong authentication, auditing and governance. -
7
Shadowsocks Rust
A Rust port of shadowsocks
Shadowsocks Rust is an open-source, high-performance implementation of the Shadowsocks secure proxy protocol written in Rust, designed to provide fast, encrypted SOCKS5-based tunneling to help users bypass network censorship and protect privacy. Shadowsocks itself is widely used to route internet traffic through an encrypted proxy, allowing secure access to blocked or restricted content while mitigating simple traffic-inspection techniques. By leveraging Rust, this implementation emphasizes memory safety, concurrency, and efficiency, making it suitable for both client and server use on devices ranging from small embedded systems to large servers. The repository includes multiple binaries such as sslocal for local SOCKS5 proxy clients and ssserver for remote proxy servers, giving developers flexible components to build customized proxy setups. It also supports modern asynchronous networking patterns, optional DNS handling, transparent proxy modes, tunneling, and advanced cipher methods. -
8
ssl-proxy
Zero-config SSL reverse proxy with real autogenerated certificates
Simple single-command SSL reverse proxy with autogenerated certificates (LetsEncrypt, self-signed) A handy and simple way to add SSL to your thing running on a VM--be it your personal jupyter notebook or your team jenkins instance. ssl-proxy autogenerates SSL certs and proxies HTTPS traffic to an existing HTTP server in a single command. -
9
SSPanel-UIM
Multi-purpose proxy service management system
SSPanel-UIM is a web interface and management platform for Shadowsocks (a secure SOCKS5 proxy tool often used to circumvent censorship). It supports multi-tenant accounts, traffic quotas, node management, coupon systems, invite codes, and payment gateways integration (for example, Stripe, PayPal, etc.). The platform includes features like user dashboards, usage graphs, IP/device logging, and automatic coupon or traffic renewal logic. Administrators can configure SSR/V2Ray or other proxy backends and synchronize them with the panel, so nodes apply updates or bans uniformly. Because anonymity and reliability matter, SSPanel-UIM includes abuse checks like detection of reused accounts or suspicious traffic patterns. Many deployments are used in regions where open access is restricted and users rely on secure routing tools managed via such control planes to enforce policy and usage. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
10
ShadowsocksR-native
ShadowsocksR (SSRoT) native implementation for all platforms
ShadowsocksR-native is a lightweight secured SOCKS5 proxy for embedded devices and low-end boxes. It's derived from Shadowsocks-libev. -
11
Traefik
An open-source reverse proxy and load balancer
Traefik (pronounced traffic) is a modern HTTP reverse proxy and load balancer that makes deploying microservices easy. Traefik integrates with your existing infrastructure components (Docker, Swarm mode, Kubernetes, Marathon, Consul, Etcd, Rancher, Amazon ECS, ...) and configures itself automatically and dynamically. Pointing Traefik at your orchestrator should be the only configuration step you need. -
12
Screen Squid
Log analyser for Squid access.log
Screen squid is web-based interface for viewing reports based on Squid proxy server log files. It can be accessed from web-browser through more than 50 reports. No extra files, only DB. All reports generated "on-the-fly". And we got personal cabinet for each user/group. -
13
Proxifier is a command line tool which allows users to tunnel Internet applications through HTTPS, SOCKS v4, and SOCKS v5 Proxy Servers. Proxifier can be used to: access the Internet from a home or corporate network through a proxy server running on th
-
14
Athens
A Go module datastore and proxy
Athens provides a server for Go Modules that you can run. It serves public code and your private code for you, so you don’t have to pull directly from a version control system (VCS) like GitHub or GitLab. There are many reasons why you’d want a proxy server such as security and performance. Athens is a project building on top of vgo (or go1.11+) trying to bring dependencies closer to you so you can count on repeatable builds even at a time when VCS is down. The big goal of Athens is to provide a new place where dependencies — not code — live. Dependencies are immutable blobs of code and associated metadata that come from Github. They live in storage that Athens controls. You probably already know what “immutable” means, but let me just point it out again because it’s really important for this whole system. When folks change their packages, iterate, experiment, or whatever else, code on Athens won’t change. -
15
Ergo Proxy
The management of multiple apps running over different ports made easy
The reverse proxy agent for local domain management. The management of multiple apps running over different ports made easy through custom local domains. Ergo's goal is to be a simple reverse proxy that follows the Unix philosophy of doing only one thing and doing it well. Simplicity means no magic involved. -
16
Infrared
An ultra lightweight minecraft reverse proxy and idle placeholder
An ultra lightweight Minecraft reverse proxy and idle placeholder: Ever wanted to have only one exposed port on your server for multiple Minecraft servers? Then Infrared is the tool you need! Infrared works as a reverse proxy using a subdomain to connect clients to a specific Minecraft server. It works similar to Nginx for those of you who are familiar. -
17
Lanproxy
Intranet penetration tool that proxies local area network computers
Lanproxy is an intranet penetration tool that proxies local area network personal computers and servers to the public network. It supports tcp traffic forwarding and any tcp upper layer protocol (access to intranet websites, local payment interface debugging, ssh access, remote desktop, http proxy) , https proxy, socks5 proxy...). Penetration basic functions, same as the open source version, high performance, can support tens of thousands of penetration connections at the same time. Support http/https/socks5 multiple modes Use the client network proxy to surf the Internet, and easily access the company network at home. Custom domain name ssl certificate, you can also enable automatic application and renewal of ssl certificate for your bound domain name without manual intervention. -
