push.rocks/smartproxy
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(rustproxy): add authenticated VPN route security

Browse Source
This commit is contained in:
Jürgen Kunz
2026-05-24 01:25:06 +00:00
parent c161ac664d
commit c7785d2f78
12 changed files with 310 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files
ts/proxies/smart-proxy/models/route-types.ts
+10 -1
View File
@@ -173,6 +173,15 @@ export interface IRouteSecurity {
expiresIn?: number;
excludePaths?: string[];
};
vpn?: {
/** Require authenticated VPN metadata from a trusted PROXY v2 TLV. */
required?: boolean;
/** Allowed VPN client IDs. Entries can be full-route or domain-scoped. */
allowedClients?: Array<string | { clientId: string; domains: string[] }>;
/** Allowed VPN tunnel IPs, kept for compatibility. Prefer allowedClients. */
allowedAssignedIps?: string[];
};
}
/**
@@ -436,4 +445,4 @@ export interface IRouteQuic {
initialCongestionWindow?: number;
}
// Configuration moved to models/interfaces.ts as ISmartProxyOptions
// Configuration moved to models/interfaces.ts as ISmartProxyOptions
ts/proxies/smart-proxy/socket-handler-server.ts
+1
View File
@@ -167,6 +167,7 @@ export class SocketHandlerServer {
domain: metadata.domain,
clientIp: metadata.remoteIP || 'unknown',
serverIp: '0.0.0.0',
vpn: metadata.vpn,
path: metadata.path,
isTls: metadata.isTLS || false,
tlsVersion: metadata.tlsVersion,