94 lines
2.9 KiB
TypeScript
94 lines
2.9 KiB
TypeScript
/**
|
|
* Interfaces for NfTablesProxy
|
|
*/
|
|
|
|
/**
|
|
* Represents a port range for forwarding
|
|
*/
|
|
export interface PortRange {
|
|
from: number;
|
|
to: number;
|
|
}
|
|
|
|
// Legacy interface name for backward compatibility
|
|
export type IPortRange = PortRange;
|
|
|
|
/**
|
|
* Settings for NfTablesProxy.
|
|
*/
|
|
export interface NfTableProxyOptions {
|
|
// Basic settings
|
|
fromPort: number | PortRange | Array<number | PortRange>; // Support single port, port range, or multiple ports/ranges
|
|
toPort: number | PortRange | Array<number | PortRange>;
|
|
toHost?: string; // Target host for proxying; defaults to 'localhost'
|
|
|
|
// Advanced settings
|
|
preserveSourceIP?: boolean; // If true, the original source IP is preserved
|
|
deleteOnExit?: boolean; // If true, clean up rules before process exit
|
|
protocol?: 'tcp' | 'udp' | 'all'; // Protocol to forward, defaults to 'tcp'
|
|
enableLogging?: boolean; // Enable detailed logging
|
|
ipv6Support?: boolean; // Enable IPv6 support
|
|
logFormat?: 'plain' | 'json'; // Format for logs
|
|
|
|
// Source filtering
|
|
allowedSourceIPs?: string[]; // If provided, only these IPs are allowed
|
|
bannedSourceIPs?: string[]; // If provided, these IPs are blocked
|
|
useIPSets?: boolean; // Use nftables sets for efficient IP management
|
|
|
|
// Rule management
|
|
forceCleanSlate?: boolean; // Clear all NfTablesProxy rules before starting
|
|
tableName?: string; // Custom table name (defaults to 'portproxy')
|
|
|
|
// Connection management
|
|
maxRetries?: number; // Maximum number of retries for failed commands
|
|
retryDelayMs?: number; // Delay between retries in milliseconds
|
|
useAdvancedNAT?: boolean; // Use connection tracking for stateful NAT
|
|
|
|
// Quality of Service
|
|
qos?: {
|
|
enabled: boolean;
|
|
maxRate?: string; // e.g. "10mbps"
|
|
priority?: number; // 1 (highest) to 10 (lowest)
|
|
markConnections?: boolean; // Mark connections for easier management
|
|
};
|
|
|
|
// Integration with PortProxy/NetworkProxy
|
|
netProxyIntegration?: {
|
|
enabled: boolean;
|
|
redirectLocalhost?: boolean; // Redirect localhost traffic to NetworkProxy
|
|
sslTerminationPort?: number; // Port where NetworkProxy handles SSL termination
|
|
};
|
|
}
|
|
|
|
// Legacy interface name for backward compatibility
|
|
export type INfTableProxySettings = NfTableProxyOptions;
|
|
|
|
/**
|
|
* Interface for status reporting
|
|
*/
|
|
export interface NfTablesStatus {
|
|
active: boolean;
|
|
ruleCount: {
|
|
total: number;
|
|
added: number;
|
|
verified: number;
|
|
};
|
|
tablesConfigured: { family: string; tableName: string }[];
|
|
metrics: {
|
|
forwardedConnections?: number;
|
|
activeConnections?: number;
|
|
bytesForwarded?: {
|
|
sent: number;
|
|
received: number;
|
|
};
|
|
};
|
|
qosEnabled?: boolean;
|
|
ipSetsConfigured?: {
|
|
name: string;
|
|
elementCount: number;
|
|
type: string;
|
|
}[];
|
|
}
|
|
|
|
// Legacy interface name for backward compatibility
|
|
export type INfTablesStatus = NfTablesStatus; |