SkillAgentSearch skills...

BoltConn

Privacy-oriented proxy & network manager, supporting WireGuard, L7 firewall, App-based policies and scripted MitM.

GenerateConvertImprove

Install / Use

/learn @XOR-op/BoltConn
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

<h1 align="center"> <img src="./assets/icon.svg" alt="BoltConn" width="192"> <br/> BoltConn <br/> </h1> <p align="center"> <a href="https://github.com/XOR-op/BoltConn/actions"> <img src="https://img.shields.io/github/actions/workflow/status/XOR-op/BoltConn/check.yml" alt="GitHub Actions"> </a> <a href="./LICENSE"> <img src="https://img.shields.io/badge/license-GPLv3-blue.svg" alt="License: GPLv3"> </a> <a href="https://github.com/XOR-op/BoltConn/releases"> <img src="https://img.shields.io/github/v/release/XOR-op/BoltConn?color=00b4f0" alt="Release"> </a> </p>

A go-to solution for transparent application proxy & firewall with tunneling and MitM, designed with privacy and security in mind. All efforts made to make you fully control your network. Experimental webui & desktop client is available in XOR-op/BoltBoard.

Features

  • Fine-grained Traffic Control: Allow VPN-style global control, or dedicated http/socks5 per-inbound control.
  • Rule-based Blocking: Block ad/tracking traffic on a per-process/per-website/flexible way.
  • Rule-based Tunneling: Flexible way to tunnel traffic through http/socks5/wireguard/etc outbounds. Able to use compatible rules from similar community.
  • Audit Traffic: Audit traffic history by accessing API or dumping into SQLite.
  • Modify HTTPS Data: Manipulate requests and responses inside HTTPS traffic to redirect, block or modify them. Support injecting Javascript now.

For the full features, see features.md.

Getting Started

Installation

Pre-built binaries

  • Download pre-built binaries from release and add the path of the binary to $PATH.

Install latest git version with cargo

cargo install --locked --git https://github.com/XOR-op/BoltConn

Configuration

Before running BoltConn, you should run these two commands first:

  1. Create necessary configuration and runtime files. The default configuration path is $HOME/.config/boltconn, and the default runtime path is $HOME/.local/share/boltconn:
# generate configuration files
boltconn generate init
  1. Generate root certificates with proper permissions for MitM:
# generate root certificates and make them readable only by root user (recommended)
sudo -E boltconn generate cert
# or generate them without configuring permissions
boltconn generate cert --rootless

Run BoltConn

# run BoltConn globally
sudo -E boltconn start
# or run BoltConn with rootless mode (certain features will be unavailable)
boltconn start --rootless

CLI Tools for Management

boltconn [conn/proxy/rule/tun/reload/...]

See boltconn --help for more help.

Documentations

[!NOTE] Documentations are outdated now. Please wait for our update.

Learn more about BoltConn's architecture, RESTful API, and how it compares to other related projects:

Future Plan

  • Stablize Windows support with Wintun driver (it's experimental now).

License

This software is released under the GPL-3.0 license.

XOR-op

View profile

View on GitHub
GitHub Stars67
CategoryCustomer
Updated20d ago
Forks5
XOR-op/BoltConn

Languages

Rust

Security Score

100/100

Audited on Mar 7, 2026

No findings