feat(PortProxy): Enhancements made to PortProxy settings and capabilities
This commit is contained in:
parent
408b793149
commit
a2cb56ba65
@ -1,5 +1,13 @@
|
|||||||
# Changelog
|
# Changelog
|
||||||
|
|
||||||
|
## 2025-02-27 - 3.16.0 - feat(PortProxy)
|
||||||
|
Enhancements made to PortProxy settings and capabilities
|
||||||
|
|
||||||
|
- Added 'forwardAllGlobalRanges' and 'targetIP' to IPortProxySettings.
|
||||||
|
- Improved PortProxy to forward connections based on domain-specific configurations.
|
||||||
|
- Added comprehensive handling for global port-range based connection forwarding.
|
||||||
|
- Enabled forwarding of all connections on global port ranges directly to global target IP.
|
||||||
|
|
||||||
## 2025-02-27 - 3.15.0 - feat(classes.portproxy)
|
## 2025-02-27 - 3.15.0 - feat(classes.portproxy)
|
||||||
Add support for port range-based routing with enhanced IP and port validation.
|
Add support for port range-based routing with enhanced IP and port validation.
|
||||||
|
|
||||||
|
@ -3,6 +3,6 @@
|
|||||||
*/
|
*/
|
||||||
export const commitinfo = {
|
export const commitinfo = {
|
||||||
name: '@push.rocks/smartproxy',
|
name: '@push.rocks/smartproxy',
|
||||||
version: '3.15.0',
|
version: '3.16.0',
|
||||||
description: 'A robust and versatile proxy package designed to handle high workloads, offering features like SSL redirection, port proxying, WebSocket support, and customizable routing and authentication.'
|
description: 'A robust and versatile proxy package designed to handle high workloads, offering features like SSL redirection, port proxying, WebSocket support, and customizable routing and authentication.'
|
||||||
}
|
}
|
||||||
|
@ -5,20 +5,21 @@ export interface IDomainConfig {
|
|||||||
domain: string; // Glob pattern for domain
|
domain: string; // Glob pattern for domain
|
||||||
allowedIPs: string[]; // Glob patterns for allowed IPs
|
allowedIPs: string[]; // Glob patterns for allowed IPs
|
||||||
targetIP?: string; // Optional target IP for this domain
|
targetIP?: string; // Optional target IP for this domain
|
||||||
portRanges: Array<{ from: number; to: number }>; // Domain-specific allowed port ranges
|
portRanges?: Array<{ from: number; to: number }>; // Optional domain-specific allowed port ranges
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Port proxy settings including global allowed port ranges */
|
/** Port proxy settings including global allowed port ranges */
|
||||||
export interface IPortProxySettings extends plugins.tls.TlsOptions {
|
export interface IPortProxySettings extends plugins.tls.TlsOptions {
|
||||||
fromPort: number;
|
fromPort: number;
|
||||||
toPort: number;
|
toPort: number;
|
||||||
toHost?: string; // Target host to proxy to, defaults to 'localhost'
|
targetIP?: string; // Global target host to proxy to, defaults to 'localhost'
|
||||||
domains: IDomainConfig[];
|
domains: IDomainConfig[];
|
||||||
sniEnabled?: boolean;
|
sniEnabled?: boolean;
|
||||||
defaultAllowedIPs?: string[];
|
defaultAllowedIPs?: string[];
|
||||||
preserveSourceIP?: boolean;
|
preserveSourceIP?: boolean;
|
||||||
maxConnectionLifetime?: number; // (ms) force cleanup of long-lived connections
|
maxConnectionLifetime?: number; // (ms) force cleanup of long-lived connections
|
||||||
globalPortRanges: Array<{ from: number; to: number }>; // Global allowed port ranges
|
globalPortRanges: Array<{ from: number; to: number }>; // Global allowed port ranges
|
||||||
|
forwardAllGlobalRanges?: boolean; // When true, forwards all connections on global port ranges to the global targetIP
|
||||||
}
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
@ -111,7 +112,7 @@ export class PortProxy {
|
|||||||
constructor(settingsArg: IPortProxySettings) {
|
constructor(settingsArg: IPortProxySettings) {
|
||||||
this.settings = {
|
this.settings = {
|
||||||
...settingsArg,
|
...settingsArg,
|
||||||
toHost: settingsArg.toHost || 'localhost',
|
targetIP: settingsArg.targetIP || 'localhost',
|
||||||
maxConnectionLifetime: settingsArg.maxConnectionLifetime || 600000,
|
maxConnectionLifetime: settingsArg.maxConnectionLifetime || 600000,
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
@ -256,7 +257,7 @@ export class PortProxy {
|
|||||||
} else if (defaultAllowed && !serverName) {
|
} else if (defaultAllowed && !serverName) {
|
||||||
console.log(`Connection allowed: IP ${remoteIP} is in default allowed list`);
|
console.log(`Connection allowed: IP ${remoteIP} is in default allowed list`);
|
||||||
}
|
}
|
||||||
const targetHost = domainConfig?.targetIP || this.settings.toHost!;
|
const targetHost = domainConfig?.targetIP || this.settings.targetIP!;
|
||||||
const connectionOptions: plugins.net.NetConnectOpts = {
|
const connectionOptions: plugins.net.NetConnectOpts = {
|
||||||
host: targetHost,
|
host: targetHost,
|
||||||
port: this.settings.toPort,
|
port: this.settings.toPort,
|
||||||
@ -350,6 +351,22 @@ export class PortProxy {
|
|||||||
socket.destroy();
|
socket.destroy();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
if (this.settings.forwardAllGlobalRanges) {
|
||||||
|
// Forward connection to the global targetIP regardless of domain config.
|
||||||
|
if (this.settings.defaultAllowedIPs && !isAllowed(remoteIP, this.settings.defaultAllowedIPs)) {
|
||||||
|
console.log(`Connection from ${remoteIP} rejected: IP ${remoteIP} not allowed in global default allowed list.`);
|
||||||
|
socket.end();
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
console.log(`Port-based connection from ${remoteIP} on port ${localPort} forwarded to global target IP ${this.settings.targetIP}.`);
|
||||||
|
setupConnection('', undefined, {
|
||||||
|
domain: 'global',
|
||||||
|
allowedIPs: this.settings.defaultAllowedIPs || [],
|
||||||
|
targetIP: this.settings.targetIP,
|
||||||
|
portRanges: []
|
||||||
|
});
|
||||||
|
return;
|
||||||
|
} else {
|
||||||
// Find a matching domain config based on the incoming local port.
|
// Find a matching domain config based on the incoming local port.
|
||||||
const forcedDomain = this.settings.domains.find(
|
const forcedDomain = this.settings.domains.find(
|
||||||
domain => domain.portRanges && domain.portRanges.length > 0 && isPortInRanges(localPort, domain.portRanges)
|
domain => domain.portRanges && domain.portRanges.length > 0 && isPortInRanges(localPort, domain.portRanges)
|
||||||
@ -371,6 +388,7 @@ export class PortProxy {
|
|||||||
setupConnection('', undefined, forcedDomain);
|
setupConnection('', undefined, forcedDomain);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
}
|
||||||
|
|
||||||
// --- FALLBACK: SNI-BASED HANDLING (if no global port ranges are defined) ---
|
// --- FALLBACK: SNI-BASED HANDLING (if no global port ranges are defined) ---
|
||||||
if (this.settings.sniEnabled) {
|
if (this.settings.sniEnabled) {
|
||||||
|
Loading…
x
Reference in New Issue
Block a user