3.4.1

fix(PortProxy): Normalize IP addresses for port proxy to handle IPv4-mapped IPv6 addresses.
3.4.0
2025-02-21 18:43:08 +00:00 · 2025-02-21 18:43:08 +00:00 · 2025-02-21 17:01:02 +00:00 · 2025-02-21 17:01:02 +00:00
5 changed files with 78 additions and 19 deletions
--- a/changelog.md
+++ b/changelog.md
@ -1,5 +1,19 @@
 # Changelog

+## 2025-02-21 - 3.4.1 - fix(PortProxy)
+Normalize IP addresses for port proxy to handle IPv4-mapped IPv6 addresses.
+
+- Improved IP normalization logic in PortProxy to support IPv4-mapped IPv6 addresses.
+- Updated isAllowed function to expand patterns for better matching accuracy.
+
+## 2025-02-21 - 3.4.0 - feat(PortProxy)
+Enhanced PortProxy with custom target host and improved testing
+
+- PortProxy constructor now accepts 'fromPort', 'toPort', and optional 'toHost' directly from settings
+- Refactored test cases to cover forwarding to the custom host
+- Added support to handle multiple concurrent connections
+- Refactored internal connection handling logic to utilize default configurations
+
 ## 2025-02-21 - 3.3.1 - fix(PortProxy)
 fixed import usage of net and tls libraries for PortProxy

--- a/package.json
+++ b/package.json
@ -1,6 +1,6 @@
 {
  "name": "@push.rocks/smartproxy",
-  "version": "3.3.1",
+  "version": "3.4.1",
  "private": false,
  "description": "a proxy for handling high workloads of proxying",
  "main": "dist_ts/index.js",
--- a/test/test.portproxy.ts
+++ b/test/test.portproxy.ts
@ -58,10 +58,13 @@ function createTestClient(port: number, data: string): Promise<string> {
 // Setup test environment
 tap.test('setup port proxy test environment', async () => {
  testServer = await createTestServer(TEST_SERVER_PORT);
-  portProxy = new PortProxy(PROXY_PORT, TEST_SERVER_PORT, {
+  portProxy = new PortProxy({
+    fromPort: PROXY_PORT,
+    toPort: TEST_SERVER_PORT,
+    toHost: 'localhost',
    domains: [],
    sniEnabled: false,
-    defaultAllowedIPs: ['127.0.0.1', '::ffff:127.0.0.1']
+    defaultAllowedIPs: ['127.0.0.1']
  });
 });

@ -70,11 +73,28 @@ tap.test('should start port proxy', async () => {
  expect(portProxy.netServer.listening).toBeTrue();
 });

-tap.test('should forward TCP connections and data', async () => {
+tap.test('should forward TCP connections and data to localhost', async () => {
  const response = await createTestClient(PROXY_PORT, TEST_DATA);
  expect(response).toEqual(`Echo: ${TEST_DATA}`);
 });

+tap.test('should forward TCP connections to custom host', async () => {
+  // Create a new proxy instance with a custom host
+  const customHostProxy = new PortProxy({
+    fromPort: PROXY_PORT + 1,
+    toPort: TEST_SERVER_PORT,
+    toHost: '127.0.0.1',
+    domains: [],
+    sniEnabled: false,
+    defaultAllowedIPs: ['127.0.0.1']
+  });
+  
+  await customHostProxy.start();
+  const response = await createTestClient(PROXY_PORT + 1, TEST_DATA);
+  expect(response).toEqual(`Echo: ${TEST_DATA}`);
+  await customHostProxy.stop();
+});
+
 tap.test('should handle multiple concurrent connections', async () => {
  const concurrentRequests = 5;
  const requests = Array(concurrentRequests).fill(null).map((_, i) => 
--- a/ts/00_commitinfo_data.ts
+++ b/ts/00_commitinfo_data.ts
@ -3,6 +3,6 @@
 */
 export const commitinfo = {
  name: '@push.rocks/smartproxy',
-  version: '3.3.1',
+  version: '3.4.1',
  description: 'a proxy for handling high workloads of proxying'
 }
--- a/ts/smartproxy.portproxy.ts
+++ b/ts/smartproxy.portproxy.ts
@ -6,23 +6,27 @@ export interface DomainConfig {
  allowedIPs: string[];  // glob patterns for IPs allowed to access this domain
 }

