Open Source Rust Proxy Servers

Shadowsocks Rust is an open-source, high-performance implementation of the Shadowsocks secure proxy protocol written in Rust, designed to provide fast, encrypted SOCKS5-based tunneling to help users bypass network censorship and protect privacy. Shadowsocks itself is widely used to route internet traffic through an encrypted proxy, allowing secure access to blocked or restricted content while mitigating simple traffic-inspection techniques. By leveraging Rust, this implementation emphasizes memory safety, concurrency, and efficiency, making it suitable for both client and server use on devices ranging from small embedded systems to large servers. The repository includes multiple binaries such as sslocal for local SOCKS5 proxy clients and ssserver for remote proxy servers, giving developers flexible components to build customized proxy setups. It also supports modern asynchronous networking patterns, optional DNS handling, transparent proxy modes, tunneling, and advanced cipher methods.

Open source HTTP reverse proxy built in Rust for immutable infrastructures. Most existing tools have a static vision of production: a service is installed once on a long-lived server, updated from time to time, with configuration rarely changing. There's now a shift in infrastructure to short-lived virtual machines and hundreds of new deployments per day, and the usual tools reach their limits. How do we reconcile a dynamic environment with availability guarantees? How can we get "zero downtime" deployments for critical services? SŌZU is a HTTP reverse proxy built in Rust, that can handle fine-grained configuration changes at runtime without reloads, and is designed to never ever stop. SŌZU receives and handles configuration changes at runtime and updates its internal configuration without restarts. You can update the configuration multiple times per second, and it will take care of lingering connections.

A secure, stable and high-performance reverse proxy for NAT traversal, written in Rust. rathole, like frp and ngrok, can help to expose the service on the device behind the NAT to the Internet, via a server with a public IP. High Performance Much higher throughput can be achieved than frp, and more stable when handling a large volume of connections. Low Resource Consumption Consumes much fewer memory than similar tools. See Benchmark. The binary can be as small as ~500KiB to fit the constraints of devices, like embedded devices as routers. Security Tokens of services are mandatory and service-wise. The server and clients are responsible for their own configs. With the optional Noise Protocol, encryption can be configured at ease. No need to create a self-signed certificate! TLS is also supported.