@push.rocks/smartproxy 12.0.0 → 13.1.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/dist_ts/00_commitinfo_data.js +1 -1
- package/dist_ts/certificate/acme/acme-factory.d.ts +17 -0
- package/dist_ts/certificate/acme/acme-factory.js +40 -0
- package/dist_ts/certificate/acme/challenge-handler.d.ts +44 -0
- package/dist_ts/certificate/acme/challenge-handler.js +92 -0
- package/dist_ts/certificate/acme/index.d.ts +4 -0
- package/dist_ts/certificate/acme/index.js +5 -0
- package/dist_ts/certificate/events/certificate-events.d.ts +33 -0
- package/dist_ts/certificate/events/certificate-events.js +38 -0
- package/dist_ts/certificate/index.d.ts +24 -0
- package/dist_ts/certificate/index.js +39 -0
- package/dist_ts/certificate/models/certificate-types.d.ts +77 -0
- package/dist_ts/certificate/models/certificate-types.js +2 -0
- package/dist_ts/certificate/providers/cert-provisioner.d.ts +93 -0
- package/dist_ts/certificate/providers/cert-provisioner.js +262 -0
- package/dist_ts/certificate/providers/index.d.ts +4 -0
- package/dist_ts/certificate/providers/index.js +5 -0
- package/dist_ts/certificate/storage/file-storage.d.ts +66 -0
- package/dist_ts/certificate/storage/file-storage.js +194 -0
- package/dist_ts/certificate/storage/index.d.ts +4 -0
- package/dist_ts/certificate/storage/index.js +5 -0
- package/dist_ts/certificate/utils/certificate-helpers.d.ts +17 -0
- package/dist_ts/certificate/utils/certificate-helpers.js +45 -0
- package/dist_ts/common/eventUtils.d.ts +1 -1
- package/dist_ts/common/port80-adapter.d.ts +1 -1
- package/dist_ts/core/events/index.d.ts +4 -0
- package/dist_ts/core/events/index.js +5 -0
- package/dist_ts/core/index.d.ts +6 -0
- package/dist_ts/core/index.js +8 -0
- package/dist_ts/core/models/common-types.d.ts +82 -0
- package/dist_ts/core/models/common-types.js +15 -0
- package/dist_ts/core/models/index.d.ts +4 -0
- package/dist_ts/core/models/index.js +5 -0
- package/dist_ts/core/utils/event-utils.d.ts +15 -0
- package/dist_ts/core/utils/event-utils.js +19 -0
- package/dist_ts/core/utils/index.d.ts +6 -0
- package/dist_ts/core/utils/index.js +7 -0
- package/dist_ts/core/utils/ip-utils.d.ts +53 -0
- package/dist_ts/core/utils/ip-utils.js +153 -0
- package/dist_ts/core/utils/validation-utils.d.ts +61 -0
- package/dist_ts/core/utils/validation-utils.js +149 -0
- package/dist_ts/forwarding/config/domain-config.d.ts +12 -0
- package/dist_ts/forwarding/config/domain-config.js +12 -0
- package/dist_ts/forwarding/config/domain-manager.d.ts +86 -0
- package/dist_ts/forwarding/config/domain-manager.js +242 -0
- package/dist_ts/forwarding/config/forwarding-types.d.ts +104 -0
- package/dist_ts/forwarding/config/forwarding-types.js +50 -0
- package/dist_ts/forwarding/config/index.d.ts +6 -0
- package/dist_ts/forwarding/config/index.js +7 -0
- package/dist_ts/forwarding/factory/forwarding-factory.d.ts +25 -0
- package/dist_ts/forwarding/factory/forwarding-factory.js +138 -0
- package/dist_ts/forwarding/factory/index.d.ts +4 -0
- package/dist_ts/forwarding/factory/index.js +5 -0
- package/dist_ts/forwarding/handlers/base-handler.d.ts +55 -0
- package/dist_ts/forwarding/handlers/base-handler.js +94 -0
- package/dist_ts/forwarding/handlers/http-handler.d.ts +30 -0
- package/dist_ts/forwarding/handlers/http-handler.js +131 -0
- package/dist_ts/forwarding/handlers/https-passthrough-handler.d.ts +29 -0
- package/dist_ts/forwarding/handlers/https-passthrough-handler.js +162 -0
- package/dist_ts/forwarding/handlers/https-terminate-to-http-handler.d.ts +36 -0
- package/dist_ts/forwarding/handlers/https-terminate-to-http-handler.js +229 -0
- package/dist_ts/forwarding/handlers/https-terminate-to-https-handler.d.ts +35 -0
- package/dist_ts/forwarding/handlers/https-terminate-to-https-handler.js +254 -0
- package/dist_ts/forwarding/handlers/index.d.ts +8 -0
- package/dist_ts/forwarding/handlers/index.js +9 -0
- package/dist_ts/forwarding/index.d.ts +19 -0
- package/dist_ts/forwarding/index.js +25 -0
- package/dist_ts/http/index.d.ts +15 -0
- package/dist_ts/http/index.js +20 -0
- package/dist_ts/http/models/http-types.d.ts +81 -0
- package/dist_ts/http/models/http-types.js +62 -0
- package/dist_ts/http/port80/acme-interfaces.d.ts +78 -0
- package/dist_ts/http/port80/acme-interfaces.js +6 -0
- package/dist_ts/http/port80/challenge-responder.d.ts +53 -0
- package/dist_ts/http/port80/challenge-responder.js +203 -0
- package/dist_ts/http/port80/index.d.ts +6 -0
- package/dist_ts/http/port80/index.js +9 -0
- package/dist_ts/http/port80/port80-handler.d.ts +121 -0
- package/dist_ts/http/port80/port80-handler.js +554 -0
- package/dist_ts/http/redirects/index.d.ts +4 -0
- package/dist_ts/http/redirects/index.js +5 -0
- package/dist_ts/http/router/index.d.ts +4 -0
- package/dist_ts/http/router/index.js +5 -0
- package/dist_ts/http/router/proxy-router.d.ts +115 -0
- package/dist_ts/http/router/proxy-router.js +325 -0
- package/dist_ts/index.d.ts +15 -8
- package/dist_ts/index.js +26 -10
- package/dist_ts/networkproxy/classes.np.certificatemanager.js +2 -2
- package/dist_ts/networkproxy/index.d.ts +1 -6
- package/dist_ts/networkproxy/index.js +4 -8
- package/dist_ts/plugins.d.ts +2 -1
- package/dist_ts/plugins.js +3 -2
- package/dist_ts/port80handler/classes.port80handler.d.ts +8 -136
- package/dist_ts/port80handler/classes.port80handler.js +14 -567
- package/dist_ts/proxies/index.d.ts +6 -0
