@push.rocks/smartproxy 15.0.2 → 16.0.2

package/ts/proxies/smart-proxy/route-connection-handler.ts

@@ -1,12 +1,10 @@
 import * as plugins from '../../plugins.js';
 import type {
   IConnectionRecord,
-  IDomainConfig,
   ISmartProxyOptions
 } from './models/interfaces.js';
 import {
-  isRoutedOptions,
-  isLegacyOptions
+  isRoutedOptions
 } from './models/interfaces.js';
 import type {
   IRouteConfig,
@@ -14,13 +12,11 @@ import type {
 } from './models/route-types.js';
 import { ConnectionManager } from './connection-manager.js';
 import { SecurityManager } from './security-manager.js';
-import { DomainConfigManager } from './domain-config-manager.js';
 import { TlsManager } from './tls-manager.js';
 import { NetworkProxyBridge } from './network-proxy-bridge.js';
 import { TimeoutManager } from './timeout-manager.js';
 import { RouteManager } from './route-manager.js';
 import type { ForwardingHandler } from '../../forwarding/handlers/base-handler.js';
-import type { TForwardingType } from '../../forwarding/config/forwarding-types.js';
 
 /**
  * Handles new connection processing and setup logic with support for route-based configuration
@@ -32,7 +28,6 @@ export class RouteConnectionHandler {
     settings: ISmartProxyOptions,
     private connectionManager: ConnectionManager,
     private securityManager: SecurityManager,
-    private domainConfigManager: DomainConfigManager,
     private tlsManager: TlsManager,
     private networkProxyBridge: NetworkProxyBridge,
     private timeoutManager: TimeoutManager,
@@ -244,37 +239,20 @@ export class RouteConnectionHandler {
 
     if (!routeMatch) {
       console.log(`[${connectionId}] No route found for ${serverName || 'connection'} on port ${localPort}`);
-      
-      // Fall back to legacy matching if we're using a hybrid configuration
-      const domainConfig = serverName 
-        ? this.domainConfigManager.findDomainConfig(serverName)
-        : this.domainConfigManager.findDomainConfigForPort(localPort);
 
-      if (domainConfig) {
-        if (this.settings.enableDetailedLogging) {
-          console.log(`[${connectionId}] Using legacy domain configuration for ${serverName || 'port ' + localPort}`);
-        }
-        
-        // Associate this domain config with the connection
-        record.domainConfig = domainConfig;
-        
-        // Handle the connection using the legacy setup
-        return this.handleLegacyConnection(socket, record, serverName, domainConfig, initialChunk);
-      }
-      
-      // No matching route or domain config, use default/fallback handling
+      // No matching route, use default/fallback handling
       console.log(`[${connectionId}] Using default route handling for connection`);
-      
+
       // Check default security settings
       const defaultSecuritySettings = this.settings.defaults?.security;
       if (defaultSecuritySettings) {
-        if (defaultSecuritySettings.allowedIPs && defaultSecuritySettings.allowedIPs.length > 0) {
+        if (defaultSecuritySettings.allowedIps && defaultSecuritySettings.allowedIps.length > 0) {
           const isAllowed = this.securityManager.isIPAuthorized(
             remoteIP,
-            defaultSecuritySettings.allowedIPs,
-            defaultSecuritySettings.blockedIPs || []
+            defaultSecuritySettings.allowedIps,
+            defaultSecuritySettings.blockedIps || []
           );
-          
+
           if (!isAllowed) {
             console.log(`[${connectionId}] IP ${remoteIP} not in default allowed list`);
             socket.end();
@@ -282,34 +260,24 @@ export class RouteConnectionHandler {
             return;
           }
         }
-      } else if (this.settings.defaultAllowedIPs && this.settings.defaultAllowedIPs.length > 0) {
-        // Legacy default IP restrictions
-        const isAllowed = this.securityManager.isIPAuthorized(
-          remoteIP,
-          this.settings.defaultAllowedIPs,
-          this.settings.defaultBlockedIPs || []
-        );
-        
-        if (!isAllowed) {
-          console.log(`[${connectionId}] IP ${remoteIP} not in default allowed list`);
-          socket.end();
-          this.connectionManager.cleanupConnection(record, 'ip_blocked');
-          return;
-        }
       }
       
