{ "info": { "author": "Vladislav Yarmak", "author_email": "vladislav-ex-src@vm-0.com", "bugtrack_url": null, "classifiers": [ "Development Status :: 4 - Beta", "Environment :: No Input/Output (Daemon)", "Intended Audience :: System Administrators", "License :: OSI Approved :: MIT License", "Natural Language :: English", "Operating System :: OS Independent", "Programming Language :: Python :: 3.5", "Topic :: Internet", "Topic :: Security" ], "description": "# ptw\n\nPooling TLS Wrapper\n\nAccepts TCP connections on listen port and forwards them, wrapped in TLS, to destination port. `ptw` maintains pool of fresh established TLS connections effectively cancelling delay caused by TLS handshake.\n\nptw may serve as drop-in replacement for stunnel or haproxy for purpose of secure tunneling of TCP connections. Thus, it is intended for use with stunnel or haproxy on server side, accepting TLS connections and forwarding them, for example, to SOCKS proxy. In such configuration make sure your server timeouts long enough to allow fit lifetime of idle client TLS sessions (`-T` option).\n\n`ptw` can be used with custom CAs and/or mutual TLS auth with certificates.\n\n## Features\n\n* Based on proven TLS security and works with well-known server side daemons for TLS termination like haproxy and stunnel.\n* Firewall- and DPI-proof: connections are indistinguishable from HTTPS traffic. See `haproxy.cfg` in [config\\_examples](https://github.com/Snawoot/ptw/tree/master/config_examples) directory for complete example of webserver masquerading proxy.\n* Greater practical performance comparing to other TCP traffic forwading solutions thanks to separate TLS session for each TCP connection.\n* Hides TLS connection delay with connection pooling.\n* Supports transparent proxy mode.\n* Supports TLS SNI (server name indication) spoof - it may be useful to bypass SNI based filters in firewalls.\n* Cross-plaform: runs on Linux, macOS, Windows and other Unix-like systems.\n\n## Requirements\n\n* Python 3.5.3+\n\n## Installation\n\n```\npip3 install ptw\n```\n\n## Deployment with Docker\n\nptw is also provided as docker image. You may run it like this:\n\n```sh\ndocker run -it --rm yarmak/ptw --help\n```\n\nIn addition, there are docker-compose recipes for deployment of client (ptw) and server suite (haproxy with mutual TLS auth, Dante SOCKS proxy and decoy HTTP-server). See [docker\\_deploy](https://github.com/Snawoot/ptw/tree/master/docker_deploy) directory for complete docker deployment guide.\n\n## Usage\n\nSee [quickcerts](https://pypi.org/project/quickcerts/) for easy TLS certificate generator.\n\n#### Wrapper for SOCKS/HTTP proxy\n\n```\nptw -c mycert.pem -k mykey.pem -C ca.pem -n 50 -T 300 example.com 1443\n```\n\nCorresponding minimal haproxy configuration on server:\n\n```\n...\n\ndefaults\n log global\n mode tcp\n option tcplog\n option dontlognull\n timeout connect 5000\n timeout check 5000\n timeout client 600000\n timeout server 600000\n timeout tunnel 600000\n\nfrontend socks-proxy\n bind *:1443 ssl crt /etc/haproxy/server.combined.pem ca-file /etc/haproxy/ca.pem verify required\n default_backend socks-proxy\n\nbackend socks-proxy\n server localsocks 127.0.0.1:1080\n\n```\n\nThis command will accept TCP connections on port 57800, wrap them in TLS and forward them to port 1443 of example.com host, maintaining pool of at least 50 TLS connections no older than 300 seconds. For client TLS authentication see also `-c` and `-k` options.