From 7bcd8b43d9f88b130505f6c70591888267dfd56a Mon Sep 17 00:00:00 2001 From: AzenKain Date: Tue, 26 May 2026 14:27:36 +0700 Subject: [PATCH] UPDATE: Add '-no-sys' flag to skip certificate installation and system proxy setup; update README with usage examples; increment release version to 1.2-02 --- README.md | 7 +++++++ cert.go | 6 +++++- main.go | 46 ++++++++++++++++++++++++--------------------- script/release.json | 4 ++-- 4 files changed, 39 insertions(+), 24 deletions(-) diff --git a/README.md b/README.md index 53dac62..23a2d27 100644 --- a/README.md +++ b/README.md @@ -41,6 +41,7 @@ go build - `-b`: Comma-separated list of blocked ports - `-p`: Proxy listen port (default: auto) - `-e`: Path to an executable to run with admin privileges +- `-no-sys`: Run only the proxy server; skip certificate installation, system proxy setup, and macOS/Linux admin relaunch ### Examples @@ -76,6 +77,12 @@ go build On macOS/Linux, if the proxy is not already running as root, it relaunches with an administrator prompt. On Linux, logs from the elevated process are written to `/tmp/firefly-go-proxy.log`; on macOS, elevated process output is discarded. +6. Start only the proxy server without changing system settings: + ```bash + ./firefly-proxy -no-sys -p 8888 //linux|macos + ./firefly-proxy.exe -no-sys -p 8888 //windows + ``` + ## How it works The proxy intercepts HTTP/HTTPS traffic and can: diff --git a/cert.go b/cert.go index a66238f..879eea0 100644 --- a/cert.go +++ b/cert.go @@ -10,7 +10,11 @@ import ( const caCertName = "firefly-go-proxy-ca.crt" -func setupCertificate() (*tls.Certificate, error) { +func setupCertificate(installSystemCA bool) (*tls.Certificate, error) { + if !installSystemCA { + return &goproxy.GoproxyCa, nil + } + if _, err := os.Stat(caCertName); os.IsNotExist(err) { if err := os.WriteFile(caCertName, goproxy.GoproxyCa.Certificate[0], 0644); err != nil { return nil, err diff --git a/main.go b/main.go index ec741d5..c310c6e 100644 --- a/main.go +++ b/main.go @@ -38,16 +38,19 @@ func main() { proxyPort := flag.Int("p", 0, "proxy listen port (default: auto)") exePath := flag.String("e", "", "path to the executable") parentPID := flag.Int("parent-pid", 0, "parent process id to watch") + noSys := flag.Bool("no-sys", false, "skip certificate installation and system proxy setup") flag.Parse() - relaunched, err := relaunchWithAdminIfNeeded() - if err != nil { - zlog.Error().Err(err).Msg("Failed to relaunch with admin privileges") - return - } - if relaunched { - zlog.Info().Msg("Relaunched with admin privileges") - return + if !*noSys { + relaunched, err := relaunchWithAdminIfNeeded() + if err != nil { + zlog.Error().Err(err).Msg("Failed to relaunch with admin privileges") + return + } + if relaunched { + zlog.Info().Msg("Relaunched with admin privileges") + return + } } blockedPorts := parseBlockedPorts(*blockedStr) @@ -66,7 +69,7 @@ func main() { return } - cert, err := setupCertificate() + cert, err := setupCertificate(!*noSys) if err != nil { zlog.Error().Err(err).Msg("Failed setup certificate") return @@ -74,29 +77,30 @@ func main() { addr := ":" + port proxyAddr := "127.0.0.1" proxyEndpoint := proxyAddr + ":" + port - proxyEnabled := false - stopProxyRefresh := func() {} defer func() { - stopProxyRefresh() if r := recover(); r != nil { zlog.Error(). Interface("panic", r). Msg("Unexpected panic") } - if proxyEnabled { + }() + + if !*noSys { + if err := setProxy(true, proxyAddr, port); err != nil { + zlog.Error().Err(err).Msg("Failed to set system proxy") + return + } + stopProxyRefresh := startProxyRefreshLoop(proxyAddr, port) + defer func() { + stopProxyRefresh() if err := setProxy(false, "", ""); err != nil { zlog.Error().Err(err).Msg("Failed to reset system proxy") } - } - }() - - if err := setProxy(true, proxyAddr, port); err != nil { - zlog.Error().Err(err).Msg("Failed to set system proxy") - return + }() + } else { + zlog.Info().Msg("System certificate and proxy setup skipped") } - proxyEnabled = true - stopProxyRefresh = startProxyRefreshLoop(proxyAddr, port) customCaMitm := &goproxy.ConnectAction{Action: goproxy.ConnectMitm, TLSConfig: goproxy.TLSConfigFromCA(cert)} var customAlwaysMitm goproxy.FuncHttpsHandler = func(host string, ctx *goproxy.ProxyCtx) (*goproxy.ConnectAction, string) { diff --git a/script/release.json b/script/release.json index 107ac7f..5c0c8ef 100644 --- a/script/release.json +++ b/script/release.json @@ -1,5 +1,5 @@ { - "tag": "1.2-01", - "title": "PreBuild Version 1.2 - 01" + "tag": "1.2-02", + "title": "PreBuild Version 1.2 - 02" } \ No newline at end of file