3proxy

mirror of https://github.com/3proxy/3proxy.git synced 2026-04-12 16:00:11 +08:00

Author	SHA1	Message	Date
Vladimir Dubrovin	c206349ee2	Support unix sockets for internal and -i Example configuration: log auto -iunix:/path/to/3proxy.sock test with curl --unix-socket /path/to/3proxy.sock https://3proxy.ru	2026-04-12 00:30:35 +03:00
Vladimir Dubrovin	0c8be907e9	-Ne / -Ni options added to specify external / internal NAT address Some checks are pending C/C++ CI Linux / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run Details C/C++ CI Linux / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run Details C/C++ CI MacOS / ${{ matrix.target }} (macos-15) (push) Waiting to run Details C/C++ CI Windows / ${{ matrix.target }} (windows-2022) (push) Waiting to run Details C/C++ CI cmake / ${{ matrix.target }} (macos-15) (push) Waiting to run Details C/C++ CI cmake / ${{ matrix.target }} (ubuntu-24.04-arm) (push) Waiting to run Details C/C++ CI cmake / ${{ matrix.target }} (ubuntu-latest) (push) Waiting to run Details C/C++ CI cmake / ${{ matrix.target }} (windows-2022) (push) Waiting to run Details	2026-04-10 15:01:43 +03:00
Vladimir Dubrovin	483542b914	Use uint32_t/uint16_t instead of unsigned long / unsigned short where required	2026-04-08 21:13:18 +03:00
Vladimir Dubrovin	09a3ddeeac	SOCKSTRACE fixed	2026-04-08 19:21:25 +03:00
Vladimir Dubrovin	cf6946cc8b	Fix: IPv6 address may be invalid on some plafrorms for SOCKSv5 UDP ASSOCIATE	2024-07-18 12:50:59 +03:00
Vladimir Dubrovin	013d4bc333	tlspr (SNI proxy) implemented Options -cN - level of TLS check default - allow non-TLS traffic 1 - require TLS, only check client HELLO packet 2 - require TLS, check both client and server HELLO 3 - require TLS, check server send certificate (not compatible with TLS 1.3) 4 - require mutual TLS, check server send certificate request and client sends certificate (not compatible with TLS 1.3) -P - default port examples: 1. tlspr -p1443 -P443 -c1 (port 1443 may be used to redirect traffic to destination port 143). SNI is used to find destination host 2. allow * * * 80 parent 1000 http 0.0.0.0 0 allow * * * * CONNECT parent 1000 tls 0.0.0.0 0 deny * * some.not.allowed.host allow * socks attempts to take destination hostname from SNI in SOCKS	2024-05-20 13:01:38 +03:00
Vladimir Dubrovin	375e3a74d0	call local socket function	2024-02-18 19:41:45 +03:00
Vladimir Dubrovin	8198db8617	adding state to socket functions	2024-02-17 17:31:25 +03:00
Vladimir Dubrovin	00513a7d28	eliminate redundant code in previous fix	2023-07-12 17:21:46 +03:00
Vladimir Dubrovin	dc7e098e6b	Support request filters for SOCKS, support broken BIND request from some clients	2023-07-12 15:55:50 +03:00
Vladimir Dubrovin	1cf169b7ae	FIX: SSLPlugin with SOCKS	2022-05-19 13:26:52 +03:00
Vladimir Dubrovin	6d77141ecc	Update socks.c	2022-04-25 13:09:55 +03:00
Vladimir Dubrovin	daa2b74354	Merge branch 'master' of https://github.com/3proxy/3proxy	2021-10-21 19:57:06 +03:00
Vladimir Dubrovin	bec6e589fb	extNat implemented incorrectly, removing current support	2021-10-21 19:57:02 +03:00
z3apa3a	e1b4e50242	Copyright update	2021-07-02 11:50:33 +03:00
z3APA3A	eb829b062b	Major code refactoring - sockmapping rewritten from stratch to minimilse polling. poll() is now only called if blocking is actually expected, splice pipes are now polled if splice fails, buffers flushing is much more accurate. - logging code moved to separate files - signal masks added to client threads to prevent unneeded interruptions - bandwidth limitation will not delay the thread after client or server shutdown	2020-10-09 15:42:34 +03:00
z3APA3A	ebd7b34159	-N(NAT_address) option added for socks	2020-10-07 11:21:01 +03:00
z3APA3A	1075370594	Don't terminate connection on datagram sending issue in SOCKSv5 UDP ASSOCIATE	2020-08-08 13:56:34 +03:00
z3APA3A	22cf9254c5	rename memory functions in pluginlink	2019-09-03 20:46:47 +03:00
z3APA3A	dc55d2b724	UDP portmap doesn't resolve hostname in UDP packet	2018-03-06 20:01:03 +03:00
z3APA3A	f709255d62	Copyrights cleaned, authradius.c added	2016-12-20 15:47:02 +03:00