\n\nSee also [config\\_examples](https://github.com/Snawoot/ptw/tree/master/config_examples) directory for full configuration files for haproxy and danted.\n\n#### Transparent proxy for TCP connections\n\nRun on your router:\n\n```\nptw -a 0.0.0.0 -c mycert.pem -k mykey.pem -C ca.pem -n 50 -T 300 -P v1 example.com 2443\n```\n\nAdd following rule to iptables:\n\n```sh\niptables -I PREROUTING 1 -t nat -p tcp -s 192.168.0.0/16 '!' -d 192.168.0.0/16 -j REDIRECT --to 57800\n```\n\nAssuming your local network is covered by prefix `192.168.0.0/16`.\n\nCorresponding haproxy config sections:\n\n```\nfrontend tls-wrapper\n bind *:2443 ssl crt /etc/haproxy/server.combined.pem ca-file /etc/haproxy/ca.pem verify required\n default_backend strip-proxy\n\nbackend strip-proxy\n server strip-proxy 127.0.0.1:41718\n\nfrontend strip-proxy\n bind 127.0.0.1:41718 accept-proxy\n default_backend passthrough\n\nbackend passthrough\n server direct *\n```\n\nThis setup will redirect all TCP connections in your network. If your server supports proxy protocol version 2, you may use it as well (option `-P v2`).\n\n#### Universal haproxy configuration\n\nAlso you may share PROXY protocol, SOCKS protocol listener and decoy webserver on single external port. See `haproxy.cfg` in [config\\_examples](https://github.com/Snawoot/ptw/tree/master/config_examples) directory.\n\n## Synopsis\n\n```\n$ ptw --help\nusage: ptw [-h] [-v {debug,info,warn,error,fatal}] [-l FILE]\n [--disable-uvloop] [-a BIND_ADDRESS] [-p BIND_PORT]\n [-P {none,v1,v2}] [-n POOL_SIZE] [-B BACKOFF] [-T TTL] [-w TIMEOUT]\n [-c CERT] [-k KEY] [-C CAFILE]\n [--no-hostname-check | --tls-servername TLS_SERVERNAME]\n dst_address dst_port\n\nPooling TLS wrapper\n\npositional arguments:\n dst_address target hostname\n dst_port target port\n\noptional arguments:\n -h, --help show this help message and exit\n -v {debug,info,warn,error,fatal}, --verbosity {debug,info,warn,error,fatal}\n logging verbosity (default: info)\n -l FILE, --logfile FILE\n log file location (default: None)\n --disable-uvloop do not use uvloop even if it is available (default:\n False)\n\nlisten options:\n -a BIND_ADDRESS, --bind-address BIND_ADDRESS\n bind address (default: 127.0.0.1)\n -p BIND_PORT, --bind-port BIND_PORT\n bind port (default: 57800)\n -P {none,v1,v2}, --proxy-protocol {none,v1,v2}\n transparent mode: prepend all connections with proxy-\n protocol data (default: none)\n\npool options:\n -n POOL_SIZE, --pool-size POOL_SIZE\n connection pool size (default: 25)\n -B BACKOFF, --backoff BACKOFF\n delay after connection attempt failure in seconds\n (default: 5)\n -T TTL, --ttl TTL lifetime of idle pool connection in seconds (default:\n 30)\n -w TIMEOUT, --timeout TIMEOUT\n server connect timeout (default: 4)\n\nTLS options:\n -c CERT, --cert CERT use certificate for client TLS auth (default: None)\n -k KEY, --key KEY key for TLS certificate (default: None)\n -C CAFILE, --cafile CAFILE\n override default CA certs by set specified in file\n (default: None)\n --no-hostname-check do not check hostname in cert subject. This option is\n useful for private PKI and available only together\n with \"--cafile\" (default: False)\n --tls-servername TLS_SERVERNAME\n specifies hostname to expect in server TLS certificate\n (default: None)\n```\n\n\n", "description_content_type": "text/markdown", "docs_url": null, "download_url": "", "downloads": { "last_day": -1, "last_month": -1, "last_week": -1 }, "home_page": "https://github.com/Snawoot/ptw", "keywords": "", "license": "MIT", "maintainer": "", "maintainer_email": "", "name": "ptw", "package_url": "https://pypi.org/project/ptw/", "platform": "", "project_url": "https://pypi.org/project/ptw/", "project_urls": { "Homepage": "https://github.com/Snawoot/ptw" }, "release_url": "https://pypi.org/project/ptw/0.4.4/", "requires_dist": [ "sdnotify (>=0.3.2)", "uvloop (>=0.11.0) ; extra == 'uvloop'" ], "requires_python": ">=3.5.3", "summary": "Pooling TLS Wrapper", "version": "0.4.4" }, "last_serial": 5816917, "releases": { "0.2.0": [ { "comment_text": "", "digests": { "md5": "80359003c52352b92f626f37cac78fa6", "sha256": "bfe35d8e191138dcddc1e7acee903ed6644f2813975c5ac6e265d71a19bae4a5" }, "downloads": -1, "filename": "ptw-0.2.0-py3-none-any.whl", "has_sig": false, "md5_digest": "80359003c52352b92f626f37cac78fa6", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5.3", "size": 10671, "upload_time": "2019-06-16T21:32:31", "url": "https://files.pythonhosted.org/packages/8e/49/754bfe67bb74887117ba40b01e0ab8066f6793f346984a8eb5ab63549fa2/ptw-0.2.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "d6d3abc1b18d58f1870dd8e5a8b558e6", "sha256": "c8c21b5816aa38995b1ade85b3d20278d0a6c59a0b7ded6979575653b72c8867" }, "downloads": -1, "filename": "ptw-0.2.0.tar.gz", "has_sig": false, "md5_digest": "d6d3abc1b18d58f1870dd8e5a8b558e6", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5.3", "size": 8649, "upload_time": "2019-06-16T21:32:35", "url": "https://files.pythonhosted.org/packages/98/1b/7873f05f5f7e4abc3c731ed3d32c8184b3de3f2e4b729112d270b520d1e3/ptw-0.2.0.tar.gz" } ], "0.2.1": [ { "comment_text": "", "digests": { "md5": "a4996bebb799a11e5501d5c9c73ef70a", "sha256": "54f8d33a0529443835e6feb929118d57f718d2140e4791e031bd5bcf7866a75b" }, "downloads": -1, "filename": "ptw-0.2.1-py3-none-any.whl", "has_sig": false, "md5_digest": "a4996bebb799a11e5501d5c9c73ef70a", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5.3", "size": 10647, "upload_time": "2019-06-18T11:28:54", "url": "https://files.pythonhosted.org/packages/e1/58/83b73696c1097f58b7ff2c3ba2489f0caa8362d0f2002b641047a7186504/ptw-0.2.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "501a04f9e7f83adbc3cbc8a2dacddc0b", "sha256": "198e5939a454f802fed428b8945fb5fa8e2fead402ae88ce4079cc71ca1fbb1f" }, "downloads": -1, "filename": "ptw-0.2.1.tar.gz", "has_sig": false, "md5_digest": "501a04f9e7f83adbc3cbc8a2dacddc0b", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5.3", "size": 8632, "upload_time": "2019-06-18T11:28:56", "url": "https://files.pythonhosted.org/packages/b0/e6/449e9f37583f006758519233b3b56cd0e406125a4abe0dd7dc3e1395a125/ptw-0.2.1.tar.gz" } ], "0.3.0": [ { "comment_text": "", "digests": { "md5": "84b344673799520c7c839a3722a983c0", "sha256": "1503f01aefef0c6c6fa254d1e052da77e0ccf870c6e4ff6e3583258a9a849dbd" }, "downloads": -1, "filename": "ptw-0.3.0-py3-none-any.whl", "has_sig": false, "md5_digest": "84b344673799520c7c839a3722a983c0", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5.3", "size": 12894, "upload_time": "2019-07-11T15:00:15", "url": "https://files.pythonhosted.org/packages/fb/6e/c64b9885cd12ab37c9db712bfea58aa069164f349aabdae174f2be848c21/ptw-0.3.