- package/dist_ts/proxies/index.js +8 -0
- package/dist_ts/proxies/network-proxy/certificate-manager.d.ts +77 -0
- package/dist_ts/proxies/network-proxy/certificate-manager.js +373 -0
- package/dist_ts/proxies/network-proxy/connection-pool.d.ts +47 -0
- package/dist_ts/proxies/network-proxy/connection-pool.js +210 -0
- package/dist_ts/proxies/network-proxy/index.d.ts +10 -0
- package/dist_ts/proxies/network-proxy/index.js +12 -0
- package/dist_ts/proxies/network-proxy/models/index.d.ts +4 -0
- package/dist_ts/proxies/network-proxy/models/index.js +5 -0
- package/dist_ts/proxies/network-proxy/models/types.d.ts +80 -0
- package/dist_ts/proxies/network-proxy/models/types.js +35 -0
- package/dist_ts/proxies/network-proxy/network-proxy.d.ts +118 -0
- package/dist_ts/proxies/network-proxy/network-proxy.js +387 -0
- package/dist_ts/proxies/network-proxy/request-handler.d.ts +57 -0
- package/dist_ts/proxies/network-proxy/request-handler.js +394 -0
- package/dist_ts/proxies/network-proxy/websocket-handler.d.ts +38 -0
- package/dist_ts/proxies/network-proxy/websocket-handler.js +188 -0
- package/dist_ts/proxies/nftables-proxy/index.d.ts +5 -0
- package/dist_ts/proxies/nftables-proxy/index.js +6 -0
- package/dist_ts/proxies/nftables-proxy/models/errors.d.ts +15 -0
- package/dist_ts/proxies/nftables-proxy/models/errors.js +28 -0
- package/dist_ts/proxies/nftables-proxy/models/index.d.ts +5 -0
- package/dist_ts/proxies/nftables-proxy/models/index.js +6 -0
- package/dist_ts/proxies/nftables-proxy/models/interfaces.d.ts +75 -0
- package/dist_ts/proxies/nftables-proxy/models/interfaces.js +5 -0
- package/dist_ts/proxies/nftables-proxy/nftables-proxy.d.ts +136 -0
- package/dist_ts/proxies/nftables-proxy/nftables-proxy.js +1516 -0
- package/dist_ts/proxies/smart-proxy/connection-handler.d.ts +39 -0
- package/dist_ts/proxies/smart-proxy/connection-handler.js +894 -0
- package/dist_ts/proxies/smart-proxy/connection-manager.d.ts +78 -0
- package/dist_ts/proxies/smart-proxy/connection-manager.js +378 -0
- package/dist_ts/proxies/smart-proxy/domain-config-manager.d.ts +95 -0
- package/dist_ts/proxies/smart-proxy/domain-config-manager.js +255 -0
- package/dist_ts/proxies/smart-proxy/index.d.ts +13 -0
- package/dist_ts/proxies/smart-proxy/index.js +17 -0
- package/dist_ts/proxies/smart-proxy/models/index.d.ts +4 -0
- package/dist_ts/proxies/smart-proxy/models/index.js +5 -0
- package/dist_ts/proxies/smart-proxy/models/interfaces.d.ts +107 -0
- package/dist_ts/proxies/smart-proxy/models/interfaces.js +2 -0
- package/dist_ts/proxies/smart-proxy/network-proxy-bridge.d.ts +62 -0
- package/dist_ts/proxies/smart-proxy/network-proxy-bridge.js +316 -0
- package/dist_ts/proxies/smart-proxy/port-range-manager.d.ts +56 -0
- package/dist_ts/proxies/smart-proxy/port-range-manager.js +176 -0
- package/dist_ts/proxies/smart-proxy/security-manager.d.ts +64 -0
- package/dist_ts/proxies/smart-proxy/security-manager.js +149 -0
- package/dist_ts/proxies/smart-proxy/smart-proxy.d.ts +63 -0
- package/dist_ts/proxies/smart-proxy/smart-proxy.js +523 -0
- package/dist_ts/proxies/smart-proxy/timeout-manager.d.ts +47 -0
- package/dist_ts/proxies/smart-proxy/timeout-manager.js +154 -0
- package/dist_ts/proxies/smart-proxy/tls-manager.d.ts +57 -0
- package/dist_ts/proxies/smart-proxy/tls-manager.js +132 -0
- package/dist_ts/smartproxy/classes.pp.networkproxybridge.d.ts +2 -2
- package/dist_ts/smartproxy/classes.pp.networkproxybridge.js +1 -1
- package/dist_ts/smartproxy/classes.pp.tlsmanager.js +2 -2
- package/dist_ts/smartproxy/classes.smartproxy.js +3 -3
- package/dist_ts/tls/alerts/index.d.ts +4 -0
- package/dist_ts/tls/alerts/index.js +5 -0
- package/dist_ts/tls/alerts/tls-alert.d.ts +150 -0
- package/dist_ts/tls/alerts/tls-alert.js +226 -0
- package/dist_ts/tls/index.d.ts +18 -0
- package/dist_ts/tls/index.js +27 -0
- package/dist_ts/tls/sni/client-hello-parser.d.ts +100 -0
- package/dist_ts/tls/sni/client-hello-parser.js +463 -0
- package/dist_ts/tls/sni/index.d.ts +4 -0
- package/dist_ts/tls/sni/index.js +5 -0
- package/dist_ts/tls/sni/sni-extraction.d.ts +58 -0
- package/dist_ts/tls/sni/sni-extraction.js +275 -0
- package/dist_ts/tls/sni/sni-handler.d.ts +154 -0
- package/dist_ts/tls/sni/sni-handler.js +191 -0
- package/dist_ts/tls/utils/index.d.ts +4 -0
- package/dist_ts/tls/utils/index.js +5 -0
- package/dist_ts/tls/utils/tls-utils.d.ts +158 -0
- package/dist_ts/tls/utils/tls-utils.js +187 -0
- package/package.json +1 -1
- package/readme.md +499 -220
- package/readme.plan.md +253 -469
- package/ts/00_commitinfo_data.ts +1 -1
- package/ts/certificate/acme/acme-factory.ts +48 -0
- package/ts/certificate/acme/challenge-handler.ts +110 -0
- package/ts/certificate/acme/index.ts +3 -0
- package/ts/certificate/events/certificate-events.ts +36 -0
- package/ts/certificate/index.ts +67 -0
- package/ts/certificate/models/certificate-types.ts +88 -0
- package/ts/certificate/providers/cert-provisioner.ts +326 -0
- package/ts/certificate/providers/index.ts +3 -0
- package/ts/certificate/storage/file-storage.ts +234 -0
- package/ts/certificate/storage/index.ts +3 -0
- package/ts/certificate/utils/certificate-helpers.ts +50 -0
- package/ts/common/eventUtils.ts +1 -1
- package/ts/common/port80-adapter.ts +1 -1
- package/ts/core/events/index.ts +3 -0
- package/ts/core/index.ts +8 -0
- package/ts/core/models/common-types.ts +91 -0