       // Setup direct connection with default settings
-      let targetHost: string;
-      let targetPort: number;
-
-      if (isRoutedOptions(this.settings) && this.settings.defaults?.target) {
-        // Use defaults from routed configuration
-        targetHost = this.settings.defaults.target.host;
-        targetPort = this.settings.defaults.target.port;
-      } else if (this.settings.targetIP && this.settings.toPort) {
-        // Fall back to legacy settings
-        targetHost = this.settings.targetIP;
-        targetPort = this.settings.toPort;
+      if (this.settings.defaults?.target) {
+        // Use defaults from configuration
+        const targetHost = this.settings.defaults.target.host;
+        const targetPort = this.settings.defaults.target.port;
+
+        return this.setupDirectConnection(
+          socket,
+          record,
+          undefined,
+          serverName,
+          initialChunk,
+          undefined,
+          targetHost,
+          targetPort
+        );
       } else {
         // No default target available, terminate the connection
         console.log(`[${connectionId}] No default target configured. Closing connection.`);
@@ -317,17 +285,6 @@ export class RouteConnectionHandler {
         this.connectionManager.cleanupConnection(record, 'no_default_target');
         return;
       }
-
-      return this.setupDirectConnection(
-        socket,
-        record,
-        undefined,
-        serverName,
-        initialChunk,
-        undefined,
-        targetHost,
-        targetPort
-      );
     }
     
     // A matching route was found
@@ -575,114 +532,8 @@ export class RouteConnectionHandler {
   }
   
   /**
-   * Handle a connection using legacy domain configuration
+   * Legacy connection handling has been removed in favor of pure route-based approach
    */
-  private handleLegacyConnection(
-    socket: plugins.net.Socket,
-    record: IConnectionRecord,
-    serverName: string,
-    domainConfig: IDomainConfig,
-    initialChunk?: Buffer
-  ): void {
-    const connectionId = record.id;
-    
-    // Get the forwarding type for this domain
-    const forwardingType = this.domainConfigManager.getForwardingType(domainConfig);
-    
-    // IP validation
-    const ipRules = this.domainConfigManager.getEffectiveIPRules(domainConfig);
-    
-    if (!this.securityManager.isIPAuthorized(record.remoteIP, ipRules.allowedIPs, ipRules.blockedIPs)) {
-      console.log(
-        `[${connectionId}] Connection rejected: IP ${record.remoteIP} not allowed for domain ${domainConfig.domains.join(', ')}`
-      );
-      socket.end();
-      this.connectionManager.initiateCleanupOnce(record, 'ip_blocked');
-      return;
-    }
-    
-    // Handle based on forwarding type
-    switch (forwardingType) {
-      case 'http-only':
-        // For HTTP-only configs with TLS traffic
-        if (record.isTLS) {
-          console.log(`[${connectionId}] Received TLS connection for HTTP-only domain ${serverName}`);
-          socket.end();
-          this.connectionManager.initiateCleanupOnce(record, 'wrong_protocol');
-          return;
-        }
-        break;
-        
-      case 'https-passthrough':
-        // For TLS passthrough with TLS traffic
-        if (record.isTLS) {
-          try {
-            const handler = this.domainConfigManager.getForwardingHandler(domainConfig);
-            
-            if (this.settings.enableDetailedLogging) {
-              console.log(`[${connectionId}] Using forwarding handler for SNI passthrough to ${serverName}`);
-            }
-            
-            // Handle the connection using the handler
-            return handler.handleConnection(socket);
-          } catch (err) {
-            console.log(`[${connectionId}] Error using forwarding handler: ${err}`);
-          }
-        }
-        break;
-        
-      case 'https-terminate-to-http':
-      case 'https-terminate-to-https':
-        // For TLS termination with TLS traffic
-        if (record.isTLS) {
-          const networkProxyPort = this.domainConfigManager.getNetworkProxyPort(domainConfig);
-          
-          if (this.settings.enableDetailedLogging) {
-            console.log(`[${connectionId}] Using TLS termination (${forwardingType}) for ${serverName} on port ${networkProxyPort}`);
-          }
-          
-          // Forward to NetworkProxy with domain-specific port
-          return this.networkProxyBridge.forwardToNetworkProxy(
-            connectionId,
-            socket,
-            record,
-            initialChunk!,
-            networkProxyPort,
-            (reason) => this.connectionManager.initiateCleanupOnce(record, reason)
-          );
-        }
-        break;
-    }
-    
-    // If we're still here, use the forwarding handler if available
-    try {
-      const handler = this.domainConfigManager.getForwardingHandler(domainConfig);
-      
-      if (this.settings.enableDetailedLogging) {
-        console.log(`[${connectionId}] Using general forwarding handler for domain ${serverName || 'unknown'}`);
-      }
-      
-      // Handle the connection using the handler
-      return handler.handleConnection(socket);
-    } catch (err) {
-      console.log(`[${connectionId}] Error using forwarding handler: ${err}`);
-    }
-    
-    // Fallback: set up direct connection
-    const targetIp = this.domainConfigManager.getTargetIP(domainConfig);
-    const targetPort = this.domainConfigManager.getTargetPort(domainConfig, this.settings.toPort);
-    
-    return this.setupDirectConnection(
-      socket,
-      record,
-      domainConfig,
-      serverName,
-      initialChunk,
-      undefined,
-      targetIp,
-      targetPort
-    );
-  }
   
