bughz/3proxy
1
0
Fork 0
mirror of https://github.com/3proxy/3proxy.git synced 2025-04-20 11:12:10 +08:00
Code Issues Actions Packages Projects Releases Wiki Activity
837 Commits 5 Branches 30 Tags 2.7 MiB
399c360be9
Commit Graph

110 Commits

Author SHA1 Message Date
Vladimir Dubrovin
013d4bc333 tlspr (SNI proxy) implemented 
Options -cN - level of TLS check
default - allow non-TLS traffic
1 - require TLS, only check client HELLO packet
2 - require TLS, check both client and server HELLO
3 - require TLS, check server send certificate (not compatible with TLS 1.3)
4 - require mutual TLS, check server send certificate request and client sends certificate (not compatible with TLS 1.3)
-P - default port

examples:

1.
tlspr -p1443 -P443 -c1
(port 1443 may be used to redirect traffic to destination port 143). SNI is used to find destination host

2.
allow * * * 80
parent 1000 http 0.0.0.0 0
allow * * * * CONNECT
parent 1000 tls 0.0.0.0 0
deny * * some.not.allowed.host
allow *
socks

attempts to take destination hostname from SNI in SOCKS
 2024-05-20 13:01:38 +03:00
Vladimir Dubrovin
35d1de6f5e Ffix use-after-free in freeparam 2024-02-22 17:30:50 +03:00
Vladimir Dubrovin
375e3a74d0 call local socket function 2024-02-18 19:41:45 +03:00
Vladimir Dubrovin
8198db8617 adding state to socket functions 2024-02-17 17:31:25 +03:00
Vladimir Dubrovin
20a929ca53 Add per-service sockfuncs 2024-02-17 12:57:36 +03:00
Vladimir Dubrovin
6532163f01 Fix connlim issues 2023-04-26 15:04:00 +03:00
Vladimir Dubrovin
862405bdfd set linger close to setsockopt 2022-12-23 17:58:15 +03:00
Daniel Winzen
cc0fd518bd
Incorporate feedback from z3APA3A 2022-11-08 15:42:04 +01:00
Daniel Winzen
9a6908e623
Add backlog config option 2022-11-08 15:04:19 +01:00
Daniel Winzen
25c375a78a
Increase backlog of listening sockets to match maxconn 2022-11-03 23:24:25 +01:00
Daniel Winzen
8a160dd188
Add support for TCP_FASTOPEN_CONNECT and TCP_FASTOPEN socket options (linux) 2022-11-01 20:11:26 +01:00
Vladimir Dubrovin
bac19c9ae6 Close service only after config mutex unlocked on reload 2022-08-12 19:18:52 +03:00
Vladimir Dubrovin
c98621aeef Always select between IPV6_BOUND_IF and IP_BOUND_IF 2022-06-29 10:35:17 +03:00
Vladimir Dubrovin
3dc698eccd Fix compilation issues 2022-06-29 10:18:36 +03:00
Vladimir Dubrovin
c1beceb24b Support IP_BOUND_IF on MacOS 2022-06-28 12:50:48 +03:00
Vladimir Dubrovin
55d1bbe155 Grace delay feature added 
`proxy -g8000,3,10`