- package/ts/core/models/index.ts +5 -0
- package/ts/core/utils/event-utils.ts +34 -0
- package/ts/core/utils/index.ts +7 -0
- package/ts/core/utils/ip-utils.ts +175 -0
- package/ts/core/utils/validation-utils.ts +177 -0
- package/ts/{smartproxy/forwarding → forwarding/config}/domain-config.ts +1 -1
- package/ts/{smartproxy/forwarding → forwarding/config}/domain-manager.ts +8 -8
- package/ts/{smartproxy/types/forwarding.types.ts → forwarding/config/forwarding-types.ts} +6 -6
- package/ts/forwarding/config/index.ts +7 -0
- package/ts/{smartproxy/forwarding/forwarding.factory.ts → forwarding/factory/forwarding-factory.ts} +12 -11
- package/ts/forwarding/factory/index.ts +5 -0
- package/ts/{smartproxy/forwarding/forwarding.handler.ts → forwarding/handlers/base-handler.ts} +2 -2
- package/ts/{smartproxy/forwarding/http.handler.ts → forwarding/handlers/http-handler.ts} +13 -4
- package/ts/{smartproxy/forwarding/https-passthrough.handler.ts → forwarding/handlers/https-passthrough-handler.ts} +13 -4
- package/ts/{smartproxy/forwarding/https-terminate-to-http.handler.ts → forwarding/handlers/https-terminate-to-http-handler.ts} +3 -3
- package/ts/{smartproxy/forwarding/https-terminate-to-https.handler.ts → forwarding/handlers/https-terminate-to-https-handler.ts} +3 -3
- package/ts/forwarding/handlers/index.ts +9 -0
- package/ts/forwarding/index.ts +34 -0
- package/ts/http/index.ts +23 -0
- package/ts/http/models/http-types.ts +105 -0
- package/ts/http/port80/acme-interfaces.ts +85 -0
- package/ts/http/port80/challenge-responder.ts +246 -0
- package/ts/http/port80/index.ts +13 -0
- package/ts/{port80handler/classes.port80handler.ts → http/port80/port80-handler.ts} +164 -161
- package/ts/http/redirects/index.ts +3 -0
- package/ts/http/router/index.ts +5 -0
- package/ts/{classes.router.ts → http/router/proxy-router.ts} +27 -20
- package/ts/index.ts +32 -9
- package/ts/plugins.ts +2 -1
- package/ts/proxies/index.ts +8 -0
- package/ts/{networkproxy/classes.np.certificatemanager.ts → proxies/network-proxy/certificate-manager.ts} +17 -16
- package/ts/{networkproxy/classes.np.connectionpool.ts → proxies/network-proxy/connection-pool.ts} +3 -3
- package/ts/proxies/network-proxy/index.ts +13 -0
- package/ts/proxies/network-proxy/models/index.ts +4 -0
- package/ts/{networkproxy/classes.np.types.ts → proxies/network-proxy/models/types.ts} +7 -11
- package/ts/{networkproxy/classes.np.networkproxy.ts → proxies/network-proxy/network-proxy.ts} +31 -24
- package/ts/{networkproxy/classes.np.requesthandler.ts → proxies/network-proxy/request-handler.ts} +12 -7
- package/ts/{networkproxy/classes.np.websockethandler.ts → proxies/network-proxy/websocket-handler.ts} +6 -6
- package/ts/proxies/nftables-proxy/index.ts +5 -0
- package/ts/proxies/nftables-proxy/models/errors.ts +30 -0
- package/ts/proxies/nftables-proxy/models/index.ts +5 -0
- package/ts/proxies/nftables-proxy/models/interfaces.ts +94 -0
- package/ts/{nfttablesproxy/classes.nftablesproxy.ts → proxies/nftables-proxy/nftables-proxy.ts} +24 -126
- package/ts/{smartproxy/classes.pp.connectionhandler.ts → proxies/smart-proxy/connection-handler.ts} +12 -12
- package/ts/{smartproxy/classes.pp.connectionmanager.ts → proxies/smart-proxy/connection-manager.ts} +8 -8
- package/ts/{smartproxy/classes.pp.domainconfigmanager.ts → proxies/smart-proxy/domain-config-manager.ts} +15 -14
- package/ts/proxies/smart-proxy/index.ts +18 -0
- package/ts/proxies/smart-proxy/models/index.ts +4 -0
- package/ts/{smartproxy/classes.pp.interfaces.ts → proxies/smart-proxy/models/interfaces.ts} +12 -8
- package/ts/{smartproxy/classes.pp.networkproxybridge.ts → proxies/smart-proxy/network-proxy-bridge.ts} +14 -14
- package/ts/{smartproxy/classes.pp.portrangemanager.ts → proxies/smart-proxy/port-range-manager.ts} +1 -1
- package/ts/{smartproxy/classes.pp.securitymanager.ts → proxies/smart-proxy/security-manager.ts} +3 -3
- package/ts/{smartproxy/classes.smartproxy.ts → proxies/smart-proxy/smart-proxy.ts} +29 -24
- package/ts/{smartproxy/classes.pp.timeoutmanager.ts → proxies/smart-proxy/timeout-manager.ts} +3 -3
- package/ts/{smartproxy/classes.pp.tlsmanager.ts → proxies/smart-proxy/tls-manager.ts} +3 -3
- package/ts/tls/alerts/index.ts +3 -0
- package/ts/{smartproxy/classes.pp.tlsalert.ts → tls/alerts/tls-alert.ts} +44 -43
- package/ts/tls/index.ts +33 -0
- package/ts/tls/sni/client-hello-parser.ts +629 -0
- package/ts/tls/sni/index.ts +3 -0
- package/ts/tls/sni/sni-extraction.ts +353 -0
- package/ts/tls/sni/sni-handler.ts +264 -0
- package/ts/tls/utils/index.ts +3 -0
- package/ts/tls/utils/tls-utils.ts +201 -0
- package/ts/common/acmeFactory.ts +0 -23
- package/ts/helpers.certificates.ts +0 -30
- package/ts/networkproxy/index.ts +0 -7
- package/ts/smartproxy/classes.pp.certprovisioner.ts +0 -200
- package/ts/smartproxy/classes.pp.snihandler.ts +0 -1281
- package/ts/smartproxy/forwarding/index.ts +0 -52
|
@@ -0,0 +1,94 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* Interfaces for NfTablesProxy
|
|
3
|
+
*/
|
|
4
|
+
|
|
5
|
+
/**
|
|
6
|
+
* Represents a port range for forwarding
|
|
7
|
+
*/
|
|
8
|
+
export interface PortRange {
|
|
9
|
+
from: number;
|
|
10
|
+
to: number;
|
|
11
|
+
}
|
|
12
|
+
|
|
13
|
+
// Legacy interface name for backward compatibility
|
|
14
|
+
export type IPortRange = PortRange;
|
|
15
|
+
|
|
16
|
+
/**
|
|
17
|
+
* Settings for NfTablesProxy.