   /**
    * Sets up a direct connection to the target
@@ -690,7 +541,7 @@ export class RouteConnectionHandler {
   private setupDirectConnection(
     socket: plugins.net.Socket,
     record: IConnectionRecord,
-    domainConfig?: IDomainConfig,
+    _unused?: any, // kept for backward compatibility
     serverName?: string,
     initialChunk?: Buffer,
     overridePort?: number,
@@ -698,22 +549,15 @@ export class RouteConnectionHandler {
     targetPort?: number
   ): void {
     const connectionId = record.id;
-    
+
     // Determine target host and port if not provided
-    const finalTargetHost = targetHost || (domainConfig
-      ? this.domainConfigManager.getTargetIP(domainConfig)
-      : this.settings.defaults?.target?.host
-        ? this.settings.defaults.target.host
-        : this.settings.targetIP!);
+    const finalTargetHost = targetHost ||
+      (this.settings.defaults?.target?.host || 'localhost');
 
-    // Determine target port - first try explicit port, then forwarding config, then fallback
-    const finalTargetPort = targetPort || (overridePort !== undefined
-      ? overridePort
-      : domainConfig
-        ? this.domainConfigManager.getTargetPort(domainConfig, this.settings.toPort)
-        : this.settings.defaults?.target?.port
-          ? this.settings.defaults.target.port
-          : this.settings.toPort);
+    // Determine target port
+    const finalTargetPort = targetPort ||
+      (overridePort !== undefined ? overridePort :
+       (this.settings.defaults?.target?.port || 443));
 
     // Setup connection options
     const connectionOptions: plugins.net.NetConnectOpts = {
@@ -897,20 +741,7 @@ export class RouteConnectionHandler {
         this.connectionManager.incrementTerminationStat('outgoing', 'connection_failed');
       }
       
-      // If we have a forwarding handler for this domain, let it handle the error
-      if (domainConfig) {
-        try {
-          const forwardingHandler = this.domainConfigManager.getForwardingHandler(domainConfig);
-          forwardingHandler.emit('connection_error', {
-            socket,
-            error: err,
-            connectionId
-          });
-        } catch (handlerErr) {
-          // If getting the handler fails, just log and continue with normal cleanup
-          console.log(`Error getting forwarding handler for error handling: ${handlerErr}`);
-        }
-      }
+      // Route-based configuration doesn't use domain handlers
       