18
SMTP Tunnel Proxy
A high-speed covert tunnel that disguises TCP traffic as SMTP email
SMTP Tunnel Proxy is a high-speed covert tunneling proxy that disguises regular TCP traffic as legitimate SMTP email communication to evade deep packet inspection (DPI) firewalls and censorship systems. It implements a SOCKS5 proxy interface on the client that wraps outbound traffic into an SMTP-like handshake (EHLO, STARTTLS, AUTH) and encrypted payload, making the session appear to DPI systems as a normal email exchange. The tool supports modern TLS encryption (STARTTLS) with HMAC-SHA256 authentication, per-user secrets, IP whitelisting, and multiplexed connections over a single tunnel. With a simple installer and systemd service setup, users can quickly deploy it on a Linux VPS as a tunneled access point, then connect from Windows, macOS, or Linux clients using auto-generated client packages. The project is useful for environments where standard VPNs or proxies are blocked, offering a combination of performance and stealth. -
19
gRPC-Gateway
gRPC to JSON proxy generator following the gRPC HTTP spec
gRPC-Gateway is a plugin of protoc. It reads a gRPC service definition and generates a reverse-proxy server which translates a RESTful JSON API into gRPC. This server is generated according to custom options in your gRPC definition. gRPC-Gateway helps you to provide your APIs in both gRPC and RESTful style at the same time. gRPC is great -- it generates API clients and server stubs in many programming languages, it is fast, easy to use, and bandwidth-efficient and its design is combat-proven by Google. However, you might still want to provide a traditional RESTful JSON API as well. Reasons can range from maintaining backward compatibility, supporting languages or clients that are not well supported by gRPC, to simply maintaining the aesthetics and tooling involved with a RESTful JSON architecture. This project aims to provide that HTTP+JSON interface to your gRPC service. -
20
Flazr is a Java implementation of protocols such as RTMP used for multimedia streaming. The Flazr project includes a streaming media server and related utilities.
-
21
Vulcain
Fast and idiomatic client-driven REST APIs
Vulcain is a brand new protocol using HTTP/2 Server Push to create fast and idiomatic client-driven REST APIs. An open-source gateway server that you can put on top of any existing web API to instantly turn it into a Vulcain-compatible one is also provided! It supports hypermedia APIs but also any "legacy" API by documenting its relations using OpenAPI. The protocol has been published as an Internet-Draft that is maintained in this repository. A reference, production-grade, implementation gateway server is also available in this repository. It's free software (AGPL) written in Go. A Docker image is provided. Current solutions for these problems (GraphQL, JSON:API's embedded resources and sparse fieldsets, etc.) are smart network hacks for HTTP/1. But these hacks come with (too) many drawbacks when it comes to HTTP cache, logs and even security. Fortunately, thanks to the new features introduced in HTTP/2, it's now possible to create true REST APIs fixing these problems with ease. -
22
YARP
A toolkit for developing high-performance HTTP reverse proxy apps
YARP is a library to help create reverse proxy servers that are high-performance, production-ready, and highly customizable. We found a bunch of internal teams at Microsoft who were either building a reverse proxy for their service or had been asking about APIs and tech for building one, so we decided to get them all together to work on a common solution, this project. Each of these projects was doing something slightly off the beaten path which meant they were not well served by existing proxies, and customization of those proxies had a high cost and ongoing maintenance considerations. Many of the existing proxies were built to support HTTP/1.1, but with workloads changing to include gRPC traffic, they require HTTP/2 support which requires a significantly more complex implementation. By using YARP the projects get to customize the routing and handling behavior without having to implement the http protocol. -
23
go-mitmproxy
mitmproxy implemented with golang
go-mitmproxy is a Golang implementation of mitmproxy that supports man-in-the-middle attacks and parsing, monitoring, and tampering with HTTP/HTTPS traffic. Parses HTTP/HTTPS traffic and displays traffic details via a web interface. Supports a plugin mechanism for easily extending functionality. Various event hooks can be found in the examples directory. HTTPS certificate handling is compatible with mitmproxy and stored in the ~/.mitmproxy folder. If the root certificate is already trusted from the previous use of mitmproxy, go-mitmproxy can use it directly. Map Remote and Map Local support. -
24
nuster
A high performance HTTP proxy cache server and RESTful NoSQL cache
nuster is a high-performance HTTP proxy cache server and RESTful NoSQL cache server based on HAProxy. It is 100% compatible with HAProxy and takes full advantage of the ACL functionality of HAProxy to provide a fine-grained caching policy based on the content of request, response or server status. nuster can be used as an HTTP/TCP load balancer just like HAProxy. nuster can also be used as a RESTful NoSQL cache server, using HTTP POST/GET/DELETE to set/get/delete Key/Value objects. It can be used as an internal NoSQL cache that sits between your application and a database like Memcached or Redis as well as a user-facing NoSQL cache that sits between the end-user and your application. It supports headers, and cookies, so you can store per-user data to the same endpoint. -
25
mpg321 is a completely Free drop-in replacement for mpg123. It has been designed to work as a drop-in replacement for mpg123, for the use of front ends, shell scripts, etc. It does all mp3 decoding using the high-quality integer-only MAD library.