|
|
18
|
+
*/
|
|
19
|
+
export interface NfTableProxyOptions {
|
|
20
|
+
// Basic settings
|
|
21
|
+
fromPort: number | PortRange | Array<number | PortRange>; // Support single port, port range, or multiple ports/ranges
|
|
22
|
+
toPort: number | PortRange | Array<number | PortRange>;
|
|
23
|
+
toHost?: string; // Target host for proxying; defaults to 'localhost'
|
|
24
|
+
|
|
25
|
+
// Advanced settings
|
|
26
|
+
preserveSourceIP?: boolean; // If true, the original source IP is preserved
|
|
27
|
+
deleteOnExit?: boolean; // If true, clean up rules before process exit
|
|
28
|
+
protocol?: 'tcp' | 'udp' | 'all'; // Protocol to forward, defaults to 'tcp'
|
|
29
|
+
enableLogging?: boolean; // Enable detailed logging
|
|
30
|
+
ipv6Support?: boolean; // Enable IPv6 support
|
|
31
|
+
logFormat?: 'plain' | 'json'; // Format for logs
|
|
32
|
+
|
|
33
|
+
// Source filtering
|
|
34
|
+
allowedSourceIPs?: string[]; // If provided, only these IPs are allowed
|
|
35
|
+
bannedSourceIPs?: string[]; // If provided, these IPs are blocked
|
|
36
|
+
useIPSets?: boolean; // Use nftables sets for efficient IP management
|
|
37
|
+
|
|
38
|
+
// Rule management
|
|
39
|
+
forceCleanSlate?: boolean; // Clear all NfTablesProxy rules before starting
|
|
40
|
+
tableName?: string; // Custom table name (defaults to 'portproxy')
|
|
41
|
+
|
|
42
|
+
// Connection management
|
|
43
|
+
maxRetries?: number; // Maximum number of retries for failed commands
|
|
44
|
+
retryDelayMs?: number; // Delay between retries in milliseconds
|
|
45
|
+
useAdvancedNAT?: boolean; // Use connection tracking for stateful NAT
|
|
46
|
+
|
|
47
|
+
// Quality of Service
|
|
48
|
+
qos?: {
|
|
49
|
+
enabled: boolean;
|
|
50
|
+
maxRate?: string; // e.g. "10mbps"
|
|
51
|
+
priority?: number; // 1 (highest) to 10 (lowest)
|
|
52
|
+
markConnections?: boolean; // Mark connections for easier management
|
|
53
|
+
};
|
|
54
|
+
|
|
55
|
+
// Integration with PortProxy/NetworkProxy
|
|
56
|
+
netProxyIntegration?: {
|
|
57
|
+
enabled: boolean;
|
|
58
|
+
redirectLocalhost?: boolean; // Redirect localhost traffic to NetworkProxy
|
|
59
|
+
sslTerminationPort?: number; // Port where NetworkProxy handles SSL termination
|
|
60
|
+
};
|
|
61
|
+
}
|
|
62
|
+
|
|
63
|
+
// Legacy interface name for backward compatibility
|
|
64
|
+
export type INfTableProxySettings = NfTableProxyOptions;
|
|
65
|
+
|
|
66
|
+
/**
|
|
67
|
+
* Interface for status reporting
|
|
68
|
+
*/
|
|
69
|
+
export interface NfTablesStatus {
|
|
70
|
+
active: boolean;
|
|
71
|
+
ruleCount: {
|
|
72
|
+
total: number;
|
|
73
|
+
added: number;
|
|
74
|
+
verified: number;
|
|
75
|
+
};
|
|
76
|
+
tablesConfigured: { family: string; tableName: string }[];
|
|
77
|
+
metrics: {
|
|
78
|
+
forwardedConnections?: number;
|
|
79
|
+
activeConnections?: number;
|
|
80
|
+
bytesForwarded?: {
|
|
81
|
+
sent: number;
|
|
82
|
+
received: number;
|
|
83
|
+
};
|
|
84
|
+
};
|
|
85
|
+
qosEnabled?: boolean;
|
|
86
|
+
ipSetsConfigured?: {
|
|
87
|
+
name: string;
|
|
88
|
+
elementCount: number;
|
|
89
|
+
type: string;
|
|
90
|
+
}[];
|
|
91
|
+
}
|
|
92
|
+
|
|
93
|
+
// Legacy interface name for backward compatibility
|
|
94
|
+
export type INfTablesStatus = NfTablesStatus;
|
package/ts/{nfttablesproxy/classes.nftablesproxy.ts → proxies/nftables-proxy/nftables-proxy.ts}
RENAMED
|
@@ -3,95 +3,20 @@ import { promisify } from 'util';
|
|
|
3
3
|
import * as fs from 'fs';
|
|
4
4
|
import * as path from 'path';
|
|
5
5
|
import * as os from 'os';
|
|
6
|
+
import {
|
|
7
|
+
NftBaseError,
|
|
8
|
+
NftValidationError,
|
|
9
|
+
NftExecutionError,
|
|
10
|
+
NftResourceError
|
|
11
|
+
} from './models/index.js';
|
|
12
|
+
import type {
|
|
13
|
+
PortRange,
|
|
14
|
+
NfTableProxyOptions,
|
|
15
|
+
NfTablesStatus
|
|
16
|
+
} from './models/index.js';
|
|
6
17
|
|
|
7
18
|
const execAsync = promisify(exec);
|
|
8
19
|
|
|
9
|
-
/**
|
|
10
|
-
* Custom error classes for better error handling
|
|
11
|
-
*/
|
|
12
|
-
export class NftBaseError extends Error {
|
|
13
|
-
constructor(message: string) {
|
|
14
|
-
super(message);
|
|
15
|
-
this.name = 'NftBaseError';
|
|
16
|
-
}
|
|
17
|
-
}
|
|
18
|
-
|
|
19
|
-
export class NftValidationError extends NftBaseError {
|
|
20
|
-
constructor(message: string) {
|
|
21
|
-
super(message);
|
|
22
|
-
this.name = 'NftValidationError';
|
|
23
|
-
}
|
|
24
|
-
}
|
|
25
|
-
|
|
26
|
-
export class NftExecutionError extends NftBaseError {
|
|
27
|
-
constructor(message: string) {
|
|
28
|
-
super(message);
|
|
29
|
-
this.name = 'NftExecutionError';
|
|
30
|
-
}
|
|
31
|
-
}
|
|
32
|
-
|
|
33
|
-
export class NftResourceError extends NftBaseError {
|
|
34
|
-
constructor(message: string) {
|
|
35
|
-
super(message);
|
|
36
|
-
this.name = 'NftResourceError';
|
|
37
|
-
}
|
|
38
|
-
}
|
|
39
|
-
|
|
40
|
-
/**
|
|
41
|
-
* Represents a port range for forwarding
|
|
42
|
-
*/
|
|
43
|
-
export interface IPortRange {
|
|
44
|
-
from: number;
|
|
45
|
-
to: number;
|
|
46
|
-
}
|
|
47
|
-
|
|
48
|
-
/**
|
|
49
|
-
* Settings for NfTablesProxy.
