The Barefoot server is a scalable user-space port bouncer that can be used to forward, or bounce, TCP connections and UDP packets destined for an address on the host on which the Barefoot server runs to any other host or address. To these other hosts, it will appear as if the connection and packets are coming from the machine on which the Barefoot server runs, rather than from the original host. The Barefoot server has support for using proxy protocols on the outgoing side, and can relay incoming traffic out via a SOCKS server or an HTTP proxy supporting the CONNECT command. At the moment, using a proxy for outgoing traffic is only supported for the TCP protocol. The Barefoot server is targeted towards larger sites that need to bounce traffic from many simultaneous clients, while at the same time offering detailed access control, logging, and other features related to controlling the behavior of the traffic and the Barefoot server.
1.4.128 Mar 2015 15:43
IPv6 is now supported in the server. A new "monitor" object has been added. The syntax is similar to rules and routes, but instead of applying to individual sessions, it applies to all sessions currently matching the addresses to monitor. The session module has been merged with the mainstream Barefoot code, and has also been extended to support the following new features: connection throttling (number of new sessions accepted per second) and state-keys (per source IP address).