A high-performance SSH-based tunneling server designed for secure internet access, built with advanced security features and traffic monitoring capabilities.
π ΩΨ§Ψ±Ψ³Ϋ | English
- Built-in Brute Force Protection: Automatic IP blocking after failed authentication attempts
- Attack Monitoring: Detailed logging of failed login attempts with IP tracking
- Customizable Authentication: Configurable maximum authentication attempts
- IP Blocking System: Persistent blocked IP management with JSON storage
- Server Banner Customization: Hide or customize server banner via configuration
- Setting Access Levels: Has two modes: User and Administrator. Administrators have the capability to execute commands in the operating system shell, while Users can only establish tunnels.
- Real-time Traffic Tracking: Monitor upload/download usage per user
- Session-based Statistics: Track bytes sent/received per session
- Total Usage Analytics: Cumulative traffic statistics across all sessions
- Automatic Data Persistence: Traffic data saved to JSON files every 10 seconds
- Live Bandwidth Monitoring: Real-time bandwidth usage display
- Blocking Unauthorized Websites: Blocks websites that you do not want the user to visit.
- Blocking Unauthorized IPs: Blocks IP addresses that you do not want the user to visit.
- Tracking Visited Websites: The ability to track the websites visited by the user, a feature you can enable or disable
- Multi-port Support: Run server on multiple ports simultaneously
- TCP Forwarding: Direct TCP connection forwarding without additional configuration
- UDP Forwarding: Full UDP traffic forwarding support
- Cross-platform: Runs on both Linux and Windows systems
- High Performance: 10x faster than OpenSSH for tunneling operations
- User Management: JSON-based user authentication system
- Shell Integration: Native CMD support on Windows and Shell on Linux
- Configuration Management: JSON-based server configuration
- Logging System: Comprehensive logging of connections and attacks
-
Built-in Session Control: Administrators can define how many concurrent sessions each account can open at the same time.
-
Automatic Session Expiration: Each session has a defined Time To Live (TTL). Expired sessions are automatically terminated to free resources.
-
Dynamic Connection Handling: When the session limit is reached, new connections can be rejected or queued β fully configurable.
-
Real-time Session Monitoring: Tracks and logs all active sessions in real time for auditing and analytics.
-
Immediate blocking of new connections when sessions are saturated: If an account exceeds the allowed session limit, any new users attempting to connect will be blocked from the very beginning and denied access.
-
Rate Limiting: Define per-user data transfer speed limits (
max_speed_kbps) in KB/s. Applied in real time using the Token Bucket algorithm for both upload and download.
π Example:1024= 1 MB/s -
Traffic Limit Enforcement: Define total traffic usage caps (
max_total_mb) in MB. If a user exceeds the quota, access is denied at login or forcefully disconnected during active sessions.
π Example:10240= 10 GB -
Real-time Bandwidth Enforcement: Traffic usage is checked every 1β2 seconds. If usage exceeds the defined limit, the session is immediately terminated.
- Go 1.19 or higher
- SSH private key (
id_rsa) - Configuration files (see Setup section)
{
"ports": [64235, 64236,64237],
"shell": "cmd.exe",
"max_auth_attempts": 3,
"server_version": "SSH-2.0-Abdal-4iProto-Server"
}{
"ports": [64235, 64236,64237],
"shell": "/bin/bash",
"max_auth_attempts": 3,
"server_version": "SSH-2.0-Abdal-4iProto-Server"
}[
{
"username": "ebrasha",
"password": "152314562152",
"role": "admin",
"blocked_domains": [],
"blocked_ips": [],
"log": "no",
"max_sessions": 1,
"session_ttl_seconds": 300
},
{
"username": "user1",
"password": "password123",
"role": "user",
"blocked_domains": [
"facebook.com",
"*.facebook.com",
"twitter.com",
"*.twitter.com",
"instagram.com",
"*.instagram.com"
],
"blocked_ips": [
"192.168.1.100",
"10.0.0.*",
"172.16.*.*"
],
"log": "yes",
"max_sessions": 2,
"session_ttl_seconds": 300
},
{
"username": "user2",
"password": "password456",
"role": "user",
"blocked_domains": [
"youtube.com",
"*.youtube.com",
"netflix.com",
"*.netflix.com"
],
"blocked_ips": [
"192.168.10.1",
"10.10.10.10"
],
"log": "yes",
"max_sessions": 5,
"session_ttl_seconds": 300
}
]
{
"blocked": [
"192.168.1.12",
"10.0.0.7"
]
}Place your SSH private key as id_rsa in the project directory.