|
|
50
|
-
*/
|
|
51
|
-
export interface INfTableProxySettings {
|
|
52
|
-
// Basic settings
|
|
53
|
-
fromPort: number | IPortRange | Array<number | IPortRange>; // Support single port, port range, or multiple ports/ranges
|
|
54
|
-
toPort: number | IPortRange | Array<number | IPortRange>;
|
|
55
|
-
toHost?: string; // Target host for proxying; defaults to 'localhost'
|
|
56
|
-
|
|
57
|
-
// Advanced settings
|
|
58
|
-
preserveSourceIP?: boolean; // If true, the original source IP is preserved
|
|
59
|
-
deleteOnExit?: boolean; // If true, clean up rules before process exit
|
|
60
|
-
protocol?: 'tcp' | 'udp' | 'all'; // Protocol to forward, defaults to 'tcp'
|
|
61
|
-
enableLogging?: boolean; // Enable detailed logging
|
|
62
|
-
ipv6Support?: boolean; // Enable IPv6 support
|
|
63
|
-
logFormat?: 'plain' | 'json'; // Format for logs
|
|
64
|
-
|
|
65
|
-
// Source filtering
|
|
66
|
-
allowedSourceIPs?: string[]; // If provided, only these IPs are allowed
|
|
67
|
-
bannedSourceIPs?: string[]; // If provided, these IPs are blocked
|
|
68
|
-
useIPSets?: boolean; // Use nftables sets for efficient IP management
|
|
69
|
-
|
|
70
|
-
// Rule management
|
|
71
|
-
forceCleanSlate?: boolean; // Clear all NfTablesProxy rules before starting
|
|
72
|
-
tableName?: string; // Custom table name (defaults to 'portproxy')
|
|
73
|
-
|
|
74
|
-
// Connection management
|
|
75
|
-
maxRetries?: number; // Maximum number of retries for failed commands
|
|
76
|
-
retryDelayMs?: number; // Delay between retries in milliseconds
|
|
77
|
-
useAdvancedNAT?: boolean; // Use connection tracking for stateful NAT
|
|
78
|
-
|
|
79
|
-
// Quality of Service
|
|
80
|
-
qos?: {
|
|
81
|
-
enabled: boolean;
|
|
82
|
-
maxRate?: string; // e.g. "10mbps"
|
|
83
|
-
priority?: number; // 1 (highest) to 10 (lowest)
|
|
84
|
-
markConnections?: boolean; // Mark connections for easier management
|
|
85
|
-
};
|
|
86
|
-
|
|
87
|
-
// Integration with PortProxy/NetworkProxy
|
|
88
|
-
netProxyIntegration?: {
|
|
89
|
-
enabled: boolean;
|
|
90
|
-
redirectLocalhost?: boolean; // Redirect localhost traffic to NetworkProxy
|
|
91
|
-
sslTerminationPort?: number; // Port where NetworkProxy handles SSL termination
|
|
92
|
-
};
|
|
93
|
-
}
|
|
94
|
-
|
|
95
20
|
/**
|
|
96
21
|
* Represents a rule added to nftables
|
|
97
22
|
*/
|
|
@@ -105,40 +30,13 @@ interface NfTablesRule {
|
|
|
105
30
|
verified?: boolean; // Whether the rule has been verified as applied
|
|
106
31
|
}
|
|
107
32
|
|
|
108
|
-
/**
|
|
109
|
-
* Interface for status reporting
|
|
110
|
-
*/
|
|
111
|
-
export interface INfTablesStatus {
|
|
112
|
-
active: boolean;
|
|
113
|
-
ruleCount: {
|
|
114
|
-
total: number;
|
|
115
|
-
added: number;
|
|
116
|
-
verified: number;
|
|
117
|
-
};
|
|
118
|
-
tablesConfigured: { family: string; tableName: string }[];
|
|
119
|
-
metrics: {
|
|
120
|
-
forwardedConnections?: number;
|
|
121
|
-
activeConnections?: number;
|
|
122
|
-
bytesForwarded?: {
|
|
123
|
-
sent: number;
|
|
124
|
-
received: number;
|
|
125
|
-
};
|
|
126
|
-
};
|
|
127
|
-
qosEnabled?: boolean;
|
|
128
|
-
ipSetsConfigured?: {
|
|
129
|
-
name: string;
|
|
130
|
-
elementCount: number;
|
|
131
|
-
type: string;
|
|
132
|
-
}[];
|
|
133
|
-
}
|
|
134
|
-
|
|
135
33
|
/**
|
|
136
34
|
* NfTablesProxy sets up nftables NAT rules to forward TCP traffic.
|
|
137
35
|
* Enhanced with multi-port support, IPv6, connection tracking, metrics,
|
|
138
36
|
* and more advanced features.
|
|
139
37
|
*/
|
|
140
38
|
export class NfTablesProxy {
|
|
141
|
-
public settings:
|
|
39
|
+
public settings: NfTableProxyOptions;
|
|
142
40
|
private rules: NfTablesRule[] = [];
|
|
143
41
|
private ipSets: Map<string, string[]> = new Map(); // Store IP sets for tracking
|
|
144
42
|
private ruleTag: string;
|
|
@@ -146,7 +44,7 @@ export class NfTablesProxy {
|
|
|
146
44
|
private tempFilePath: string;
|
|
147
45
|
private static NFT_CMD = 'nft';
|
|
148
46
|
|
|
149
|
-
constructor(settings:
|
|
47
|
+
constructor(settings: NfTableProxyOptions) {
|
|
150
48
|
// Validate inputs to prevent command injection
|
|
151
49
|
this.validateSettings(settings);
|
|
152
50
|
|
|
@@ -199,9 +97,9 @@ export class NfTablesProxy {
|
|
|
199
97
|
/**
|
|
200
98
|
* Validates settings to prevent command injection and ensure valid values
|
|
201
99
|
*/
|
|
202
|
-
private validateSettings(settings:
|
|
100
|
+
private validateSettings(settings: NfTableProxyOptions): void {
|
|
203
101
|
// Validate port numbers
|
|
204
|
-
const validatePorts = (port: number |
|
|
102
|
+
const validatePorts = (port: number | PortRange | Array<number | PortRange>) => {
|
|
205
103
|
if (Array.isArray(port)) {
|
|
206
104
|
port.forEach(p => validatePorts(p));
|
|
207
105
|
return;
|
|
@@ -275,8 +173,8 @@ export class NfTablesProxy {
|
|
|
275
173
|
/**
|
|
276
174
|
* Normalizes port specifications into an array of port ranges
|
|
277
175
|
*/
|
|
278
|
-
private normalizePortSpec(portSpec: number |
|
|
279
|
-
const result:
|
|
176
|
+
private normalizePortSpec(portSpec: number | PortRange | Array<number | PortRange>): PortRange[] {
|
|
177
|
+
const result: PortRange[] = [];
|
|
280
178
|
|
|
281
179
|
if (Array.isArray(portSpec)) {
|
|
282
180
|
// If it's an array, process each element
|
|
@@ -687,7 +585,7 @@ export class NfTablesProxy {
|
|
|
687
585
|
/**
|
|
688
586
|
* Gets a comma-separated list of all ports from a port specification
|
|
689
587
|
*/
|
|
690
|
-
private getAllPorts(portSpec: number |
|
|
588
|
+
private getAllPorts(portSpec: number | PortRange | Array<number | PortRange>): string {
|
|
691
589
|
const portRanges = this.normalizePortSpec(portSpec);
|
|
692
590
|
const ports: string[] = [];
|
|
693
591
|
|
|
@@ -842,8 +740,8 @@ export class NfTablesProxy {
