diff --git a/src/error.rs b/src/error.rs
index dac60d7..803111e 100644
--- a/src/error.rs
+++ b/src/error.rs
@@ -1,25 +1,25 @@
 #[derive(thiserror::Error, Debug)]
 pub enum Error {
     #[error("std::io::Error {0}")]
-    IoError(#[from] std::io::Error),
+    Io(#[from] std::io::Error),
 
     #[error("std::net::AddrParseError {0}")]
-    AddrParseError(#[from] std::net::AddrParseError),
+    AddrParse(#[from] std::net::AddrParseError),
 
     #[error("smoltcp::iface::RouteTableFull {0:?}")]
     RouteTableFull(#[from] smoltcp::iface::RouteTableFull),
 
     #[error("smoltcp::socket::tcp::RecvError {0:?}")]
-    RecvError(#[from] smoltcp::socket::tcp::RecvError),
+    Recv(#[from] smoltcp::socket::tcp::RecvError),
 
     #[error("smoltcp::socket::tcp::ListenError {0:?}")]
-    ListenError(#[from] smoltcp::socket::tcp::ListenError),
+    Listen(#[from] smoltcp::socket::tcp::ListenError),
 
     #[error("smoltcp::socket::udp::BindError {0:?}")]
-    BindError(#[from] smoltcp::socket::udp::BindError),
+    Bind(#[from] smoltcp::socket::udp::BindError),
 
     #[error("smoltcp::socket::tcp::SendError {0:?}")]
-    SendError(#[from] smoltcp::socket::tcp::SendError),
+    Send(#[from] smoltcp::socket::tcp::SendError),
 
     #[error("&str {0}")]
     Str(String),
diff --git a/src/http.rs b/src/http.rs
index 33dfcc6..0a5278a 100644
--- a/src/http.rs
+++ b/src/http.rs
@@ -1,8 +1,9 @@
 use crate::error::Error;
 use crate::tun2proxy::{
-    Connection, ConnectionManager, Credentials, IncomingDataEvent, IncomingDirection,
-    OutgoingDataEvent, OutgoingDirection, TcpProxy,
+    Connection, ConnectionManager, IncomingDataEvent, IncomingDirection, OutgoingDataEvent,
+    OutgoingDirection, TcpProxy,
 };
+use crate::Credentials;
 use base64::Engine;
 use smoltcp::wire::IpProtocol;
 use std::collections::VecDeque;
@@ -161,7 +162,7 @@ impl TcpProxy for HttpConnection {
     }
 }
 
-pub struct HttpManager {
+pub(crate) struct HttpManager {
     server: SocketAddr,
     credentials: Option<Credentials>,
 }
diff --git a/src/lib.rs b/src/lib.rs
index bf26a58..5f5acd1 100644
--- a/src/lib.rs
+++ b/src/lib.rs
@@ -1,15 +1,14 @@
 use crate::error::Error;
 use crate::socks5::SocksVersion;
-use crate::tun2proxy::{Credentials, Options};
 use crate::{http::HttpManager, socks5::SocksManager, tun2proxy::TunToProxy};
 use std::net::{SocketAddr, ToSocketAddrs};
 
-pub mod error;
-pub mod http;
-pub mod socks5;
-pub mod tun2proxy;
-pub mod virtdevice;
-pub mod virtdns;
+mod error;
+mod http;
+mod socks5;
+mod tun2proxy;
+mod virtdevice;
+mod virtdns;
 
 #[derive(Clone, Debug)]
 pub struct Proxy {
@@ -80,6 +79,37 @@ impl std::fmt::Display for ProxyType {
     }
 }
 
+#[derive(Default)]
+pub struct Options {
+    virtdns: Option<virtdns::VirtualDns>,
+}
+
+impl Options {
+    pub fn new() -> Self {
+        Default::default()
+    }
+
+    pub fn with_virtual_dns(mut self) -> Self {
+        self.virtdns = Some(virtdns::VirtualDns::new());
+        self
+    }
+}
+
+#[derive(Default, Clone, Debug)]
+pub struct Credentials {
+    pub(crate) username: Vec<u8>,
+    pub(crate) password: Vec<u8>,
+}
+
+impl Credentials {
+    pub fn new(username: &str, password: &str) -> Self {
+        Self {
+            username: username.as_bytes().to_vec(),
+            password: password.as_bytes().to_vec(),
+        }
+    }
+}
+
 pub fn main_entry(tun: &str, proxy: Proxy, options: Options) -> Result<(), Error> {
     let mut ttp = TunToProxy::new(tun, options)?;
     match proxy.proxy_type {
diff --git a/src/main.rs b/src/main.rs
index 7cb0797..b0adacd 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -1,7 +1,7 @@
 use clap::Parser;
 use env_logger::Env;
 
-use tun2proxy::tun2proxy::Options;
+use tun2proxy::Options;
 use tun2proxy::{main_entry, Proxy};
 
