Modern tunnel management built on GOST, Backhaul, Rathole, Chisel, and FRP, featuring dual-node architecture, intuitive WebUI, real-time status tracking, and open-source freedom.

• Multiple Tunnel Types: Support for TCP, UDP, WebSocket, gRPC, TCPMux via GOST, Backhaul, Rathole, Chisel, and FRP
• Dual-Node Architecture: Iran nodes act as servers, Foreign servers act as clients for reverse tunnels
• Docker-First: Easy deployment with Docker Compose
• Web UI: Modern, intuitive web interface with real-time connection status tracking
• CLI Tools: Powerful command-line tools for management
• Node Support: Easy reverse tunnel setup with Backhaul, Rathole, Chisel, and FRP nodes
• GOST Forwarding: Forward traffic from Iran nodes to Foreign servers with support for TCP, UDP, WebSocket, gRPC, and TCPMux

• Docker and Docker Compose installed
• For Iran servers, install Docker first:

  curl -fsSL https://raw.githubusercontent.com/manageitir/docker/main/install-ubuntu.sh | sh

sudo bash -c "$(curl -sL https://raw.githubusercontent.com/zZedix/Smite/main/scripts/install.sh)"

1. Clone the repository:

git clone https://github.com/zZedix/Smite.git
cd Smite

2. Copy environment file and configure:

cp .env.example .env
# Edit .env with your settings

Tip: To free ports 80/443 for tunnels, set SMITE_HTTP_PORT and SMITE_HTTPS_PORT in .env. Nginx will render its configuration from nginx/default.conf.template using these values.

3. Install CLI tools:

sudo bash cli/install_cli.sh

4. Start services:

docker compose up -d

5. Create admin user:

smite admin create

6. Access the web interface at http://localhost:8000

The panel generates two separate CA certificates:

• ca.crt / ca.key: Used for Iran nodes
• ca-server.crt / ca-server.key: Used for Foreign servers

Both certificates are available in the panel's certs/ directory and can be downloaded from the Servers page in the web UI.

Note: Nodes are used for Backhaul, Rathole, Chisel, and FRP tunnels, providing easy reverse tunnel functionality. For GOST tunnels (TCP, UDP, WebSocket, gRPC, TCPMux), GOST runs on Iran nodes and forwards traffic to Foreign servers.

• Iran Nodes: Act as servers in reverse tunnels (Rathole, Backhaul, Chisel, FRP) and run GOST forwarders
• Foreign Servers: Act as clients in reverse tunnels and receive forwarded traffic from Iran nodes

sudo bash -c "$(curl -sL https://raw.githubusercontent.com/zZedix/Smite/main/scripts/smite-node.sh)"

The installer will prompt for:

• Panel CA certificate path (use ca.crt for Iran nodes, ca-server.crt for Foreign servers)
• Panel address (host:port)
• Node API port (default: 8888)
• Node name (default: node-1)
• Node role (iran or foreign)

1. Navigate to node directory:

cd node

2. Copy Panel CA certificate:

mkdir -p certs
# For Iran nodes, use ca.crt
cp /path/to/panel/ca.crt certs/ca.crt
# For Foreign servers, use ca-server.crt
# cp /path/to/panel/ca-server.crt certs/ca.crt

3. Create .env file:

cat > .env << EOF
NODE_API_PORT=8888
NODE_NAME=node-1
PANEL_CA_PATH=/etc/smite-node/certs/ca.crt
PANEL_ADDRESS=panel.example.com:443
EOF

Note: The panel validates node roles during registration. Each node must have a consistent role (iran or foreign) to prevent conflicts.

4. Start node:

docker compose up -d

Admin Management:

smite admin create      # Create admin user
smite admin update      # Update admin password

Panel Management:

smite status            # Show system status
smite update            # Update panel (pull images and recreate)
smite restart           # Restart panel (recreate to pick up .env changes)
smite logs              # View panel logs

Configuration:

smite edit              # Edit docker-compose.yml
smite edit-env          # Edit .env file

Node Management:

smite-node status       # Show node status
smite-node update       # Update node (pull images and recreate)
smite-node restart      # Restart node (recreate to pick up .env changes)
smite-node logs         # View node logs

Configuration:

smite-node edit         # Edit docker-compose.yml
smite-node edit-env     # Edit .env file

• TCP: Simple TCP forwarding
• UDP: UDP packet forwarding
• WebSocket (WS): WebSocket protocol forwarding
• gRPC: gRPC protocol forwarding
• TCPMux: TCP multiplexing for multiple connections

GOST tunnels run on Iran nodes and forward traffic to Foreign servers. When creating a GOST tunnel, specify both an Iran node and a Foreign server. The Iran node will listen on the specified port and forward all traffic to the Foreign server's IP address and port.

• TCP / UDP: Low-latency reverse tunnels with optional UDP-over-TCP
• WS / WSMux: WebSocket transports for CDN-friendly deployments
• TCPMux: TCP multiplexing support
• Advanced Controls: Configure multiplexing, keepalive, sniffer, and custom port maps per tunnel

Backhaul tunnels use a dual-node architecture: Iran nodes run the Backhaul server, and Foreign servers run the Backhaul client. The panel automatically configures both nodes when creating a tunnel.

• TCP: Standard TCP reverse tunnel
• WebSocket (WS): WebSocket transport support

Rathole tunnels use a dual-node architecture: Iran nodes run the Rathole server, and Foreign servers run the Rathole client. The node connects to the panel, allowing you to expose services running on the Foreign server's network through the Iran node.

Chisel tunnels use a dual-node architecture: Iran nodes run the Chisel server, and Foreign servers run the Chisel client. They provide fast TCP/UDP reverse tunnel functionality, enabling you to expose services running on the Foreign server's network through the Iran node with high performance.

FRP (Fast Reverse Proxy) tunnels use a dual-node architecture: Iran nodes run the FRP server (frps), and Foreign servers run the FRP client (frpc). They provide reliable TCP/UDP reverse tunnel functionality. FRP supports both TCP and UDP protocols, with optional IPv6 support for tunneling IPv6 traffic over IPv4 networks.

This project is licensed under the MIT License - see the LICENSE file for details.

If you find Smite useful and want to support its development, consider making a donation:

• Bitcoin (BTC): bc1q637gahjssmv9g3903j88tn6uyy0w2pwuvsp5k0
• Ethereum (ETH): 0x5B2eE8970E3B233F79D8c765E75f0705278098a0
• Tron (TRX): TSAsosG9oHMAjAr3JxPQStj32uAgAUmMp3
• USDT (BEP20): 0x5B2eE8970E3B233F79D8c765E75f0705278098a0
• TON: UQA-95WAUn_8pig7rsA9mqnuM5juEswKONSlu-jkbUBUhku6

• ⭐ Star the repository if you find it useful
• 🐛 Report bugs and suggest improvements
• 📖 Improve documentation and translations
• 🔗 Share with others who might benefit