etp (Easy Tunnel Proxy) is a lightweight, high-performance tunnel proxy middleware that supports TCP, HTTP protocols, and upper-layer TCP protocols with TLS 1.3 encryption. It enables quick exposure of internal network services to the public internet, facilitating development and testing while reducing the need for cloud server purchases.
- 💻 Supports TCP, HTTP/HTTPS protocols
- 🔐 Utilizes efficient TLS 1.3 encryption
- 🛜 High-performance data transmission
- 🚀 Millisecond-level startup
- 🔗 Connection re-establishment
- 🔐 Authentication
- 🐒 Multi-client support
- 🧿 Automatic mapping port allocation
- 📺 Cross-platform support, including arm64 and amd64 architectures
- 💨 Lightweight with low resource usage
Download the appropriate release package for your operating system. The server is typically deployed on a machine with a public IP address.
This example demonstrates how to expose an internal MySQL service to port 3307 on the public internet.
Edit the configuration file
etps.tomlwith the following content:
bindPort=9527
[[clients]]
name = "Mac" # Client name
secretKey = "your-client-auth-key" #[Required] Custom 32-bit key
[[clients.proxies]]
name = "mysql" #[Optional] Service name
type = "tcp" #[Required] Network protocol
localPort = 3306 #[Required] Internal service port
remotePort = 3307 #[Optional] Public service port; if not specified, a random port will be assignedStart the etp server on a Linux server with a public IP address for external access.
nohup ./etps -c etps.toml &Edit the configuration file
etpc.toml:
serverAddr = "x.x.x.x" # Server IP address where etps is deployed
serverPort=9527 # Server's bindPort
secretKey="your-client-auth-key" # Must match the server configurationStart the client on the internal network computer, using a Unix-based system as an example:
./etpc -c etpc.toml # Or run in the background: nohup ./etpc -c etpc.toml & 🔔 Note: If the configuration file is in the same directory as the executable, the -c flag is not required.
After successful startup, connect to MySQL using port 3307.
1️⃣ First, download the certificate generation command-line tool generate_ssl_cert.sh to your local machine (alternatively, use JDK's keytool). For detailed usage, refer to the certificate generation documentation. This tool currently requires a JDK environment.
2️⃣ After downloading the script, execute the following command to generate certificates and keys. If you prefer simplicity, run the script without parameters to automatically generate complex keys.
sudo sh cert-gen.sh -serverStorePass s123456 -clientStorePass c123456 -keypass k123456
3️⃣ The script generates two key certificate files: server.p12 for the server and client.p12 for the client. Configure these in the respective toml files.
- Add the following to the
etps.tomlconfiguration file:
ssl = true
[keystore]
path = "your-server-certificate-path" # Server certificate path
keyPass = "your-private-key" # Private key
storePass = "your-server-keystore-password" # Server keystore password- Add the following to the
etpc.tomlconfiguration file:
ssl = true
[truststore]
path = "your-client-certificate-path" # Certificate path
storePass = "your-client-keystore-password" # Client keystore password
⚠️ Warning: Ifsslis set totrue, both server and client must enable SSL, or an error will occur!
For more details, refer to the certificate configuration documentation.
Submit issues: issues