mirror of
https://github.com/3proxy/3proxy.git
synced 2026-06-15 12:00:10 +08:00
Compare commits
No commits in common. "85c431b96e22c2ec4b146e0faf50542a5b13dc93" and "451b3d180cf6c98fa6c7e412cef55d5a7f2b840c" have entirely different histories.
85c431b96e
...
451b3d180c
11
CHANGELOG
11
CHANGELOG
@ -1,11 +0,0 @@
|
|||||||
3proxy-0.9.6 Released April, 11 2026
|
|
||||||
|
|
||||||
+ ssl_client and multiple configuration options added to SSLPlugin, SSLPlugin code significantly improved and bugfixed. See https://github.com/3proxy/3proxy/wiki/SSLPlugin. 3proxy can now be used as stunnel replacement for many scenarios.
|
|
||||||
+ HAProxy proxy protocol v1 support as client and server, add -H option for service to expect HA proxy v1 protocol header, use ha parent type: parent 1000 ha 0.0.0.0 0 to send v1 header.
|
|
||||||
+ tlspr is supported in auto
|
|
||||||
+ tlspr supports -s option, it breaks HELLO packet to prevent some DPIs from detecting SNI
|
|
||||||
+ maxseg configuration option and TCP_MAXSEG socket flag support added. It sets maximum size of TCP segment to fix PathMTU discovery problems
|
|
||||||
+ -Ne / -Ni options added to specify external / internal NAT address for SOCKSv5
|
|
||||||
+ cmake environment added
|
|
||||||
! External pcre2 (pcre2-8) library is used for PCRE, pcre code is removed from 3proxy
|
|
||||||
! Multiple minor bugfixes
|
|
||||||
@ -1,11 +0,0 @@
|
|||||||
3proxy-0.9.6 Вышел 11 Апреля 2026
|
|
||||||
|
|
||||||
+ В SSLPlugin добавлены ssl_client и множество опций конфигурации, код SSLPlugin значительно улучшен и исправлен. См. https://github.com/3proxy/3proxy/wiki/SSLPlugin. 3proxy теперь может использоваться как замена stunnel во многих сценариях.
|
|
||||||
+ Поддержка прокси-протокола HAProxy v1 на стороне клиента и сервера. Добавлена опция -H для сервиса, чтобы ожидать заголовок прокси-протокола HA v1. Используйте тип родителя ha: parent 1000 ha 0.0.0.0 0 для отправки заголовка v1.
|
|
||||||
+ tlspr поддерживается в режиме auto
|
|
||||||
+ tlspr поддерживает опцию -s, которая разбивает HELLO-пакет для предотвращения обнаружения SNI некоторыми DPI
|
|
||||||
+ Добавлена опция конфигурации maxseg и поддержка флага сокета TCP_MAXSEG. Устанавливает максимальный размер TCP-сегмента для решения проблем с обнаружением PathMTU
|
|
||||||
+ Добавлены опции -Ne / -Ni для указания внешнего/внутреннего NAT-адреса для SOCKSv5
|
|
||||||
+ Добавлено окружение cmake
|
|
||||||
! Внешняя библиотека pcre2 (pcre2-8) используется для PCRE, код pcre удалён из 3proxy
|
|
||||||
! Множество мелких исправлений ошибок
|
|
||||||
@ -1,26 +0,0 @@
|
|||||||
|
|
||||||
3proxy 0.7
|
|
||||||
|
|
||||||
This release is partially forced: while no new significant functions are
|
|
||||||
added, 0.7 is code is much more stable and less buggy than 0.6. Since
|
|
||||||
there is no new development for a long time, except few minor bugfixes,
|
|
||||||
I decided to finally release 0.7. You may want it if you:
|
|
||||||
|
|
||||||
Use HTTP proxy
|
|
||||||
Use 3proxy under *BSD/Mac OS X/iPhone OS
|
|
||||||
Use plugins, specially traffic related ones, like PCRE.
|
|
||||||
|
|
||||||
I have no time for active developement. There are interesting features
|
|
||||||
in nearly ready state, e.g. SSL support / SSL decryption via
|
|
||||||
certificates spoofing, NAT support and SSL auto-detection. You can step
|
|
||||||
into development, if you are interested.