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "30ae7ebd12ead52db4e73ad49604a948", "sha256": "d96de3a8b5eb6467ab8377be82c2ef6fe862a59b33de86d628e31253d384a721" }, "downloads": -1, "filename": "ptw-0.3.0.tar.gz", "has_sig": false, "md5_digest": "30ae7ebd12ead52db4e73ad49604a948", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5.3", "size": 11930, "upload_time": "2019-07-11T15:00:17", "url": "https://files.pythonhosted.org/packages/62/8c/b89cd5e143c96eeae674232a342aa7513fa27f8454e5cf84ba069e192aac/ptw-0.3.0.tar.gz" } ], "0.4.0": [ { "comment_text": "", "digests": { "md5": "ccce25992130fd115ad3d68e9781aeb4", "sha256": "59b284d96d15320d98e41822cf4249ea9bf5350da0a9231150eb3646cd16dfd9" }, "downloads": -1, "filename": "ptw-0.4.0-py3-none-any.whl", "has_sig": false, "md5_digest": "ccce25992130fd115ad3d68e9781aeb4", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5.3", "size": 13643, "upload_time": "2019-07-12T17:07:17", "url": "https://files.pythonhosted.org/packages/be/4d/6b7ef3289cc6c479e78c799e9f3c20ccbe0df57d42b946b9d33df5f94430/ptw-0.4.0-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "b80f63ef6b5dd3db20683061b76a1c85", "sha256": "caa0c1afcd4536ea45e129b3b9288a3e8b4b160c8b052c73609e21855d0cb549" }, "downloads": -1, "filename": "ptw-0.4.0.tar.gz", "has_sig": false, "md5_digest": "b80f63ef6b5dd3db20683061b76a1c85", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5.3", "size": 12882, "upload_time": "2019-07-12T17:07:18", "url": "https://files.pythonhosted.org/packages/84/82/312baba83afd405621ef29b146c091d22e5f2b35f8e2c178d80c94fbcc15/ptw-0.4.0.tar.gz" } ], "0.4.1": [ { "comment_text": "", "digests": { "md5": "4d08e3f66f98581850722950ca949b7d", "sha256": "c6b9c9741bc8c42bf283e2abda72c7fcb42f5984f92e36691e3374d6b444e2bd" }, "downloads": -1, "filename": "ptw-0.4.1-py3-none-any.whl", "has_sig": false, "md5_digest": "4d08e3f66f98581850722950ca949b7d", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5.3", "size": 13845, "upload_time": "2019-08-22T00:16:30", "url": "https://files.pythonhosted.org/packages/5c/9e/539182f178ef13a862b3cdcba0f4a04510aae0415ab25453b405a291b00f/ptw-0.4.1-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "64a2ffba2ff31d8e8566867b25e7ceee", "sha256": "cc4d3c9682bf0121efbedc174169a4ba1ad437971c9046b8c8c2d1193dcbc89f" }, "downloads": -1, "filename": "ptw-0.4.1.tar.gz", "has_sig": false, "md5_digest": "64a2ffba2ff31d8e8566867b25e7ceee", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5.3", "size": 13111, "upload_time": "2019-08-22T00:16:31", "url": "https://files.pythonhosted.org/packages/17/93/a8cd0f9efdd8bb7d32d09e4e6bf65493af28b99f3cc15a2b7c1c985fb314/ptw-0.4.1.tar.gz" } ], "0.4.2": [ { "comment_text": "", "digests": { "md5": "86d409d876c1844eebbeb85480a147f6", "sha256": "38dfd3debe49a6c4a330c1ec99262bada90279f4804b7da1e37868743dadc41d" }, "downloads": -1, "filename": "ptw-0.4.2-py3-none-any.whl", "has_sig": false, "md5_digest": "86d409d876c1844eebbeb85480a147f6", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5.3", "size": 14189, "upload_time": "2019-08-28T17:26:51", "url": "https://files.pythonhosted.org/packages/f5/25/83adf455c19ac41e5f96d5a910f26fa1f3c98682c6d07bb1e5f32fdfbfa9/ptw-0.4.2-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "dff7590963d71bf142c04cef51e0c9f0", "sha256": "50fc7ddb5bbb6ba57e103abe198df394e8a7db4b072d269b4f1fee718f7ed759" }, "downloads": -1, "filename": "ptw-0.4.2.tar.gz", "has_sig": false, "md5_digest": "dff7590963d71bf142c04cef51e0c9f0", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5.3", "size": 