Run the following command in the server's file directory to generate a new key.
ssh-keygen -t rsa -b 4096 -f id_rsago mod tidy
go build -o abdal-4iproto-server
./abdal-4iproto-serverports: Array of ports to listen onshell: Shell command to execute (cmd.exe for Windows, /bin/bash for Linux)max_auth_attempts: Maximum failed login attempts before IP blockingserver_version: Custom SSH server version string
The server automatically tracks:
- Bytes sent/received per session
- Total traffic per user
- Session timestamps
- Real-time bandwidth usage
./abdal-4iproto-serverWe have developed a dedicated client with GUI support that also supports SOCKS5 server creation. For the best experience, use our custom client:
Download Client: Abdal 4iProto Client
ssh -D 1080 username@server_ip -p 22After establishing connection with dynamic forwarding:
- Configure applications to use SOCKS proxy on localhost:52905
- All traffic will be tunneled through the secure SSH connection
You can connect to the Abdal 4iProto Server from all major platforms using the following clients:
Use sshuttle for full-tunnel routing via SSH:
sshuttle --dns -r [email protected]:2222 0.0.0.0/0 -vvDownload Abdal 4iProto Client for Windows
Download NapsternetV from Google Play
Download OpenTunnel from Google Play
Download SSH Tunnel with SOCKS5 Proxy from App Store
Traffic data is automatically saved to traffic_username.json files:
{
"username": "user1",
"ip": "192.168.1.100",
"last_bytes_sent": 1024,
"last_bytes_received": 2048,
"total_bytes_sent": 1048576,
"total_bytes_received": 2097152,
"total_bytes": 3145728,
"last_timestamp": "2025-01-15T10:30:00Z"
}invalid_logins.log: Records failed authentication attemptsblocked_ips.json: Manages blocked IP addresses- Console output: Real-time connection and traffic logs
This guide explains how to use IP Forwarding and iptables NAT to redirect all incoming traffic from a Linux server to a 4iProto destination server. This scenario is used for Full Traffic Forwarding, Transparent Proxy, and Gateway Relay.
- Linux operating system
- Root access
- iptables installed and active
- Valid 4iProto server IP
- Basic understanding of NAT, DNAT, SNAT, Routing
echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf
sysctl -piptables -t nat -A PREROUTING -p tcp --dport 22 -j DNAT --to-destination IRAN_IPiptables -t nat -A PREROUTING -j DNAT --to-destination 4iProto_IPiptables -t nat -A POSTROUTING -j MASQUERADE- The SSH port rule must be applied before the general PREROUTING rule
- Ensure alternative SSH access before applying rules
- Adjust firewall settings if using firewalld or ufw
- Automatic IP blocking after configurable failed attempts
- Persistent blocked IP storage
- Detailed attack logging with timestamps
- Logs failed login attempts with username, password, and IP
- Tracks attack patterns and sources
- Provides comprehensive security analytics
If you encounter any issues or have configuration problems, please reach out via email at [email protected]. You can also report issues on GitHub.
If you find this project helpful and would like to support further development, please consider making a donation:
Handcrafted with Passion by Ebrahim Shafiei (EbraSha)
- E-Mail: [email protected]
- Telegram: @ProfShafiei
This project is licensed under the GPLv2 or later License.