-export interface ProxySettings {
+export interface ProxySettings extends plugins.tls.TlsOptions {
+  // Port configuration
+  fromPort: number;
+  toPort: number;
+  toHost?: string;  // Target host to proxy to, defaults to 'localhost'
+
+  // Domain and security settings
  domains: DomainConfig[];
  sniEnabled?: boolean;
-  tlsOptions?: plugins.tls.TlsOptions;
  defaultAllowedIPs?: string[];  // Optional default IP patterns if no matching domain found
 }

 export class PortProxy {
  netServer: plugins.net.Server | plugins.tls.Server;
-  fromPort: number;
-  toPort: number;
  settings: ProxySettings;

-  constructor(fromPortArg: number, toPortArg: number, settings: plugins.tls.TlsOptions & ProxySettings) {
-    this.fromPort = fromPortArg;
-    this.toPort = toPortArg;
-    this.settings = settings;
+  constructor(settings: ProxySettings) {
+    this.settings = {
+      ...settings,
+      toHost: settings.toHost || 'localhost'
+    };
  }

  public async start() {
@ -36,15 +40,35 @@ export class PortProxy {
      from.destroy();
      to.destroy();
    };
+    const normalizeIP = (ip: string): string[] => {
+      // Handle IPv4-mapped IPv6 addresses
+      if (ip.startsWith('::ffff:')) {
+        const ipv4 = ip.slice(7); // Remove '::ffff:' prefix
+        return [ip, ipv4];
+      }
+      // Handle IPv4 addresses by adding IPv4-mapped IPv6 variant
+      if (ip.match(/^\d{1,3}(\.\d{1,3}){3}$/)) {
+        return [ip, `::ffff:${ip}`];
+      }
+      return [ip];
+    };
+
    const isAllowed = (value: string, patterns: string[]): boolean => {
-      return patterns.some(pattern => plugins.minimatch(value, pattern));
+      // Expand patterns to include both IPv4 and IPv6 variants
+      const expandedPatterns = patterns.flatMap(normalizeIP);
+      // Check if any variant of the IP matches any expanded pattern
+      return normalizeIP(value).some(ip => 
+        expandedPatterns.some(pattern => plugins.minimatch(ip, pattern))
+      );
    };

    const findMatchingDomain = (serverName: string): DomainConfig | undefined => {
      return this.settings.domains.find(config => plugins.minimatch(serverName, config.domain));
    };

-    const server = this.settings.sniEnabled ? plugins.tls.createServer(this.settings.tlsOptions || {}) : plugins.net.createServer();
+    const server = this.settings.sniEnabled
+      ? plugins.tls.createServer(this.settings)
+      : plugins.net.createServer();
    
    this.netServer = server.on('connection', (from: plugins.net.Socket) => {
      const remoteIP = from.remoteAddress || '';
@ -74,9 +98,10 @@ export class PortProxy {
        }

        const to = plugins.net.createConnection({
-          host: 'localhost',
-          port: this.toPort,
+          host: this.settings.toHost!,
+          port: this.settings.toPort,
        });
+        console.log(`Connection established: ${remoteIP} -> ${this.settings.toHost}:${this.settings.toPort}${this.settings.sniEnabled ? ` (SNI: ${(from as any).servername || 'none'})` : ''}`);
        from.setTimeout(120000);
        from.pipe(to);
        to.pipe(from);
@ -105,8 +130,8 @@ export class PortProxy {
          cleanUpSockets(from, to);
        });
      })
-      .listen(this.fromPort);
-    console.log(`PortProxy -> OK: Now listening on port ${this.fromPort}`);
+      .listen(this.settings.fromPort);
+    console.log(`PortProxy -> OK: Now listening on port ${this.settings.fromPort}`);
  }

  public async stop() {
Author	SHA1	Message	Date
Philipp Kunz	63e1cd48e8	3.4.1	2025-02-21 18:43:08 +00:00
Philipp Kunz	5150ddc18e	fix(PortProxy): Normalize IP addresses for port proxy to handle IPv4-mapped IPv6 addresses.	2025-02-21 18:43:08 +00:00
Philipp Kunz	4bee483954	3.4.0	2025-02-21 17:01:02 +00:00
Philipp Kunz	4328d4365f	feat(PortProxy): Enhanced PortProxy with custom target host and improved testing	2025-02-21 17:01:02 +00:00