Transparent gateway interception
Redirect client HTTP and HTTPS flows with iptables NAT while the Linux host acts as the default gateway.
Operations / TLS inspection
Inspect routed TLS traffic.
SSLInspectingRouter runs on a Linux gateway and gives you visibility into authorized HTTP and HTTPS traffic: capture, inspect, route, rewrite, and export flows from one focused dashboard.
HTTP/HTTPS MITM
SQLite logging
WireGuard / Tor
PCAP export
Feature set
A focused toolkit for controlled traffic inspection.
Built for lab gateways and authorized networks where traffic visibility matters more than decoration.
Dynamic TLS certificates
Acts as a local CA and generates host certificates on demand for HTTPS inspection.
Real-time dashboard
Inspect traffic, manage policy, control egress, and operate runtime settings from a web UI.
Full traffic capture
Store request and response details in SQLite, with optional truncation or body artifact storage.
Response rewrites
Modify HTTP and HTTPS responses on the fly using JSON rewrite rules with automatic reload.
WireGuard or Tor egress
Switch outbound traffic through a WireGuard tunnel or Tor SOCKS5 from the Control Center.
PCAP for Wireshark
Export decrypted traffic into PCAP format for deeper offline packet analysis.
Policy-first controls
Drop or bypass domains, IPs, and CIDRs, or run allowlist mode to inspect traffic only from selected source IP addresses.
Architecture
Traffic flows through a simple gateway path.
Clients use the Linux host as their default gateway. The router redirects HTTP and HTTPS locally, decrypts where configured, processes traffic, and forwards it upstream.
Client traffic arrives
HTTP on port 80 and HTTPS on port 443 are redirected by iptables into local handlers.
Router inspects
Traffic can be decrypted, logged, matched against policies, rewritten, or bypassed.
Upstream resumes
Requests are forwarded directly, through WireGuard, or through Tor depending on runtime egress mode.
Install & run
# Install Go for your distro first, then clone
git clone https://github.com/dmitryporotnikov/SSLInspectingRouter.git
cd SSLInspectingRouter
# Enable forwarding, check dependencies, build binary
sudo ./scripts/setup.sh
# Start the router with the dashboard on port 3000
sudo ./sslinspectingrouter -web :3000
# Open in your browser
http://<router-ip>:3000
# Default bootstrap credentials — change immediately
admin / admin123
Responsible use
Built for networks you own and control.
SSLInspectingRouter performs TLS/SSL man-in-the-middle interception. Use it only in authorized labs, personal networks, test benches, or corporate environments with proper consent and governance.
Trusted networks only
Protect traffic.db
Bind dashboard carefully
Rotate default credentials
Inspection togglePause or resume traffic inspection from the dashboard.
Drop / bypass listsApply domain, IP, or CIDR policies at runtime.
Rewrite rulesCreate managed JSON response rewrite policies.
Egress routingEnable WireGuard or Tor with mutually exclusive controls.
GET /api/v1/status
200 OK
API v1
Script the same controls exposed in the UI.
The backend exposes a versioned API for health, auth, runtime status, policies, traffic, rewrites, and admin users.
Public
GET
/api/v1/healthPOST
/api/v1/auth/loginOperations
GET
/api/v1/statusPUT
/api/v1/statusGET
/api/v1/trafficDELETE
/api/v1/trafficPolicy
GET
/api/v1/policyPUT
/api/v1/policyPOST
/api/v1/rewritesDELETE
/api/v1/rewrites/{id}
Use cases
Practical use cases, no magic.
Use SSLInspectingRouter when you need realistic routed traffic behavior plus application-layer visibility.
Security labs
Observe, document, and export decrypted HTTP/HTTPS flows in an isolated lab environment.
QA and debugging
Reproduce client traffic, inspect payloads, and test response rewrites without changing application code.
Routing experiments
Compare direct, WireGuard, and Tor egress behavior while retaining dashboard visibility.
Open source
Run the inspection router on your own Linux gateway.
Clone the repository, run the setup script, start the web dashboard, and begin observing authorized traffic from a single Linux gateway.