_/\/\/\/\/\/\__/\/\___________________________
    _/\/\__________/\/\______/\/\/\______/\/\/\___ 
   _/\/\/\/\/\____/\/\____/\/\__/\/\__/\/\__/\/\_  
  _/\/\__________/\/\____/\/\__/\/\__/\/\__/\/\_   
 _/\/\__________/\/\/\____/\/\/\______/\/\/\___    
______________________________________________     
                                                             

Dependencies:  Floo      ∅ (zero)          ⭐
               Rathole   ████████████████████████████ (27+ crates)
               FRP       █████████████████████████████████ (34+ packages)

Binary Size:   Floo      ▌ 671 KB total (394 KB + 277 KB)  ⭐
               Rathole   ████ ~2-4 MB total
               FRP       ████████████████████████████████ ~24+ MB total

Throughput:    Floo      ██████████████████████████████ 29.4 Gbps ⭐
               Rathole   ██████████████████ 18.1 Gbps
               FRP       ██████████ 10.0 Gbps

Secure, high-performance tunneling in Zig. Expose your home services or access remote ones.

Nightly builds (updated automatically):

• floo-aarch64-macos-m1.tar.gz - Apple Silicon
• floo-aarch64-linux-rpi.tar.gz - Raspberry Pi
• floo-x86_64-linux-haswell.tar.gz - Modern Linux

Or build: zig build -Doptimize=ReleaseFast

Each example has complete setup guide + configs. Just copy, edit, run!

• 🔐 Noise XX + PSK - Mutual authentication with 5 AEAD ciphers
• 🔄 Reverse tunneling - Expose local services through public server
• ⚡ Forward tunneling - Access remote services securely (like SSH -L)
• 🌐 Proxy support - SOCKS5 and HTTP CONNECT for corporate networks
• 📊 Built-in diagnostics - --doctor and --ping commands
• 🔧 Hot config reload - Update settings without restart (SIGHUP)
• 💓 Auto-reconnect - Exponential backoff, heartbeat supervision

Note: All features verified against source repositories (Rathole v0.5.0, FRP v0.65.0). Benchmarks measured on identical hardware (Apple M1 MacBook Air) using iperf3 with single stream. Dependencies counted from Cargo.toml/go.mod. Binary sizes measured from compiled/released artifacts.

Benchmark (Apple M1 MacBook Air):

Raw loopback        ████████████████████████████████████████████████████ 99.8 Gbps
Floo (plaintext)    █████████████████▌                                   34.8 Gbps
Floo (AEGIS-128L)   ██████████████▊ ⭐                                   29.4 Gbps
Floo (AEGIS-256)    ████████████▎                                        24.5 Gbps
Rathole             █████████▏                                           18.1 Gbps
Floo (AES-128-GCM)  █████████                                            17.9 Gbps
Floo (AES-256-GCM)  ████████                                             15.8 Gbps
FRP                 █████                                                10.0 Gbps
Floo (ChaCha20)     █▊                                                   3.53 Gbps
                    └─────┴─────┴─────┴─────┴─────┴─────┴─────┴─────┴─────┴────►
                    0    10    20    30    40    50    60    70    80    90   100 Gbps

• AEGIS ciphers deliver the best encrypted performance (29.4 Gbps)
• Floo outperforms alternatives by 62% (vs Rathole) with AEGIS-128L
• Hardware acceleration (ARM crypto extensions) makes encryption nearly free
• Even AES-GCM maintains competitive throughput vs. plaintext alternatives

Homebrew (macOS):

brew tap YUX/floo
brew install floo

AUR (Arch Linux):

yay -S floo
# or
paru -S floo

APT (Debian/Ubuntu):

# Add repository
curl -fsSL https://yux.github.io/floo-apt/pubkey.gpg | sudo gpg --dearmor -o /usr/share/keyrings/floo.gpg
echo 'deb [signed-by=/usr/share/keyrings/floo.gpg] https://yux.github.io/floo-apt stable main' | sudo tee /etc/apt/sources.list.d/floo.list

# Install
sudo apt update
sudo apt install floo

Snap (Universal Linux):

sudo snap install floo

Note: Package manager releases will be available after v0.1.2 is tagged. See packaging/README.md for maintainer instructions.

Download from releases:

wget https://github.com/YUX/floo/releases/download/nightly/floo-aarch64-macos-m1.tar.gz
tar xzf floo-*.tar.gz
cd floo-*/
./flooc --version
./floos --version

Requirements: Zig 0.15.x

git clone https://github.com/YUX/floo
cd floo
zig build -Doptimize=ReleaseFast
./zig-out/bin/floos --version

floos floos.toml                    # Start server
floos --doctor floos.toml          # Validate config
floos --ping floos.toml            # Test service reachability
floos -p 9000 floos.toml           # Override port

flooc flooc.toml                   # Start client
flooc --doctor flooc.toml          # Validate config and connectivity
flooc --ping flooc.toml            # Measure tunnel latency
flooc -r server.com:8443 --ping    # Quick test
flooc -x socks5://proxy:1080       # Through proxy

See examples/ for complete usage guides.

./flooc --ping flooc.toml  # Test connectivity
# Check: firewall, correct IP, server running

# Verify PSK and cipher match EXACTLY in both configs
grep "psk\|cipher" floos.toml flooc.toml

# Server heartbeat_interval (30s) < Client timeout (40s)
grep "heartbeat" floos.toml flooc.toml

Full troubleshooting: See example READMEs

Reverse mode (expose home service):

# Server (public)
[server.services.emby]
mode = "reverse"
local_port = 8096  # Users connect here

# Client (home)
remote_host = "server.ip"

Forward mode (access remote service):

# Server (remote)
[server.services.db]
target_port = 5432  # Server connects here

# Client (local)
local_port = 5432  # You connect here

See examples/ for complete configurations.

zig build test                      # Run tests
zig fmt src/*.zig                   # Format code
zig build release-all               # Cross-compile
./run_benchmarks.sh                 # Benchmark suite

• Windows support
• Compression
• io_uring backend (Linux)
• QUIC/DTLS for UDP
• Prometheus metrics

Pull requests welcome!

1. Format: zig fmt src/*.zig
2. Test: zig build test
3. Document changes
4. Ensure benchmarks don't regress

MIT - See LICENSE file

• Examples: examples/
• Issues: https://github.com/YUX/floo/issues
• Releases: https://github.com/YUX/floo/releases

Built with ❤️ in Zig