|
|
||||||
|
|
||||||
There are some configuration changes:
|
|
||||||
|
|
||||||
auth iponly is now default (because most misconfigurations were
|
|
||||||
because of default auth none)
|
|
||||||
maxconn is now 500 by default (because WebKit browsers ignore
|
|
||||||
standards and create a lot of connections even if proxy is configured)
|
|
||||||
NTLM is disabled by default (-n options, -n1 to enable) because
|
|
||||||
NTLMv1 is disabled by default in Windows since Vista and there is no
|
|
||||||
NTLMv2 library with compatible license. Report me, if any.
|
|
||||||
@ -1,35 +0,0 @@
|
|||||||
3proxy-0.7.1.4
|
|
||||||
|
|
||||||
!! Fix transparent flag not reset after keep-alive connection, can lead to
|
|
||||||
|
|
||||||
|
|
||||||
3proxy-0.7.1.3
|
|
||||||
|
|
||||||
! traffic displayed incorrectly
|
|
||||||
! archiver doesn't add suffix if logname contains macro
|
|
||||||
! fix potential race condition on configuration reload
|
|
||||||
! fix FTP over HTTP authentication
|
|
||||||
|
|
||||||
|
|
||||||
3proxy-0.7.1.2
|
|
||||||
|
|
||||||
! Request / header size limitation relaxed for HTTP proxy
|
|
||||||
|
|
||||||
|
|
||||||
3proxy 0.7.1.1
|
|
||||||
|
|
||||||
! Linux compilation issues resolved
|
|
||||||
|
|
||||||
|
|
||||||
3proxy 0.7.1
|
|
||||||
|
|
||||||
Minor improvements and bugfixes:
|
|
||||||
|
|
||||||
+ Windows icons added
|
|
||||||
+ Warnings added for most common misconfigurations
|
|
||||||
+ ftppr NLSD command supported
|
|
||||||
! Ignore NTLM handshake if NTLM is not enabled
|
|
||||||
!! memcpy replaced with memmove for overlapped region
|
|
||||||
! better EINTR handling on *nix
|
|
||||||
! FTP proxy debugging output removed (introduced in 0.7), binding for data connection corrected
|
|
||||||
! memory leak fixed in ldapauth plugin
|
|
||||||
@ -1,9 +0,0 @@
|
|||||||
+ IPv6 support
|
|
||||||
+ back connect support
|
|
||||||
+ name resolution over TCP, parent proxy support for dnspr
|
|
||||||
+ SSLPlugin for TLS/SSL traffic decryption
|
|
||||||
! multiple race conditions fixed
|
|
||||||
! reduced memory usage
|
|
||||||
! Generate Forwarded: header instead of X-Forwarded-For:
|
|
||||||
! Default name resolution is non-blocking in *nix
|
|
||||||
! multiple race conditions fixed on configuration reload
|
|
||||||
@ -1 +0,0 @@
|
|||||||
!!Fix: destination IP may be not checked against ACL
|
|
||||||
@ -1,2 +0,0 @@
|
|||||||
! Fix: parent proxy can be used in some cases where it shouldn't
|
|
||||||
! Fix: bandlimiters may not work for older connections on configuration reload
|
|
||||||
@ -1,9 +0,0 @@
|
|||||||
Minor bugfixes / improvements:
|
|
||||||
! Fixed: deadlock on insufficient resources
|
|
||||||
! Fixed: race condition in ssl_plugin
|
|
||||||
! Fixed: minor memory leak on configuration reload
|
|
||||||
! Fixed: recursion detection was not working
|
|
||||||
! Fixed: %n for IPv6 in logging terminates log record
|
|
||||||
! Fixed: reverse PTR validation (required for dnsauth)
|
|
||||||
! Fixed: error on external 0.0.0.0 for NOIPV6 (light version)
|
|
||||||
+ Better support for IPv6 in ftppr
|
|
||||||
@ -1,5 +0,0 @@
|
|||||||
Bugfixes:
|
|
||||||
! Fixed hostname support in SOCKSv5 UDP portmapping
|
|
||||||
! -fno-strict-aliasing added to gcc options (compiling without this option can lead to unpredictable issues under Debian with gcc 6 and potentially others)
|
|
||||||
! Fixed LDAP plugin compilation issues (LDAP plugin is still listed as unsupported though)
|
|
||||||
and some minor fixes and improvements.