|
|
|
842
740
|
family: string,
|
|
843
741
|
preroutingChain: string,
|
|
844
742
|
postroutingChain: string,
|
|
845
|
-
fromPortRanges:
|
|
846
|
-
toPortRange:
|
|
743
|
+
fromPortRanges: PortRange[],
|
|
744
|
+
toPortRange: PortRange
|
|
847
745
|
): Promise<boolean> {
|
|
848
746
|
try {
|
|
849
747
|
let rulesetContent = '';
|
|
@@ -958,8 +856,8 @@ export class NfTablesProxy {
|
|
|
958
856
|
family: string,
|
|
959
857
|
preroutingChain: string,
|
|
960
858
|
postroutingChain: string,
|
|
961
|
-
fromPortRanges:
|
|
962
|
-
toPortRanges:
|
|
859
|
+
fromPortRanges: PortRange[],
|
|
860
|
+
toPortRanges: PortRange[]
|
|
963
861
|
): Promise<boolean> {
|
|
964
862
|
try {
|
|
965
863
|
let rulesetContent = '';
|
|
@@ -1410,8 +1308,8 @@ export class NfTablesProxy {
|
|
|
1410
1308
|
/**
|
|
1411
1309
|
* Get detailed status about the current state of the proxy
|
|
1412
1310
|
*/
|
|
1413
|
-
public async getStatus(): Promise<
|
|
1414
|
-
const result:
|
|
1311
|
+
public async getStatus(): Promise<NfTablesStatus> {
|
|
1312
|
+
const result: NfTablesStatus = {
|
|
1415
1313
|
active: this.rules.some(r => r.added),
|
|
1416
1314
|
ruleCount: {
|
|
1417
1315
|
total: this.rules.length,
|
package/ts/{smartproxy/classes.pp.connectionhandler.ts → proxies/smart-proxy/connection-handler.ts}
RENAMED
|
@@ -1,18 +1,18 @@
|
|
|
1
|
-
import * as plugins from '
|
|
1
|
+
import * as plugins from '../../plugins.js';
|
|
2
2
|
import type {
|
|
3
3
|
IConnectionRecord,
|
|
4
4
|
IDomainConfig,
|
|
5
5
|
ISmartProxyOptions,
|
|
6
|
-
} from './
|
|
7
|
-
import { ConnectionManager } from './
|
|
8
|
-
import { SecurityManager } from './
|
|
9
|
-
import { DomainConfigManager } from './
|
|
10
|
-
import { TlsManager } from './
|
|
11
|
-
import { NetworkProxyBridge } from './
|
|
12
|
-
import { TimeoutManager } from './
|
|
13
|
-
import { PortRangeManager } from './
|
|
14
|
-
import type {
|
|
15
|
-
import type {
|
|
6
|
+
} from './models/interfaces.js';
|
|
7
|
+
import { ConnectionManager } from './connection-manager.js';
|
|
8
|
+
import { SecurityManager } from './security-manager.js';
|
|
9
|
+
import { DomainConfigManager } from './domain-config-manager.js';
|
|
10
|
+
import { TlsManager } from './tls-manager.js';
|
|
11
|
+
import { NetworkProxyBridge } from './network-proxy-bridge.js';
|
|
12
|
+
import { TimeoutManager } from './timeout-manager.js';
|
|
13
|
+
import { PortRangeManager } from './port-range-manager.js';
|
|
14
|
+
import type { ForwardingHandler } from '../../forwarding/handlers/base-handler.js';
|
|
15
|
+
import type { TForwardingType } from '../../forwarding/config/forwarding-types.js';
|
|
16
16
|
|
|
17
17
|
/**
|
|
18
18
|
* Handles new connection processing and setup logic
|
|
@@ -500,7 +500,7 @@ export class ConnectionHandler {
|
|
|
500
500
|
const globalDomainConfig = {
|
|
501
501
|
domains: ['global'],
|
|
502
502
|
forwarding: {
|
|
503
|
-
type: 'http-only' as
|
|
503
|
+
type: 'http-only' as TForwardingType,
|
|
504
504
|
target: {
|
|
505
505
|
host: this.settings.targetIP!,
|
|
506
506
|
port: this.settings.toPort
|
package/ts/{smartproxy/classes.pp.connectionmanager.ts → proxies/smart-proxy/connection-manager.ts}
RENAMED
|
@@ -1,7 +1,7 @@
|
|
|
1
|
-
import * as plugins from '
|
|
2
|
-
import type { IConnectionRecord, ISmartProxyOptions } from './
|
|
3
|
-
import { SecurityManager } from './
|
|
4
|
-
import { TimeoutManager } from './
|
|
1
|
+
import * as plugins from '../../plugins.js';
|
|
2
|
+
import type { IConnectionRecord, ISmartProxyOptions } from './models/interfaces.js';
|
|
3
|
+
import { SecurityManager } from './security-manager.js';
|
|
4
|
+
import { TimeoutManager } from './timeout-manager.js';
|
|
5
5
|
|
|
6
6
|
/**
|
|
7
7
|
* Manages connection lifecycle, tracking, and cleanup
|
|
@@ -12,7 +12,7 @@ export class ConnectionManager {
|
|
|
12
12
|
incoming: Record<string, number>;
|
|
13
13
|
outgoing: Record<string, number>;
|
|
14
14
|
} = { incoming: {}, outgoing: {} };
|
|
15
|
-
|
|
15
|
+
|
|
16
16
|
constructor(
|
|
17
17
|
private settings: ISmartProxyOptions,
|
|
18
18
|
private securityManager: SecurityManager,
|
|
@@ -70,14 +70,14 @@ export class ConnectionManager {
|
|
|
70
70
|
this.connectionRecords.set(connectionId, record);
|
|
71
71
|
this.securityManager.trackConnectionByIP(record.remoteIP, connectionId);
|
|
72
72
|
}
|
|
73
|
-
|
|
73
|
+
|
|
74
74
|
/**
|
|
75
75
|
* Get a connection by ID
|
|
76
76
|
*/
|
|
77
77
|
public getConnection(connectionId: string): IConnectionRecord | undefined {
|
|
78
78
|
return this.connectionRecords.get(connectionId);
|
|
79
79
|
}
|
|
80
|
-
|
|
80
|
+
|
|
81
81
|
/**
|
|
82
82
|
* Get all active connections
|
|
83
83
|
*/
|
|
@@ -110,7 +110,7 @@ export class ConnectionManager {
|
|
|
110
110
|
|
|
111
111
|
this.cleanupConnection(record, reason);
|
|
112
112
|
}
|
|
113
|
-
|
|
113
|
+
|
|
114
114
|
/**
|
|
115
115
|
* Clean up a connection record
|
|
116
116
|
*/
|
|
@@ -1,7 +1,8 @@
|
|
|
1
|
-
import * as plugins from '
|
|
2
|
-
import type { IDomainConfig, ISmartProxyOptions } from './
|
|
3
|
-
import type {
|
|
4
|
-
import {
|
|
1
|
+
import * as plugins from '../../plugins.js';
|
|
2
|
+
import type { IDomainConfig, ISmartProxyOptions } from './models/interfaces.js';
|
|
3
|
+
import type { TForwardingType, IForwardConfig } from '../../forwarding/config/forwarding-types.js';
|
|
4
|
+
import type { ForwardingHandler } from '../../forwarding/handlers/base-handler.js';
|
|
5
|
+
import { ForwardingHandlerFactory } from '../../forwarding/factory/forwarding-factory.js';
|
|
5
6
|
|
|
6
7
|
/**
|
|
7
8
|
* Manages domain configurations and target selection
|
|
@@ -11,7 +12,7 @@ export class DomainConfigManager {
|
|
|
11
12
|
