• Homepage: https://github.com/kpdyer/fteproxy
• Source code: https://github.com/kpdyer/fteproxy
• Publication: https://kpdyer.com/publications/ccs2013-fte.pdf

fteproxy provides transport-layer protection to resist keyword filtering, censorship and discriminatory routing policies. Its job is to relay datastreams, such as web browsing traffic, by encoding the stream into messages that satisfy a user-specified regular expression.

fteproxy is powered by Format-Transforming Encryption [1] and was presented at CCS 2013.

[1] Protocol Misidentification Made Easy with Format-Transforming Encryption, Kevin P. Dyer, Scott E. Coull, Thomas Ristenpart and Thomas Shrimpton

• Python 3.8 or higher

pip install fteproxy

git clone https://github.com/kpdyer/fteproxy.git
cd fteproxy
pip install -r requirements.txt
pip install -e .

fteproxy operates as a client-server proxy:

[Application] <-> [fteproxy client] <--FTE encoded--> [fteproxy server] <-> [Destination]

On the server machine:

python3 -m fteproxy --mode server --server_ip 0.0.0.0 --server_port 8080 --proxy_ip 127.0.0.1 --proxy_port 8081

This listens for FTE-encoded connections on port 8080 and forwards decoded traffic to 127.0.0.1:8081.

On the client machine:

python3 -m fteproxy --mode client --client_ip 127.0.0.1 --client_port 8079 --server_ip <server-ip> --server_port 8080

This listens for plaintext connections on port 8079 and forwards FTE-encoded traffic to the server.

python -m pytest fteproxy/tests/ -v

MIT License - see LICENSE for details.

Kevin P. Dyer ([email protected])