|
|
||||||
@ -1,3 +0,0 @@
|
|||||||
Bugfixes:
|
|
||||||
!! Fixed out-of-bound write and few minor bugs on configuration saving in admin
|
|
||||||
! fixed: $ is not correctly handled in the beginning of quoted line on configuration parsing
|
|
||||||
@ -1,3 +0,0 @@
|
|||||||
!! Fix transparent flag not reset after keep-alive connection, can lead to DoS by authenticated user.
|
|
||||||
! Do not use SO_REUSEADDR by default (leads to random 00013 errors under some glibc versions)
|
|
||||||
! Use SASIZE() instead of sizeof() in bind() for FreeBSD compatibility
|
|
||||||
@ -1 +0,0 @@
|
|||||||
! fixed: use SASIZE() instead of sizeof() in connect() for FreeBSD compatibility
|
|
||||||
@ -1,5 +0,0 @@
|
|||||||
+ Build PamPlugin on *nix
|
|
||||||
+ stacksize and -S options, stacksize defaults changed for FreeBSD
|
|
||||||
+ extip redirection type added
|
|
||||||
! SSL plugin fix to correct handling of certificates path
|
|
||||||
! fixed random errors on IPv6 connect
|
|
||||||
@ -1 +0,0 @@
|
|||||||
!Fix: mutex was used prior to initialization on 'log' command processing
|
|
||||||
@ -1 +0,0 @@
|
|||||||
! Fix: random 00012 errors in some configurations
|
|
||||||
@ -1,15 +0,0 @@
|
|||||||
! Fix 'daemon' command for Linux
|
|
||||||
! Fix 'extip' redirections 00009 errors
|
|
||||||
! Fix counters for older Win platforms
|
|
||||||
! Resolve logging race conditions
|
|
||||||
! attempt to fix pam_auth race conditions
|
|
||||||
! FTP proxy workaround for broken gethostname() on some libc limplementations
|
|
||||||
! authcache IP matching corrected
|
|
||||||
! fix SOCKSv5 BIND/UDP ASSOC
|
|
||||||
! use setreuid/setregid instead of setuid / setgid
|
|
||||||
|
|
||||||
+ OpenWatcom makefiles for Windows
|
|
||||||
+ -u2 support for proxy
|
|
||||||
+ support %i in logformat
|
|
||||||
+ force/noforce configuration commands to disconnect / do not disconnect clients if nolonger match ACL after configuration change
|
|
||||||
+ support longer external passwords
|
|
||||||
@ -1,3 +0,0 @@
|
|||||||
!! Fix resolver for non-compressed reply parsing (on mixed-case sensitive resolvers)
|
|
||||||
! Fix plugins export on OpenWatcom compiler (light version)
|
|
||||||
! Fix SOCKSv5
|
|
||||||
@ -1 +0,0 @@
|
|||||||
! Fix: tcppm may fail if used with parent proxy
|
|
||||||
@ -1,6 +0,0 @@
|
|||||||
+ Socket options, interface binding
|
|
||||||
+ Connection limiting / connection rate limiting
|
|
||||||
+ RADIUS support (beta)
|
|
||||||
+ Zero copy (splice) support for Linux
|
|
||||||
+ Possibility to limit user to single IP (via authentication cache)
|
|
||||||
! bugfixes, improvements
|
|
||||||
@ -1,8 +0,0 @@
|
|||||||
Bugfixes:
|
|
||||||
! Fixed: socket may be closed before all data received/sent
|
|
||||||
! Fixed: bandlimin non-working
|
|
||||||
! Fixed: countall/nocountall
|
|
||||||
! Fixed: few race conditions
|
|
||||||
|
|
||||||
Improvements:
|
|
||||||
+ deb/rpm build, systemd support (experimental)
|
|
||||||
@ -1,9 +0,0 @@
|
|||||||
Bugfixes:
|
|
||||||
! Fixed: bandwidth limiters (once again)
|
|
||||||
! Fixed: data filtering plugins (PCREPlugin, SSLPlugin). SSLPlugin use on Linux requires to disable splice (-s0)
|
|
||||||
