MintFlow NetStack

iOS Universel / developpeurs

MintFlow NetStack is a performant, purpose-built, and highly customizable networking toolkit based on Cisco's open-source fd.io VPP technology. It can capture all system traffic, send it over local Internet or VPN/proxy connections using advanced routing rules, and can selectively capture and rewrite HTTP/HTTPS traffic. It also supports customizable MTU/split DNS settings and diagnostic utilities such as traceroute and ping.

MintFlow NetStack does NOT provide any VPN/Proxy service, you should configure your existed or self hosted VPN/Proxy servers as virtual interfaces and customize with advanced routing behavior to satisfy your various scenarios.

MintFlow NetStack can support following example scenarios, you can fully customize your scenario:

- Route all traffic through a VPN/Proxy interface, or split VPN traffic across multiple interfaces for maximum privacy
- Route selected traffic through VPN interface and rest to the local internet for unblocking some limit
- Route all traffic through local Internet for override provider DNS or app traffic debugging

KEY FEATURES:
- Powered by a high-performance, actively maintained lower level network stack
- One system VPN profile, supports multiple active L3VPN(WireGuard and more...) and Proxy(VMESS and Shadowsocks)
- Custom traffic routing & blocking by CIDR prefix, CIDR set, Domain, or DomainSet
- Transparent proxying traffic to the local internet based on Domain or DomainSet, leveraging VPP’s advanced host stack capabilities
- Includes a high-performance in-app DNS resolver with support for advanced split DNS
- Includes a high-performance in-app HTTP Engine to handle HTTP/HTTPS traffic belong to interested domains
- Customizable system VPN settings, including MTU and DNS servers

HTTP Engine Features:
- selective HTTP/HTTPS traffic processing, with a locally generated self-signed CA installed and trusted by user for HTTPS by MITM
- Work with any traffic destination such as L3VPN or L4Proxy or Direct local Internet
- Capture anytime interested domains traffic when VPN is running
- Auto decompress HTTP body, support preview png/jpeg images, CSS/JS/HTML/JSON with TreeSitter based syntax highlighting
- Block malicious or ADs HTTP/HTTPS traffic by using HTTP Engine URL Rewrite Capability with reject action or redirect action with new target URL
- More Rewrite capability and Scripting capability will be added in coming releases
- Prefer HTTP/2 for upstream connection even local App does not support HTTP/2 for performance
- Using Post quantum crypto(PQC) for HTTPS/TLS negotiations for maximum your privacy and safety

VPN Protocols supported:
- High-performance fd.io VPP native WireGuard support, Import WireGuard configurations via QR code, iCloud config files, or create manually
- VMESS-WS-TLS support, created manually
- SHADOWSOCKS with obfs support, created manually
- More protocols will be released in coming releases, stay tuned!

Diagnose Capability:
- Built-in ping and trace route tools for network troubleshooting
- Inspect in-app DNS activity to debug device app traffic and gather domains that need to be processed by HTTP Engine

Lean UI:
- Modern, intuitive interface with a clean design
- Dark mode support

Automation:
- Siri Shortcuts support for automation and quick actions
- Flexible On-Demand VPN rules which let your connect/disconnect on different network conditions


MintFlow NetStack is highly customizable networking toolkit, we strongly recommend you to read the online manual below to use it more effectively:

http://mintflow.galaxnet.cc/manual


Notes:

1. fd.io VPP is the actively maintained open-source version of Cisco’s Vector Packet Processing (VPP) technology
2. WireGuard® is a registered trademark of Jason A. Donenfeld
3. WireGuard QR code and config file compatibility tested with Mullvad, Windscribe, and others

Special Notes:

The price may increase as more advanced features are added. Buy now to lock in all current and future features at today’s price

Quoi de neuf dans la dernière version ?

1. Support start and stop HTTP/HTTPS capture anytime when MintFlow NetStack VPN is running, this will let user to only capture interested HTTP/HTTPS traffic when doing App debugging
2. Rewrite captured HTTP/HTTPS request/response preview function, user now can view captured and decompressed HTTP/HTTPS body with smart syntax highlight, and export/share the body when needed
3. Add a generic UDP forward bridge infra for vpp and L4Proxy component, as a result, UDP forward support to Shadowsocks Protocol
4. Rewrite the editor of DomainSet/CidrSet, and enable search for the editor
5. Optimize internal stub DNS cache logic to prevent some issues when cache expired
6. By default use concurrent DNS query to reduce latency