Vladimir Dubrovin
89b45b1b2a
Support HAProxy proxy v1 protocol
...
C/C++ CI / ${{ matrix.target }} (macos-15) (push) Has been cancelled
C/C++ CI / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Has been cancelled
C/C++ CI / ${{ matrix.target }} (ubuntu-latest) (push) Has been cancelled
C/C++ CI / ${{ matrix.target }} (windows-2022) (push) Has been cancelled
Added:
-H option - expect HAProxy proxy v1 header, e.g. `proxy -H`
parent ha type - send HAProxy proxy v1 header (must be last in redirection), e.g.
allow *
parent 1000 ha
parent 1000 proxy 1.2.3.4 3128
socks
2025-03-15 15:54:29 +03:00
Vladimir Dubrovin
013d4bc333
tlspr (SNI proxy) implemented
...
Options -cN - level of TLS check
default - allow non-TLS traffic
1 - require TLS, only check client HELLO packet
2 - require TLS, check both client and server HELLO
3 - require TLS, check server send certificate (not compatible with TLS 1.3)
4 - require mutual TLS, check server send certificate request and client sends certificate (not compatible with TLS 1.3)
-P - default port
examples:
1.
tlspr -p1443 -P443 -c1
(port 1443 may be used to redirect traffic to destination port 143). SNI is used to find destination host
2.
allow * * * 80
parent 1000 http 0.0.0.0 0
allow * * * * CONNECT
parent 1000 tls 0.0.0.0 0
deny * * some.not.allowed.host
allow *
socks
attempts to take destination hostname from SNI in SOCKS
2024-05-20 13:01:38 +03:00
Vladimir Dubrovin
5e2b2a399e
clean up warnings
2023-07-13 15:29:26 +03:00
Vladimir Dubrovin
13979b5df4
Allow hostnames in parent
2023-04-26 15:05:47 +03:00
Daniel Winzen
b94e1fc01f
Few more changes
2022-11-08 16:02:47 +01:00
Daniel Winzen
9a6908e623
Add backlog config option
2022-11-08 15:04:19 +01:00
Vladimir Dubrovin
fb56b7d307
"auto" command added
2022-10-18 17:58:52 +03:00
Vladimir Dubrovin
461fae12e7
set logfunc after configuration reload
2021-10-29 19:12:03 +03:00
z3apa3a
e1b4e50242
Copyright update
2021-07-02 11:50:33 +03:00
z3apa3a
bad85a3d51
Support IPv6 subnets in parent extip
2021-04-21 20:39:57 +03:00
Vladimir Dubrovin
681182b1e5
Fix: '-' sign incorrectly parsed in hostname ACL, bandlim race condition on configuration reload
2021-04-15 12:26:34 +03:00
z3APA3A
cbe0c2f511
parentretries command added
2021-01-19 14:40:18 +03:00
z3APA3A
129d26475e
Fixed: counters incorectly shown in webadmin, contall/nocountall are not applied
2020-12-02 20:08:03 +03:00
z3APA3A
99a744abda
Few bugfixes
2020-11-18 16:10:07 +03:00
z3APA3A
ff67464aa1
Do not fail users without argument
2020-11-11 17:35:06 +03:00
z3APA3A
c1c5875356
better memory allocation errors handling, countall/nocountall corrected
2020-11-03 02:05:18 +03:00
z3APA3A
b81089f22e
More correct handling of insufficient memory
2020-11-02 18:59:13 +03:00
z3APA3A
a8b000b7f1
Allow to specify binding address for RADIUS
2020-10-15 12:21:46 +03:00
z3APA3A
d0725163d1
countall / nocountall ssupport added
2020-10-06 14:29:08 +03:00
z3APA3A
c30b4637a5
Do not resolve hostname to IP on ACL destination
2020-08-06 17:57:50 +03:00
z3APA3A
859713d10f
Fail if can not bind to device
2020-06-17 16:05:23 +03:00
z3APA3A
041134007d
Correct ip/network/hostname parsing in ACLs
2020-04-11 09:58:47 +03:00
z3APA3A
e7e7d2fddf
"limit" support in authcache to bind sessions to ip
2019-08-21 15:20:43 +03:00
z3APA3A
02d52e89e9
Fix: config change may stop log rotation
2019-01-15 11:51:10 +03:00
z3APA3A
d7373be071
Revert "Fixed: logrotation may stop after config change"
...