       // Clean up the connection
       this.connectionManager.initiateCleanupOnce(record, `connection_failed_${code}`);
@@ -1043,8 +874,8 @@ export class RouteConnectionHandler {
             `${
               serverName
                 ? ` (SNI: ${serverName})`
-                : domainConfig
-                ? ` (Port-based for domain: ${domainConfig.domains.join(', ')})`
+                : record.lockedDomain
+                ? ` (Domain: ${record.lockedDomain})`
                 : ''
             }` +
             ` TLS: ${record.isTLS ? 'Yes' : 'No'}, Keep-Alive: ${
@@ -1057,8 +888,8 @@ export class RouteConnectionHandler {
             `${
               serverName
                 ? ` (SNI: ${serverName})`
-                : domainConfig
-                ? ` (Port-based for domain: ${domainConfig.domains.join(', ')})`
+                : record.lockedDomain
+                ? ` (Domain: ${record.lockedDomain})`
                 : ''
             }`
         );

package/ts/proxies/smart-proxy/route-helpers/index.ts

@@ -0,0 +1,9 @@
+/**
+ * Route helpers for SmartProxy
+ * 
+ * This module provides helper functions for creating various types of route configurations
+ * to be used with the SmartProxy system.
+ */
+
+// Re-export all functions from the route-helpers.ts file
+export * from '../route-helpers.js';

package/ts/proxies/smart-proxy/route-helpers.ts

@@ -1,12 +1,13 @@
-import type { 
-  IRouteConfig, 
-  IRouteMatch, 
-  IRouteAction, 
+import type {
+  IRouteConfig,
+  IRouteMatch,
+  IRouteAction,
   IRouteTarget,
   IRouteTls,
   IRouteRedirect,
   IRouteSecurity,
-  IRouteAdvanced
+  IRouteAdvanced,
+  TPortRange
 } from './models/route-types.js';
 