private domainTargetIndices: Map<IDomainConfig, number> = new Map();
|
|
12
13
|
|
|
13
14
|
// Cache forwarding handlers for each domain config
|
|
14
|
-
private forwardingHandlers: Map<IDomainConfig,
|
|
15
|
+
private forwardingHandlers: Map<IDomainConfig, ForwardingHandler> = new Map();
|
|
15
16
|
|
|
16
17
|
constructor(private settings: ISmartProxyOptions) {}
|
|
17
18
|
|
|
@@ -54,25 +55,25 @@ export class DomainConfigManager {
|
|
|
54
55
|
}
|
|
55
56
|
}
|
|
56
57
|
}
|
|
57
|
-
|
|
58
|
+
|
|
58
59
|
/**
|
|
59
60
|
* Get all domain configurations
|
|
60
61
|
*/
|
|
61
62
|
public getDomainConfigs(): IDomainConfig[] {
|
|
62
63
|
return this.settings.domainConfigs;
|
|
63
64
|
}
|
|
64
|
-
|
|
65
|
+
|
|
65
66
|
/**
|
|
66
67
|
* Find domain config matching a server name
|
|
67
68
|
*/
|
|
68
69
|
public findDomainConfig(serverName: string): IDomainConfig | undefined {
|
|
69
70
|
if (!serverName) return undefined;
|
|
70
|
-
|
|
71
|
+
|
|
71
72
|
return this.settings.domainConfigs.find((config) =>
|
|
72
73
|
config.domains.some((d) => plugins.minimatch(serverName, d))
|
|
73
74
|
);
|
|
74
75
|
}
|
|
75
|
-
|
|
76
|
+
|
|
76
77
|
/**
|
|
77
78
|
* Find domain config for a specific port
|
|
78
79
|
*/
|
|
@@ -126,7 +127,7 @@ export class DomainConfigManager {
|
|
|
126
127
|
public getTargetPort(domainConfig: IDomainConfig, defaultPort: number): number {
|
|
127
128
|
return domainConfig.forwarding.target.port || defaultPort;
|
|
128
129
|
}
|
|
129
|
-
|
|
130
|
+
|
|
130
131
|
/**
|
|
131
132
|
* Checks if a domain should use NetworkProxy
|
|
132
133
|
*/
|
|
@@ -147,7 +148,7 @@ export class DomainConfigManager {
|
|
|
147
148
|
|
|
148
149
|
return domainConfig.forwarding.advanced?.networkProxyPort || this.settings.networkProxyPort;
|
|
149
150
|
}
|
|
150
|
-
|
|
151
|
+
|
|
151
152
|
/**
|
|
152
153
|
* Get effective allowed and blocked IPs for a domain
|
|
153
154
|
*
|
|
@@ -211,7 +212,7 @@ export class DomainConfigManager {
|
|
|
211
212
|
/**
|
|
212
213
|
* Creates a forwarding handler for a domain configuration
|
|
213
214
|
*/
|
|
214
|
-
private createForwardingHandler(domainConfig: IDomainConfig):
|
|
215
|
+
private createForwardingHandler(domainConfig: IDomainConfig): ForwardingHandler {
|
|
215
216
|
// Create a new handler using the factory
|
|
216
217
|
const handler = ForwardingHandlerFactory.createHandler(domainConfig.forwarding);
|
|
217
218
|
|
|
@@ -227,7 +228,7 @@ export class DomainConfigManager {
|
|
|
227
228
|
* Gets a forwarding handler for a domain config
|
|
228
229
|
* If no handler exists, creates one
|
|
229
230
|
*/
|
|
230
|
-
public getForwardingHandler(domainConfig: IDomainConfig):
|
|
231
|
+
public getForwardingHandler(domainConfig: IDomainConfig): ForwardingHandler {
|
|
231
232
|
// If we already have a handler, return it
|
|
232
233
|
if (this.forwardingHandlers.has(domainConfig)) {
|
|
233
234
|
return this.forwardingHandlers.get(domainConfig)!;
|
|
@@ -243,7 +244,7 @@ export class DomainConfigManager {
|
|
|
243
244
|
/**
|
|
244
245
|
* Gets the forwarding type for a domain config
|
|
245
246
|
*/
|
|
246
|
-
public getForwardingType(domainConfig?: IDomainConfig):
|
|
247
|
+
public getForwardingType(domainConfig?: IDomainConfig): TForwardingType | undefined {
|
|
247
248
|
if (!domainConfig?.forwarding) return undefined;
|
|
248
249
|
return domainConfig.forwarding.type;
|
|
249
250
|
}
|
|
@@ -0,0 +1,18 @@
|
|
|
1
|
+
/**
|
|
2
|
+
* SmartProxy implementation
|
|
3
|
+
*/
|
|
4
|
+
// Re-export models
|
|
5
|
+
export * from './models/index.js';
|
|
6
|
+
|
|
7
|
+
// Export the main SmartProxy class
|
|
8
|
+
export { SmartProxy } from './smart-proxy.js';
|
|
9
|
+
|
|
10
|
+
// Export supporting classes
|
|
11
|
+
export { ConnectionManager } from './connection-manager.js';
|
|
12
|
+
export { SecurityManager } from './security-manager.js';
|
|
13
|
+
export { DomainConfigManager } from './domain-config-manager.js';
|
|
14
|
+
export { TimeoutManager } from './timeout-manager.js';
|
|
15
|
+
export { TlsManager } from './tls-manager.js';
|
|
16
|
+
export { NetworkProxyBridge } from './network-proxy-bridge.js';
|
|
17
|
+
export { PortRangeManager } from './port-range-manager.js';
|
|
18
|
+
export { ConnectionHandler } from './connection-handler.js';
|
|
@@ -1,19 +1,23 @@
|
|
|
1
|
-
import * as plugins from '
|
|
2
|
-
import type { IForwardConfig } from '
|
|
1
|
+
import * as plugins from '../../../plugins.js';
|
|
2
|
+
import type { IForwardConfig } from '../../../forwarding/config/forwarding-types.js';
|
|
3
3
|
|
|
4
4
|
/**
|
|
5
5
|
* Provision object for static or HTTP-01 certificate
|
|
6
6
|
*/
|
|
7
|
-
export type
|
|
7
|
+
export type TSmartProxyCertProvisionObject = plugins.tsclass.network.ICert | 'http01';
|
|
8
8
|
|
|
9
|
-
/**
|
|
9
|
+
/**
|
|
10
|
+
* Domain configuration with forwarding configuration
|
|
11
|
+
*/
|
|
10
12
|
export interface IDomainConfig {
|
|
11
13
|
domains: string[]; // Glob patterns for domain(s)
|
|
12
14
|
forwarding: IForwardConfig; // Unified forwarding configuration
|
|
13
15
|
}
|
|
14
16
|
|
|
15
|
-
/**
|
|
16
|
-
|
|
17
|
+
/**
|
|
18
|
+
* Configuration options for the SmartProxy
|
|
19
|
+
*/
|
|
20
|
+
import type { IAcmeOptions } from '../../../certificate/models/certificate-types.js';
|
|
17
21
|
export interface ISmartProxyOptions {
|
|
18
22
|
fromPort: number;
|
|
19
23
|
toPort: number;
|
|
@@ -78,12 +82,12 @@ export interface ISmartProxyOptions {
|
|
|
78
82
|
|
|
79
83
|
// ACME configuration options for SmartProxy
|
|
80
84
|
acme?: IAcmeOptions;
|
|
81
|
-
|
|
85
|
+
|
|
82
86
|
/**
|
|
83
87
|
* Optional certificate provider callback. Return 'http01' to use HTTP-01 challenges,
|
|
84
88
|
* or a static certificate object for immediate provisioning.