First parameter is average read size we want to keep, second parameter is
minimal number of packets in the same direction to apply algorythm,
last value is delay added after polling and prior to reading data.
An example above adds 10 millisecond delay before reading data if average
polling size is below 8000 bytes and 3 read operations are made in the same
direction. It's specially usefule with splice. `logdump 1 1` is useful
to see how grace delays work, choose delay value to avoid filling the read
pipe/buffer (typically 64K) but keep the request sizes close to chosen average
on large file upload/download.
 2022-05-19 18:51:02 +03:00
Vladimir Dubrovin
e1448b9eb1 connlim error code corrected (should return 10) 2021-11-24 18:22:04 +03:00
z3apa3a
e1b4e50242 Copyright update 2021-07-02 11:50:33 +03:00
z3APA3A
4d63f957c2 Fix for connect back 2020-11-23 18:58:33 +03:00
z3APA3A
e013cc2ab8 remove unneeded fseek 2020-11-18 17:55:23 +03:00
z3APA3A
f64cd475af Do not set sigmask for thread in standalone service 2020-11-13 11:01:14 +03:00
z3APA3A
3a31da9b3d fixed error in previous commit 2020-11-03 14:48:55 +03:00
z3APA3A
9356db8de6 Minor memory handling changes 2020-11-03 13:39:56 +03:00
z3APA3A
dbbbe59ef2 Fix acl copy / auth copy out-of-memory error 2020-11-03 11:16:04 +03:00
z3APA3A
b81089f22e More correct handling of insufficient memory 2020-11-02 18:59:13 +03:00
z3APA3A
22555b58ec Do not sigmask main thread for standalone services 2020-10-15 16:00:43 +03:00
z3APA3A
a8b000b7f1 Allow to specify binding address for RADIUS 2020-10-15 12:21:46 +03:00
z3APA3A
eb829b062b Major code refactoring 
- sockmapping rewritten from stratch to minimilse polling. poll() is now
only called if blocking is actually expected, splice pipes are now
polled if splice fails, buffers flushing is much more accurate.
- logging code moved to separate files
- signal masks added to client threads to prevent unneeded interruptions
- bandwidth limitation will not delay the thread after client or server
shutdown
 2020-10-09 15:42:34 +03:00
z3APA3A
3dd1969657 Move logging to log.c 2020-10-07 19:03:59 +03:00
z3APA3A
ebd7b34159 -N(NAT_address) option added for socks 2020-10-07 11:21:01 +03:00
z3APA3A
09507a2fe9 prevent warnings in proxymain 2019-01-25 23:40:35 +03:00
z3APA3A
6fe36b01d1 Fixed: admin always starts with -s under Linux 2018-12-28 12:45:52 +03:00
z3APA3A
68823c2921 Fix sockets option parsing 2018-05-25 18:19:19 +03:00
z3APA3A
92b3dd8638 Use overloadable poll 2018-05-05 20:07:59 +03:00
z3APA3A
20fa72bd42 Add connback timeouts / improve logging 2018-05-05 19:59:37 +03:00
z3APA3A
eb09ae7c58 Support socket options for connback sockets and connection timeouts 2018-05-05 17:16:51 +03:00
z3APA3A
acc64b03fd Fix recently broken admin -s 2018-04-23 13:49:39 +03:00
z3APA3A
0b0de0d2ee cleaunup signed/unsigned mismatch 2018-04-22 21:57:17 +03:00
z3APA3A
0425cbbdb5 corre usesplice setting 2018-04-22 20:30:16 +03:00
z3APA3A
d2705df891 Use splice by default if no filteers set 
-s0 to disable splice
 2018-04-22 20:03:04 +03:00
z3APA3A
78e180a054 fixed: race condition on service stop / restart 
Do not close -l file descriptor while there are alive childrent
 2018-04-21 17:25:01 +03:00
z3APA3A
39be30ba5d Simplify socket options printing 
+ add supported options to 3proxy help message
 2018-04-21 17:02:20 +03:00
z3APA3A
e469e9e369 Increase default stacksize 2018-04-21 01:29:15 +03:00
z3APA3A
25028ed1b8 support IP_ socket options 2018-04-14 23:52:38 +03:00
z3APA3A
a0ae9ee6fa Removing unneeded checks 2018-04-06 17:45:42 +03:00
z3APA3A
ff91a6fe72 connlim / noconnlim commands added to support connection / connectio rate limits 2018-01-12 19:09:42 +03:00
z3APA3A
d60d00b7b6 Switch to preprocessor macro for version 2017-11-07 21:56:03 +03:00
z3APA3A
984efe193b Prevent deadlock on thread creation error 2017-09-25 17:14:13 +03:00
z3APA3A
2554f06759 pthread_attr_destroy added to prevent memory leak on config reload 2017-09-13 22:05:38 +03:00
z3APA3A
8c0dc7d8c9 Change -Do option to -De (external) 2017-09-06 19:19:36 +03:00