 /**
@@ -30,7 +31,7 @@ export function createRoute(
 }
 
 /**
- * Create a basic HTTP route configuration 
+ * Create a basic HTTP route configuration
  */
 export function createHttpRoute(
   options: {
@@ -206,7 +207,7 @@ export function createHttpToHttpsRedirect(
   }
 ): IRouteConfig {
   const domainArray = Array.isArray(options.domains) ? options.domains : [options.domains];
-  
+
   return createRedirectRoute({
     ports: 80,
     domains: options.domains,
@@ -270,7 +271,7 @@ export function createLoadBalancerRoute(
 ): IRouteConfig {
   const useTls = options.tlsMode !== undefined;
   const defaultPort = useTls ? 443 : 80;
-  
+
   return createRoute(
     {
       ports: options.ports || defaultPort,
@@ -321,7 +322,7 @@ export function createHttpsServer(
 ): IRouteConfig[] {
   const routes: IRouteConfig[] = [];
   const domainArray = Array.isArray(options.domains) ? options.domains : [options.domains];
-  
+
   // Add HTTPS route
   routes.push(createHttpsRoute({
     domains: options.domains,
@@ -330,7 +331,7 @@ export function createHttpsServer(
     security: options.security,
     name: options.name || `HTTPS Server for ${domainArray.join(', ')}`
   }));
-  
+
   // Add HTTP to HTTPS redirect if requested
   if (options.addHttpRedirect !== false) {
     routes.push(createHttpToHttpsRedirect({
@@ -339,6 +340,159 @@ export function createHttpsServer(
       priority: 100
     }));
   }
-  
+
   return routes;
+}
+
+/**
+ * Create a port range configuration from various input formats
+ */
+export function createPortRange(
+  ports: number | number[] | string | Array<{ from: number; to: number }>
+): TPortRange {
+  // If it's a string like "80,443" or "8000-9000", parse it
+  if (typeof ports === 'string') {
+    if (ports.includes('-')) {
+      // Handle range like "8000-9000"
+      const [start, end] = ports.split('-').map(p => parseInt(p.trim(), 10));
+      return [{ from: start, to: end }];
+    } else if (ports.includes(',')) {
+      // Handle comma-separated list like "80,443,8080"
+      return ports.split(',').map(p => parseInt(p.trim(), 10));
+    } else {
+      // Handle single port as string
+      return parseInt(ports.trim(), 10);
+    }
+  }
+
+  // Otherwise return as is
+  return ports;
+}
+
+/**
+ * Create a security configuration object
+ */
+export function createSecurityConfig(
+  options: {
+    allowedIps?: string[];
+    blockedIps?: string[];
+    maxConnections?: number;
+    authentication?: {
+      type: 'basic' | 'digest' | 'oauth';
+      // Auth-specific options
+      [key: string]: any;
+    };
+  }
+): IRouteSecurity {
+  return {
+    ...(options.allowedIps ? { allowedIps: options.allowedIps } : {}),
+    ...(options.blockedIps ? { blockedIps: options.blockedIps } : {}),
+    ...(options.maxConnections ? { maxConnections: options.maxConnections } : {}),
+    ...(options.authentication ? { authentication: options.authentication } : {})
+  };
+}
+
+/**
+ * Create a static file server route
+ */
+export function createStaticFileRoute(
+  options: {
+    ports?: number | number[]; // Default: 80
+    domains: string | string[];
+    path?: string;
+    targetDirectory: string;
+    tlsMode?: 'terminate' | 'terminate-and-reencrypt';
+    certificate?: 'auto' | { key: string; cert: string };
+    headers?: Record<string, string>;
+    security?: IRouteSecurity;
+    name?: string;
+    description?: string;
+    priority?: number;
+    tags?: string[];
+  }
+): IRouteConfig {
+  const useTls = options.tlsMode !== undefined;
+  const defaultPort = useTls ? 443 : 80;
+
+  return createRoute(
+    {
+      ports: options.ports || defaultPort,
+      domains: options.domains,
+      ...(options.path ? { path: options.path } : {})
+    },
+    {
+      type: 'forward',
+      target: {
+        host: 'localhost', // Static file serving is typically handled locally
+        port: 0, // Special value indicating a static file server
+        preservePort: false
+      },
+      ...(useTls ? {
+        tls: {
+          mode: options.tlsMode!,
+          certificate: options.certificate || 'auto'
+        }
+      } : {}),
+      advanced: {
+        ...(options.headers ? { headers: options.headers } : {}),
+        staticFiles: {
+          root: options.targetDirectory,
+          index: ['index.html', 'index.htm'],
+          directory: options.targetDirectory // For backward compatibility
+        }
+      },
+      ...(options.security ? { security: options.security } : {})
+    },
+    {
+      name: options.name || 'Static File Server',
+      description: options.description || `Serving static files from ${options.targetDirectory}`,
+      priority: options.priority,
+      tags: options.tags
+    }
+  );
+}
+
+/**
+ * Create a test route for debugging purposes
+ */
+export function createTestRoute(
+  options: {
+    ports?: number | number[]; // Default: 8000
+    domains?: string | string[];
+    path?: string;
+    response?: {
+      status?: number;
+      headers?: Record<string, string>;
+      body?: string;
+    };
+    name?: string;
+  }
+): IRouteConfig {
+  return createRoute(
+    {
+      ports: options.ports || 8000,
+      ...(options.domains ? { domains: options.domains } : {}),
+      ...(options.path ? { path: options.path } : {})
+    },
+    {
+      type: 'forward',
+      target: {
+        host: 'test',  // Special value indicating a test route
+        port: 0
+      },
+      advanced: {
+        testResponse: {
+          status: options.response?.status || 200,
+          headers: options.response?.headers || { 'Content-Type': 'text/plain' },
+          body: options.response?.body || 'Test route is working!'
+        }
+      }
+    },
+    {
+      name: options.name || 'Test Route',
+      description: 'Route for testing and debugging',
+      priority: 500,
+      tags: ['test', 'debug']
+    }
+  );
 }