|
|
85
89
|
*/
|
|
86
|
-
certProvisionFunction?: (domain: string) => Promise<
|
|
90
|
+
certProvisionFunction?: (domain: string) => Promise<TSmartProxyCertProvisionObject>;
|
|
87
91
|
}
|
|
88
92
|
|
|
89
93
|
/**
|
|
@@ -1,10 +1,10 @@
|
|
|
1
|
-
import * as plugins from '
|
|
2
|
-
import { NetworkProxy } from '../
|
|
3
|
-
import { Port80Handler } from '
|
|
4
|
-
import { Port80HandlerEvents } from '
|
|
5
|
-
import { subscribeToPort80Handler } from '
|
|
6
|
-
import type { ICertificateData } from '
|
|
7
|
-
import type { IConnectionRecord, ISmartProxyOptions, IDomainConfig } from './
|
|
1
|
+
import * as plugins from '../../plugins.js';
|
|
2
|
+
import { NetworkProxy } from '../network-proxy/index.js';
|
|
3
|
+
import { Port80Handler } from '../../http/port80/port80-handler.js';
|
|
4
|
+
import { Port80HandlerEvents } from '../../core/models/common-types.js';
|
|
5
|
+
import { subscribeToPort80Handler } from '../../core/utils/event-utils.js';
|
|
6
|
+
import type { ICertificateData } from '../../certificate/models/certificate-types.js';
|
|
7
|
+
import type { IConnectionRecord, ISmartProxyOptions, IDomainConfig } from './models/interfaces.js';
|
|
8
8
|
|
|
9
9
|
/**
|
|
10
10
|
* Manages NetworkProxy integration for TLS termination
|
|
@@ -12,7 +12,7 @@ import type { IConnectionRecord, ISmartProxyOptions, IDomainConfig } from './cla
|
|
|
12
12
|
export class NetworkProxyBridge {
|
|
13
13
|
private networkProxy: NetworkProxy | null = null;
|
|
14
14
|
private port80Handler: Port80Handler | null = null;
|
|
15
|
-
|
|
15
|
+
|
|
16
16
|
constructor(private settings: ISmartProxyOptions) {}
|
|
17
17
|
|
|
18
18
|
/**
|
|
@@ -68,21 +68,21 @@ export class NetworkProxyBridge {
|
|
|
68
68
|
*/
|
|
69
69
|
private handleCertificateEvent(data: ICertificateData): void {
|
|
70
70
|
if (!this.networkProxy) return;
|
|
71
|
-
|
|
71
|
+
|
|
72
72
|
console.log(`Received certificate for ${data.domain} from Port80Handler, updating NetworkProxy`);
|
|
73
|
-
|
|
73
|
+
|
|
74
74
|
try {
|
|
75
75
|
// Find existing config for this domain
|
|
76
76
|
const existingConfigs = this.networkProxy.getProxyConfigs()
|
|
77
77
|
.filter(config => config.hostName === data.domain);
|
|
78
|
-
|
|
78
|
+
|
|
79
79
|
if (existingConfigs.length > 0) {
|
|
80
80
|
// Update existing configs with new certificate
|
|
81
81
|
for (const config of existingConfigs) {
|
|
82
82
|
config.privateKey = data.privateKey;
|
|
83
83
|
config.publicKey = data.certificate;
|
|
84
84
|
}
|
|
85
|
-
|
|
85
|
+
|
|
86
86
|
// Apply updated configs
|
|
87
87
|
this.networkProxy.updateProxyConfigs(existingConfigs)
|
|
88
88
|
.then(() => console.log(`Updated certificate for ${data.domain} in NetworkProxy`))
|
|
@@ -95,7 +95,7 @@ export class NetworkProxyBridge {
|
|
|
95
95
|
console.log(`Error handling certificate event: ${err}`);
|
|
96
96
|
}
|
|
97
97
|
}
|
|
98
|
-
|
|
98
|
+
|
|
99
99
|
/**
|
|
100
100
|
* Apply an external (static) certificate into NetworkProxy
|
|
101
101
|
*/
|
|
@@ -283,7 +283,7 @@ export class NetworkProxyBridge {
|
|
|
283
283
|
}
|
|
284
284
|
|
|
285
285
|
// Convert domain configs to NetworkProxy configs
|
|
286
|
-
const proxyConfigs = this.networkProxy.
|
|
286
|
+
const proxyConfigs = this.networkProxy.convertSmartProxyConfigs(
|
|
287
287
|
this.settings.domainConfigs,
|
|
288
288
|
certPair
|
|
289
289
|
);
|
package/ts/{smartproxy/classes.pp.securitymanager.ts → proxies/smart-proxy/security-manager.ts}
RENAMED
|
@@ -1,5 +1,5 @@
|
|
|
1
|
-
import * as plugins from '
|
|
2
|
-
import type { ISmartProxyOptions } from './
|
|
1
|
+
import * as plugins from '../../plugins.js';
|
|
2
|
+
import type { ISmartProxyOptions } from './models/interfaces.js';
|
|
3
3
|
|
|
4
4
|
/**
|
|
5
5
|
* Handles security aspects like IP tracking, rate limiting, and authorization
|
|
@@ -7,7 +7,7 @@ import type { ISmartProxyOptions } from './classes.pp.interfaces.js';
|
|
|
7
7
|
export class SecurityManager {
|
|
8
8
|
private connectionsByIP: Map<string, Set<string>> = new Map();
|
|
9
9
|
private connectionRateByIP: Map<string, number[]> = new Map();
|
|
10
|
-
|
|
10
|
+
|
|
11
11
|
constructor(private settings: ISmartProxyOptions) {}
|
|
12
12
|
|
|
13
13
|
/**
|