 /// Tunnel interface to proxy
diff --git a/src/socks5.rs b/src/socks5.rs
index 9dc5b74..a4296af 100644
--- a/src/socks5.rs
+++ b/src/socks5.rs
@@ -1,8 +1,9 @@
 use crate::error::Error;
 use crate::tun2proxy::{
-    Connection, ConnectionManager, Credentials, DestinationHost, IncomingDataEvent,
-    IncomingDirection, OutgoingDataEvent, OutgoingDirection, TcpProxy,
+    Connection, ConnectionManager, DestinationHost, IncomingDataEvent, IncomingDirection,
+    OutgoingDataEvent, OutgoingDirection, TcpProxy,
 };
+use crate::Credentials;
 use smoltcp::wire::IpProtocol;
 use std::collections::VecDeque;
 use std::net::{IpAddr, SocketAddr};
diff --git a/src/tun2proxy.rs b/src/tun2proxy.rs
index 5c8100b..04d3678 100644
--- a/src/tun2proxy.rs
+++ b/src/tun2proxy.rs
@@ -1,7 +1,6 @@
 use crate::error::Error;
-use crate::tun2proxy::DestinationHost::Hostname;
 use crate::virtdevice::VirtualTunDevice;
-use crate::virtdns::VirtualDns;
+use crate::{Credentials, Options};
 use log::{error, info};
 use mio::event::Event;
 use mio::net::TcpStream;
@@ -22,7 +21,7 @@ use std::rc::Rc;
 use std::str::FromStr;
 
 #[derive(Hash, Clone, Eq, PartialEq)]
-pub enum DestinationHost {
+pub(crate) enum DestinationHost {
     Address(IpAddr),
     Hostname(String),
 }
@@ -31,7 +30,7 @@ impl std::fmt::Display for DestinationHost {
     fn fmt(&self, f: &mut std::fmt::Formatter<'_>) -> std::fmt::Result {
         match self {
             DestinationHost::Address(addr) => addr.fmt(f),
-            Hostname(name) => name.fmt(f),
+            DestinationHost::Hostname(name) => name.fmt(f),
         }
     }
 }
@@ -47,7 +46,7 @@ impl TryFrom<Destination> for SocketAddr {
     fn try_from(value: Destination) -> Result<Self, Self::Error> {
         let ip = match value.host {
             DestinationHost::Address(addr) => addr,
-            Hostname(e) => {
+            DestinationHost::Hostname(e) => {
                 return Err(e.into());
             }
         };
@@ -84,7 +83,7 @@ pub(crate) struct Connection {
 impl Connection {
     fn to_named(&self, name: String) -> Self {
         let mut result = self.clone();
-        result.dst.host = Hostname(name);
+        result.dst.host = DestinationHost::Hostname(name);
         result
     }
 }
@@ -215,21 +214,6 @@ struct ConnectionState {
     smoltcp_socket_state: u8,
 }
 
-#[derive(Default, Clone, Debug)]
-pub struct Credentials {
-    pub(crate) username: Vec<u8>,
-    pub(crate) password: Vec<u8>,
-}
-
-impl Credentials {
-    pub fn new(username: &str, password: &str) -> Self {
-        Self {
-            username: username.as_bytes().to_vec(),
-            password: password.as_bytes().to_vec(),
-        }
-    }
-}
-
 pub(crate) trait TcpProxy {
     fn push_data(&mut self, event: IncomingDataEvent<'_>) -> Result<(), Error>;
     fn consume_data(&mut self, dir: OutgoingDirection, size: usize);
@@ -249,21 +233,6 @@ pub(crate) trait ConnectionManager {
     fn get_credentials(&self) -> &Option<Credentials>;
 }
 
-#[derive(Default)]
-pub struct Options {
-    virtdns: Option<VirtualDns>,
-}
-
-impl Options {
-    pub fn new() -> Self {
-        Default::default()
-    }
-
-    pub fn with_virtual_dns(mut self) -> Self {
-        self.virtdns = Some(VirtualDns::new());
-        self
-    }
-}
 const TCP_TOKEN: Token = Token(0);
 const UDP_TOKEN: Token = Token(1);
 
diff --git a/tests/proxy.rs b/tests/proxy.rs
index d917b9a..02f8319 100644
--- a/tests/proxy.rs
+++ b/tests/proxy.rs
@@ -12,8 +12,7 @@ mod tests {
     use nix::unistd::Pid;
     use serial_test::serial;
 
-    use tun2proxy::tun2proxy::Options;
-    use tun2proxy::{main_entry, Proxy, ProxyType};
+    use tun2proxy::{main_entry, Options, Proxy, ProxyType};
 
     static TUN_TEST_DEVICE: &str = "tun0";
     static ALL_ROUTES: [&str; 4] = ["0.0.0.0/1", "128.0.0.0/1", "::/1", "8000::/1"];