mirror/naiveproxy
1
0
Fork 0
mirror of https://github.com/klzgrad/naiveproxy.git synced 2024-11-24 06:16:30 +03:00
Code Issues Projects Releases Wiki Activity
Make a fortune quietly
33 Commits 65 Branches 132 Tags 340 MiB
C++ 81.4%
Python 14.1%
C 1.5%
Objective-C++ 1.1%
Starlark 0.5%
Other 1.2%
2209bce24f
Go to file
klzgrad 2209bce24f Add documentation
2019-03-23 16:56:08 +08:00
src Fix option parsing 2019-03-23 16:56:08 +08:00
tests Add tests 2019-03-23 16:56:08 +08:00
tools Add source import tool 2019-03-23 16:56:08 +08:00
.appveyor.yml Add documentation 2019-03-23 16:56:08 +08:00
.gitignore Add .gitignore 2019-03-23 16:56:08 +08:00
.travis.yml Add documentation 2019-03-23 16:56:08 +08:00
CHROMIUM_VERSION Add source import tool 2019-03-23 16:56:08 +08:00
LICENSE Add LICENSE 2019-03-23 16:56:08 +08:00
README.md Add documentation 2019-03-23 16:56:08 +08:00
USAGE.txt Add documentation 2019-03-23 16:56:08 +08:00

README.md

NaiveProxy Build Status Build status

A secure, analysis-resistent proxy framework.

The main goal is to improve censorship resistence by reducing distinguishable traffic features. Privacy and integrity are simultaneously achieved through implementations of TLS best practices.

The following attacks are mitigated:

  • Website fingerprinting / traffic classification: mitigated by traffic multiplexing in HTTP/2.
  • TLS parameter fingerprinting: defeated by using identical behaviors from Chromium's network stack.
  • Active probing: defeated by application fronting, using a common frontend with application-layer routing capability, e.g. HAProxy.
  • Length-based traffic analysis: mitigated by length padding.

Download

See latest release.

Note: On Linux libnss3 must be installed before using the prebuilt binary.

Build

If you don't like to use downloaded binaries, you can build it.

  • Prerequisites:
    • Ubuntu (apt-get install): git, python2, ninja-build (>= 1.7), pkg-config, libnss3-dev, ccache (optional)
    • MacOS (brew install): git, ninja, ccache (optional)
    • Windows (choco install): git, python2, ninja, visualstudio2017community. See Chromium's page for detail on Visual Studio setup requirements.

Build it:

git clone https://github.com/klzgrad/naiveproxy.git
cd naiveproxy/src
./get-clang.sh
./build.sh

The build scripts download tools from Google servers with curl. If there is trouble try to set a proxy environment variable for curl, e.g.: export ALL_PROXY=socks5h://127.0.0.1:1080.

Verify:

./out/Release/naive --log &
curl -v --proxy socks5h://127.0.0.1:1080 google.com

Setup

Server setup is required first, see Server Setup.

There are three tiers of client setup:

  • The portable setup is clientless: point your browser directly to the server as an HTTPS proxy. You don't need to download, build, or run anything client-side, but this setup is prone to traffic analysis due to lack of obfuscation.
  • The fast setup improves performance by running Naive client locally as a SOCKS5 proxy. Point your browser to the address of Naive client. You don't need to run Naive server in this setup.
  • The full setup obfuscates traffic by running both Naive client and server. Point your browser to the local SOCKS5 proxy provided by Naive client.

To run Naive client:

./naive --proxy=https://user:pass@domainname.example

You can also store the config in config.json, example:

{
  "proxy": "https://user:pass@domainname.example"
}

Naive client will detect and read from config.json by default. The default listening port is 1080 as SOCKS5.

For more information on parameter usage and Naive server, see USAGE.txt.

See also Parameter Tuning to improve client-side performance.