MintFlow NetStack is a purpose-built and highly customizable networking toolkit, it can capture all system traffic, send it over local Internet or VPN/Proxy by advanced routing rules, with optional HTTP capture and rewrite. it also support customizable MTU/DNS settings, diagnose utilities such as trace route and ping.

MintFlow NetStack does NOT provide any VPN/Proxy service, you should configure your existed or self hosted VPN/Proxy servers as virtual interfaces and customize with advanced routing behavior to satisfy your various scenarios.

KEY FEATURES:
- Powered by a high-performance, actively maintained network stack (based on fd.io VPP, written in high-quality C with no runtime overhead)
- One system VPN profile, supports multiple active L3VPN(WireGuard and more...) and Proxy(VMESS and more...) with advanced app split tunneling by CIDR prefix or CIDR set
- Transparent proxying of non-VPN traffic to the local internet based on Domain or DomainSet, leveraging VPP’s advanced host stack capabilities
- Custom traffic blocking by CIDR prefix, CIDR set, Domain, or DomainSet
- Includes a high-performance in-app DNS resolver with support for advanced split DNS
- Includes a high-performance in-app HTTP Engine to capture and rewrite HTTP/HTTPS traffic(by MITM)
- Customizable system VPN settings, including MTU and DNS servers

VPN Protocols supported:
- High-performance WireGuard support(600Mbps+ download with single OS thread, great battery efficient), Import WireGuard configurations via QR code, iCloud config files, or create manually
- VMESS-WS-TLS support, created manually
- SHADOWSOCKS with obfs support, created manually
- More protocols will be released in coming releases, stay tuned!

Flexible Scenarios:
- Route all traffic through a VPN/Proxy interface, or split VPN traffic across multiple interfaces
- Route selected traffic through VPN interface and proxy the rest to the local internet
- Enable AD blocking or parental control by assigning REJECT/DROP actions to certain CIDRs/Domains

HTTP Engine:
- Built-in HTTP Engine that can capture HTTP traffic and HTTPS traffic (using MITM technology, user need install and trust the app generated self-signed CA)
- Work with any traffic destination such as L3VPN or L4Proxy or Direct local Internet
- Inspect in-app captured HTTP log to debug app traffic and find any malicious or ADS traffic
- Block malicious or ADs HTTP/HTTPS traffic by using HTTP Engine URL Rewrite Capability with reject action or redirect action with new target URL
- More Rewrite capability and Scripting capability will be added in coming releases
- Prefer HTTP/2 for upstream connection even local App does not support HTTP/2 for performance
- Using Post quantum crypto(PQC) for HTTPS/TLS negotiations for maximum your privacy and safety

Diagnose Capability:
- Built-in ping and trace route tools for network troubleshooting
- Inspect in-app DNS activity to debug device app traffic and gather domains that need to be processed by HTTP Engine

Lean UI:
- Modern, intuitive interface with a clean design
- Dark mode support

Automation:
- Siri Shortcuts support for automation and quick actions
- Flexible On-Demand VPN rules which let your connect/disconnect on different network conditions

Notes:

1. MintFlow NetStack is highly customizable networking toolkit, we strongly recommend you to read the manual below to use it effectively and customize it for your own need
http://mintflow.galaxnet.cc/manual
2. fd.io VPP is the actively maintained open-source version of Cisco’s Vector Packet Processing (VPP) technology
3. WireGuard® is a registered trademark of Jason A. Donenfeld
4. WireGuard QR code and config file compatibility tested with Mullvad, Windscribe, and others

Special Notes:

The price may increase as more advanced features are added. Buy now to lock in all current and future features at today’s price