This reverts commit ede4aee619
2019-01-14 20:14:08 +03:00
z3APA3A
ede4aee619
Fixed: logrotation may stop after config change
2019-01-14 18:02:16 +03:00
z3APA3A
a0591c9786
Fix: $ is ignored in the begginning of quoted line
2018-12-05 14:21:03 +03:00
z3APA3A
68fed46ea0
fix 'radius' is not applied correctly on configuration reload
2018-05-11 16:23:05 +03:00
z3APA3A
1af6e65fba
Fix getting group id by groupname
2018-04-24 19:21:35 +03:00
z3APA3A
0f9a9d6e37
Fix redirection to http in lite version
2018-04-23 02:34:36 +03:00
z3APA3A
d971601316
Rmove more icqpr related things
2018-04-22 21:46:18 +03:00
z3APA3A
24127196ce
Remove ICQPR because OSCAR is outdated
2018-04-22 21:46:00 +03:00
z3APA3A
a4bc89dc8f
Fixed recently introduced logging bug
...
Logging could stop after configuration reload, introduced with
50277692f4
2018-04-22 01:12:54 +03:00
z3APA3A
e469e9e369
Increase default stacksize
2018-04-21 01:29:15 +03:00
z3APA3A
d1b527b523
Minor logging changes
2018-04-21 01:24:18 +03:00
z3APA3A
50277692f4
Replace fclose+fopen with freopen where possible
2018-04-21 00:30:02 +03:00
z3APA3A
5149996b20
Added support for username/groupname
...
Added support for username/groupname to seuid, setgid, chroot.
2018-04-17 18:46:01 +03:00
z3APA3A
6e240defdb
typo in conf.c leads to infinite loop on some commands
2018-01-25 17:20:36 +03:00
z3APA3A
ff91a6fe72
connlim / noconnlim commands added to support connection / connectio rate limits
2018-01-12 19:09:42 +03:00
z3APA3A
2d1720c15f
Move RADIUS related code to #ifndef NORADIUS
2017-12-22 18:53:50 +03:00
z3APA3A
4a553de100
RADIUS accounting added (not optimized yet)
2017-12-19 01:22:07 +03:00
z3APA3A
2554f06759
pthread_attr_destroy added to prevent memory leak on config reload
2017-09-13 22:05:38 +03:00
z3APA3A
6010190940
fix: do not fail external with "0.0.0.0" with NOIPV6 (lite version)
2017-07-19 19:23:55 +03:00
z3APA3A
305f01acb5
closecoket() is used instead of so._closesocket
2017-06-26 16:46:26 +03:00
z3APA3A
b4043e944c
Unify RADIUS code for logging
2017-06-25 18:40:26 +03:00
z3APA3A
4251322aad
Support hostnames for chained socks5+/socks4+/connect+ requests
2017-03-07 01:19:04 +03:00
z3APA3A
e7433d633c
'radius' and 'auth radius' support added (not tested yet)
...
Example:
radius secret 192.168.0.1 192.168.0.2
authcache ip,user
auth cache radius
2016-12-20 19:50:50 +03:00
z3APA3A
f709255d62
Copyrights cleaned, authradius.c added
2016-12-20 15:47:02 +03:00
z3apa3a
1ab549036c
Changed -a / -s options handling for 'anonymous' after last commit
2016-12-19 03:19:17 +03:00
z3APA3A
9890823664
fix signess warning
2016-09-04 15:33:20 +03:00