! FIxed: standalone proxies do not react on HUP (Ctrl+C) in Linux/Unix
|
|
||||||
! Fixed: few minor bugs
|
|
||||||
|
|
||||||
Improvements:
|
|
||||||
+ deb for arm platforms (experimental)
|
|
||||||
+ Openssl 1.1 support for SSLPlugin
|
|
||||||
@ -1,11 +0,0 @@
|
|||||||
Bugfixes:
|
|
||||||
! Fixed: systemd description file (proxy may fail to start after reboot or via systemctl)
|
|
||||||
! Fixed: group/account creation in installation scripts
|
|
||||||
! Fixed: countall/nocounall do not work in some configurations
|
|
||||||
! Fixed: counters do not work if counter file is not specified
|
|
||||||
! Fixed: counters without rotation (type N) are incorrectly shown in web admin interface
|
|
||||||
! Fixed: %n may be incomplete or missed in long log records
|
|
||||||
! Fixed: connect back functionality does not work
|
|
||||||
|
|
||||||
Improvements:
|
|
||||||
+ Docker builds
|
|
||||||
@ -1,4 +0,0 @@
|
|||||||
! Fix: invalid handling of '-' character in ACL hostname
|
|
||||||
! Fix: minor bugfixes and improvements
|
|
||||||
+ parentretry command added (defaults to 2) to retry connections to parent proxies
|
|
||||||
- icqpr related code (OSCAR proxy) removed, due to drop of OSCAR support by messengers
|
|
||||||
@ -1,7 +0,0 @@
|
|||||||
!! Security fix: proxy can potentially crash on on some platforms due to overlapping regions in strcpy() (thanks to @lenix123 for reporting)
|
|
||||||
+ new proxy service type: `tlspr` - SNI proxy, may also be used as parent `tls` type, sniffs hostname from TLS handhake, read more in https://github.com/3proxy/3proxy/wiki/tlspr https://github.com/3proxy/3proxy/wiki/How-To-(incomplete)#TLSPR
|
|
||||||
+ new proxy service type: `auto` - autodetect proxy type between `proxy` and `socks`
|
|
||||||
+ SSLPlugin is rewritten, production-ready, supports TLS (SSL) server (may be used to create https:// type proxy), certificates checks and cypher options, see https://github.com/3proxy/3proxy/wiki/SSLPlugin
|
|
||||||
+ -g option is added for grace delay to reduce CPU load, see https://github.com/3proxy/3proxy/wiki/High-Load
|
|
||||||
! Multiple minor bugfixes
|
|
||||||
! More supported sockets options
|
|
||||||
@ -1,9 +0,0 @@
|
|||||||
+ ssl_client and multiple configuration options added to SSLPlugin, SSLPlugin code significantly improved and bugfixed. See https://github.com/3proxy/3proxy/wiki/SSLPlugin. 3proxy can now be used as stunnel replacement for many scenarios.
|
|
||||||
+ HAProxy proxy protocol v1 support as client and server, add -H option for service to expect HA proxy v1 protocol header, use ha parent type: parent 1000 ha 0.0.0.0 0 to send v1 header.
|
|
||||||
+ tlspr is supported in auto
|
|
||||||
+ tlspr supports -s option, it breaks HELLO packet to prevent some DPIs from detecting SNI
|
|
||||||
+ maxseg configuration option and TCP_MAXSEG socket flag support added. It sets maximum size of TCP segment to fix PathMTU discovery problems
|
|
||||||
+ -Ne / -Ni options added to specify external / internal NAT address for SOCKSv5
|
|
||||||
+ cmake environment added
|
|
||||||
! External pcre2 (pcre2-8) library is used for PCRE, pcre code is removed from 3proxy
|
|
||||||
! Multiple minor bugfixes
|
|
||||||
Loading…
Reference in New Issue
Block a user