z3apa3a	d159c57e1f	Add splice() support on Linux to proxy, socks, ftppt, smtpp, pop3p usage example: proxy -s proxy -s2 -s - enable splice() for sockets mapping to avoid data to be copied to user space -s2 - enable splice() and attempt to free user space buffer ASAP	2016-12-19 22:07:34 +03:00
z3APA3A	a44a32c484	Do not fail for zero address on SOCKSv5 BIND/UDPASSOC	2016-03-08 13:28:29 +03:00
z3APA3A	b513584fdb	More distinct error codes for SOCKS	2016-03-08 12:43:07 +03:00
z3APA3A	3b8e7741b3	Compilation warnings cleanup	2016-02-16 15:29:51 +03:00
z3APA3A	13a7d6be11	Replace memcpy with assignment where appropriate	2016-02-05 18:31:17 +03:00
z3APA3A	1ed5229a54	Do not use SO_REUSEADDR by default to avoid misbehavior in some glibc versions	2016-01-23 18:41:20 +03:00
z3APA3A	4af5f2fde7	Use SASIZE() instead of sizeof() in bind() for FreeBSD compatibility	2016-01-22 15:59:40 +03:00
z3APA3A	75c63d2de6	add support for -u2 in socks	2016-01-15 15:29:57 +03:00
z3APA3A	d49a19cb29	invalid source port selection in socls	2016-01-03 19:43:16 +03:00
z3APA3A	1be800c334	Fixed: request by host name in SOCKSv5	2015-12-11 02:20:22 +03:00
z3APA3A	40f9430623	Force use of IPv6 translated address instead of IPv4 with -6	2015-12-07 22:58:31 +03:00
z3APA3A	e37a7f48d7	Older CVS comments removed	2014-12-13 23:20:00 +03:00
z3APA3A	8a6632f0d1	Support IPv6 for parent proxy Parent proxy can be on IPv6 network (except SOCKS4).	2014-12-13 22:38:03 +03:00
z3APA3A	15f9f24f04	Name resolution via TCP support Supports _real_ name resolution via parent proxy over TCP in nserver / dnspr. Can be used to create UDP->TCP name proxy, e.g. nserver 127.0.0.1/tcp nscache 65535 auth none dnspr auth iponly tcppm 53 77.88.8.8 53 now, all names are resolved via TCP connection to 77.88.8.8 (dns.yandex.ru).	2014-12-11 03:06:34 +03:00
z3APA3A	b5bcb44e27	Fixes for NOIPV6 Fixes to compile without IPv6 support	2014-11-09 21:59:58 +03:00
z3APA3A	c7310a2060	initial partial patches for IPv6 client support	2014-10-19 21:54:24 +04:00
z3APA3A	085b47d64e	Fix compatibility issues ! avoid errno usage due to compatibility issues (and never use errno as a lvalue). socks changed to use internal error codes instead. ! NOIPV6 compilation issues solved ! -lite version is switched to NOIPV6	2014-07-03 03:40:16 +04:00
Lubomir Rintel	ce6c2a069c	Don't pad the text address with the binary form The buf gets copied to hostname and is present verbatim in logs looking like pure random garbage. Moreover you can't really strlen() it. This was likely some silly typo in inet_ntoa -> inet_ntop conversion for ipv6, since it used to be correct before.	2014-07-01 21:37:16 +04:00
z3APA3A	1f5198a238	Keep 2-digit error codes for socket operations 2 digit codes are common for all modules, should not be changed	2014-07-01 21:31:57 +04:00
Lubomir Rintel	6b579b8190	Communicate SOCKS error states properly This used to look pretty random :( Try to keep the last decimal digits of internal errors sensible for v5 error codes. For most cases we can't really do much better than using the value of one. One specific code paths where we can return something more useful is the authentication, where we not communicate the underlying error code or signal an ACL denial. As for v4, there's not really much space to be too smart as only the code of 91 is meaningful. Therefore we limit the last digit to zero and one now.	2014-07-01 21:29:15 +04:00
Vladimir Dubrovin	a30d5d51a5	IPv6 server side code + IPv6 server side support !!! Auth need to be fixed	2014-05-12 01:10:58 +04:00
Vladimir Dubrovin	ccf606fd9e	ntoa changed to ntop	2014-05-12 01:10:53 +04:00
Vladimir Dubrovin	bc7ca3af09	intip changed to intsa intip changed to intsa for IPv6 use	2014-05-12 01:10:42 +04:00
z3APA3A	f4c6c9d962	legacy counters code removed	2014-04-14 02:14:34 +04:00
Vladimir Dubrovin	2890f06488	traffic counters are changed to 64-bit traffic counters are changed to 64-bit using pstdint.h	2014-04-10 03:34:59 +04:00
z3APA3A	a060376f1e	initial import to git	2014-04-08 13:03:21 +04:00

47 Commits