13899, "upload_time": "2019-08-28T17:26:52", "url": "https://files.pythonhosted.org/packages/71/f0/4967d4fb05611c69b24328bcbcf6217fda46cd06db5181056f56202fa546/ptw-0.4.2.tar.gz" } ], "0.4.3": [ { "comment_text": "", "digests": { "md5": "e095fc003dadbf601aa73b2e99e25390", "sha256": "d239cd72025fb15a8356086a7e1f7fb35786c537dd484bd4757ebcb200c1615f" }, "downloads": -1, "filename": "ptw-0.4.3-py3-none-any.whl", "has_sig": false, "md5_digest": "e095fc003dadbf601aa73b2e99e25390", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5.3", "size": 14182, "upload_time": "2019-08-28T17:35:39", "url": "https://files.pythonhosted.org/packages/af/e2/e842a9e5ff4d238e73f751df65e18980c5819bb6f2379e76d24fba0629a4/ptw-0.4.3-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "726a2db6f8b067402989df5465c2f280", "sha256": "4fac081fe7484d4299b9343031d1646f58c7915e80aa5df4b4b5df1feb880d46" }, "downloads": -1, "filename": "ptw-0.4.3.tar.gz", "has_sig": false, "md5_digest": "726a2db6f8b067402989df5465c2f280", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5.3", "size": 13888, "upload_time": "2019-08-28T17:35:41", "url": "https://files.pythonhosted.org/packages/64/e5/ae12c191e7eb6b236773f2ad3aa59959bf7a2150dc9d1f060cb07af6a02d/ptw-0.4.3.tar.gz" } ], "0.4.4": [ { "comment_text": "", "digests": { "md5": "66974dad00f9e29e293b0b80e9086d04", "sha256": "7914a7a0c730356540c48279fd716b99c97ba19aaedb7c8686449b4a520886c0" }, "downloads": -1, "filename": "ptw-0.4.4-py3-none-any.whl", "has_sig": false, "md5_digest": "66974dad00f9e29e293b0b80e9086d04", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5.3", "size": 14348, "upload_time": "2019-09-11T21:02:34", "url": "https://files.pythonhosted.org/packages/f5/59/d0f2901ee08d838be0ae23f272a6b28803bf5edb3fdd8aef25e9634f1e38/ptw-0.4.4-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "cf9c81b23ab4f4a4b102fd4547d32bce", "sha256": "85d63b850e9ab4decccc9a9d08c27e73fd57b3b53ef0efe9ad2ac120738d29ef" }, "downloads": -1, "filename": "ptw-0.4.4.tar.gz", "has_sig": false, "md5_digest": "cf9c81b23ab4f4a4b102fd4547d32bce", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5.3", "size": 14318, "upload_time": "2019-09-11T21:02:35", "url": "https://files.pythonhosted.org/packages/5c/56/3cf493c4c4dd83144272ad63c137c182671f5906e7ab66970a4b26203f43/ptw-0.4.4.tar.gz" } ] }, "urls": [ { "comment_text": "", "digests": { "md5": "66974dad00f9e29e293b0b80e9086d04", "sha256": "7914a7a0c730356540c48279fd716b99c97ba19aaedb7c8686449b4a520886c0" }, "downloads": -1, "filename": "ptw-0.4.4-py3-none-any.whl", "has_sig": false, "md5_digest": "66974dad00f9e29e293b0b80e9086d04", "packagetype": "bdist_wheel", "python_version": "py3", "requires_python": ">=3.5.3", "size": 14348, "upload_time": "2019-09-11T21:02:34", "url": "https://files.pythonhosted.org/packages/f5/59/d0f2901ee08d838be0ae23f272a6b28803bf5edb3fdd8aef25e9634f1e38/ptw-0.4.4-py3-none-any.whl" }, { "comment_text": "", "digests": { "md5": "cf9c81b23ab4f4a4b102fd4547d32bce", "sha256": "85d63b850e9ab4decccc9a9d08c27e73fd57b3b53ef0efe9ad2ac120738d29ef" }, "downloads": -1, "filename": "ptw-0.4.4.tar.gz", "has_sig": false, "md5_digest": "cf9c81b23ab4f4a4b102fd4547d32bce", "packagetype": "sdist", "python_version": "source", "requires_python": ">=3.5.3", "size": 14318, "upload_time": "2019-09-11T21:02:35", "url": "https://files.pythonhosted.org/packages/5c/56/3cf493c4c4dd83144272ad63c137c182671f5906e7ab66970a4b26203f43/ptw-0.4.4.tar.gz" } ] }