fix(PortProxy): Fix port-based routing logic in PortProxy

changelog.md

@@ -1,5 +1,12 @@
 # Changelog
 
+## 2025-02-27 - 3.16.2 - fix(PortProxy)
+Fix port-based routing logic in PortProxy
+
+- Optimized the handling and checking of local ports in the global port range.
+- Fixed the logic for rejecting or accepting connections based on predefined port ranges.
+- Improved handling of the default and specific domain configurations during port-based connections.
+
 ## 2025-02-27 - 3.16.1 - fix(core)
 Updated minor version numbers in dependencies for patch release.
 

ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@push.rocks/smartproxy',
-  version: '3.16.1',
+  version: '3.16.2',
   description: 'A robust and versatile proxy package designed to handle high workloads, offering features like SSL redirection, port proxying, WebSocket support, and customizable routing and authentication.'
 }

ts/classes.portproxy.ts

@@ -344,13 +344,11 @@ export class PortProxy {
       };
 
       // --- PORT RANGE-BASED HANDLING ---
-      // If global port ranges are defined, enforce port-based routing and ignore SNI.
+      // Check if the local port falls within any of the global port ranges.
-      if (this.settings.globalPortRanges && this.settings.globalPortRanges.length > 0) {
+      const isLocalPortInGlobalRange =
-        if (!isPortInRanges(localPort, this.settings.globalPortRanges)) {
+        this.settings.globalPortRanges && isPortInRanges(localPort, this.settings.globalPortRanges);
-          console.log(`Connection from ${remoteIP} rejected: port ${localPort} is not in global allowed ranges.`);
+
-          socket.destroy();
+      if (isLocalPortInGlobalRange) {
-          return;
-        }
         if (this.settings.forwardAllGlobalRanges) {
           // Forward connection to the global targetIP regardless of domain config.
           if (this.settings.defaultAllowedIPs && !isAllowed(remoteIP, this.settings.defaultAllowedIPs)) {
@@ -367,16 +365,11 @@ export class PortProxy {
           });
           return;
         } else {
-          // Find a matching domain config based on the incoming local port.
+          // Attempt to find a matching forced domain config based on the local port.
           const forcedDomain = this.settings.domains.find(
             domain => domain.portRanges && domain.portRanges.length > 0 && isPortInRanges(localPort, domain.portRanges)
           );
-          if (!forcedDomain) {
+          if (forcedDomain) {
-            console.log(`Connection from ${remoteIP} rejected: port ${localPort} not configured in any domain's portRanges.`);
-            socket.destroy();
-            return;
-          }
-          // Check allowed IPs for the forced domain.
             const defaultAllowed = this.settings.defaultAllowedIPs && isAllowed(remoteIP, this.settings.defaultAllowedIPs);
             if (!defaultAllowed && !isAllowed(remoteIP, forcedDomain.allowedIPs)) {
               console.log(`Connection from ${remoteIP} rejected: IP not allowed for domain ${forcedDomain.domain} on port ${localPort}.`);
@@ -384,13 +377,14 @@ export class PortProxy {
               return;
             }
             console.log(`Port-based connection from ${remoteIP} on port ${localPort} matched domain ${forcedDomain.domain}.`);
-          // Proceed immediately using the forced domain; ignore SNI.
             setupConnection('', undefined, forcedDomain);
             return;
           }
+          // If no forced domain config is found for this port, fall through to SNI/default handling.
+        }
       }
 
-      // --- FALLBACK: SNI-BASED HANDLING (if no global port ranges are defined) ---
+      // --- FALLBACK: SNI-BASED HANDLING (or default when SNI is disabled) ---
       if (this.settings.sniEnabled) {
         socket.setTimeout(5000, () => {
           console.log(`Initial data timeout for ${remoteIP}`);