Thanks to visit codestin.com
Credit goes to github.com

Skip to content
/ httpjail Public
forked from coder/httpjail

Monitor and restrict HTTP/HTTPS requests from processes

License

CC0-1.0 license
0 stars 21 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

ShabbirHasan1/httpjail

BranchesTags
 
 

Repository files navigation

httpjail

Documentation Crates.io CI

A cross-platform tool for monitoring and restricting HTTP/HTTPS requests from processes using network isolation and transparent proxy interception.

Install:

cargo install httpjail

Or download a pre-built binary from the releases page.

Features

Warning

httpjail is experimental and offers no API or CLI compatibility guarantees.

  • 🔒 Process-level network isolation - Isolate processes in restricted network environments
  • 🌐 HTTP/HTTPS interception - Transparent proxy with TLS certificate injection
  • 🛡️ DNS exfiltration protection - Prevents data leakage through DNS queries
  • 🔧 Multiple evaluation approaches - JS expressions or custom programs
  • 🖥️ Cross-platform - Native support for Linux and macOS

Quick Start

By default, httpjail denies all network requests. Provide a JS rule or script to allow traffic.

# Allow only requests to github.com (JS)
httpjail --js "r.host === 'github.com'" -- your-app

# Load JS from a file
echo "/^api\\.example\\.com$/.test(r.host) && r.method === 'GET'" > rules.js
httpjail --js-file rules.js -- curl https://api.example.com/health

# Log requests to a file
httpjail --request-log requests.log --js "true" -- npm install
# Log format: "<timestamp> <+/-> <METHOD> <URL>" (+ = allowed, - = blocked)

# Use shell script for request evaluation (process per request)
httpjail --sh "/path/to/script.sh" -- ./my-app
# Script receives env vars: HTTPJAIL_URL, HTTPJAIL_METHOD, HTTPJAIL_HOST, etc.
# Exit code 0 allows, non-zero blocks

# Use line processor for request evaluation (efficient persistent process)
httpjail --proc /path/to/filter.py -- ./my-app
# Program receives JSON on stdin (one per line) and outputs allow/deny decisions
# stdin  -> {"method": "GET", "url": "https://api.github.com", "host": "api.github.com", ...}
# stdout -> true

# Run as standalone proxy server (no command execution) and allow all
httpjail --server --js "true"
# Server defaults to ports 8080 (HTTP) and 8443 (HTTPS)
# Configure your application:
# HTTP_PROXY=http://localhost:8080 HTTPS_PROXY=http://localhost:8443

# Run Docker containers with network isolation (Linux only)
httpjail --js "r.host === 'api.github.com'" --docker-run -- --rm alpine:latest wget -qO- https://api.github.com

Documentation

Docs are stored in the docs/ directory and served at coder.github.io/httpjail.

Table of Contents:

License

This project is released into the public domain under the CC0 1.0 Universal license. See LICENSE for details.

About

Monitor and restrict HTTP/HTTPS requests from processes

Resources

Readme

License

CC0-1.0 license

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

4 tags

Packages

No packages published

Languages

  • Rust 92.3%
  • Shell 7.7%