npm - @push.rocks/smartproxy - Versions diffs - 17.0.0 → 18.0.0 - Mend

@push.rocks/smartproxy 17.0.0 → 18.0.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (23) hide show

package/dist_ts/proxies/smart-proxy/security-manager.d.ts CHANGED Viewed

@@ -25,16 +25,15 @@ export declare class SecurityManager {
      */
     removeConnectionByIP(ip: string, connectionId: string): void;
     /**
-     * Check if an IP is authorized using forwarding security rules
+     * Check if an IP is authorized using security rules
      *
      * This method is used to determine if an IP is allowed to connect, based on security
-     * rules configured in the forwarding configuration. The allowed and blocked IPs are
-     * typically derived from domain.forwarding.security.allowedIps and blockedIps through
-     * DomainConfigManager.getEffectiveIPRules().
+     * rules configured in the route configuration. The allowed and blocked IPs are
+     * typically derived from route.security.ipAllowList and ipBlockList.
      *
      * @param ip - The IP address to check
-     * @param allowedIPs - Array of allowed IP patterns from forwarding.security.allowedIps
-     * @param blockedIPs - Array of blocked IP patterns from forwarding.security.blockedIps
+     * @param allowedIPs - Array of allowed IP patterns from security.ipAllowList
+     * @param blockedIPs - Array of blocked IP patterns from security.ipBlockList
      * @returns true if IP is authorized, false if blocked
      */
     isIPAuthorized(ip: string, allowedIPs: string[], blockedIPs?: string[]): boolean;
@@ -42,10 +41,10 @@ export declare class SecurityManager {
      * Check if the IP matches any of the glob patterns from security configuration
      *
      * This method checks IP addresses against glob patterns and handles IPv4/IPv6 normalization.
-     * It's used to implement IP filtering based on the forwarding.security configuration.
+     * It's used to implement IP filtering based on the route.security configuration.
      *
      * @param ip - The IP address to check
-     * @param patterns - Array of glob patterns from forwarding.security.allowedIps or blockedIps
+     * @param patterns - Array of glob patterns from security.ipAllowList or ipBlockList
      * @returns true if IP matches any pattern, false otherwise
      */
     private isGlobIPMatch;

package/dist_ts/proxies/smart-proxy/security-manager.js CHANGED Viewed

@@ -54,16 +54,15 @@ export class SecurityManager {
         }
     }
     /**
-     * Check if an IP is authorized using forwarding security rules
+     * Check if an IP is authorized using security rules
      *
      * This method is used to determine if an IP is allowed to connect, based on security
-     * rules configured in the forwarding configuration. The allowed and blocked IPs are
-     * typically derived from domain.forwarding.security.allowedIps and blockedIps through
-     * DomainConfigManager.getEffectiveIPRules().
+     * rules configured in the route configuration. The allowed and blocked IPs are
+     * typically derived from route.security.ipAllowList and ipBlockList.
      *
      * @param ip - The IP address to check
-     * @param allowedIPs - Array of allowed IP patterns from forwarding.security.allowedIps
-     * @param blockedIPs - Array of blocked IP patterns from forwarding.security.blockedIps
+     * @param allowedIPs - Array of allowed IP patterns from security.ipAllowList
+     * @param blockedIPs - Array of blocked IP patterns from security.ipBlockList
      * @returns true if IP is authorized, false if blocked
      */
     isIPAuthorized(ip, allowedIPs, blockedIPs = []) {
@@ -82,10 +81,10 @@ export class SecurityManager {
      * Check if the IP matches any of the glob patterns from security configuration
      *
      * This method checks IP addresses against glob patterns and handles IPv4/IPv6 normalization.
-     * It's used to implement IP filtering based on the forwarding.security configuration.
+     * It's used to implement IP filtering based on the route.security configuration.
      *
      * @param ip - The IP address to check
-     * @param patterns - Array of glob patterns from forwarding.security.allowedIps or blockedIps
+     * @param patterns - Array of glob patterns from security.ipAllowList or ipBlockList
      * @returns true if IP matches any pattern, false otherwise
      */
     isGlobIPMatch(ip, patterns) {
@@ -146,4 +145,4 @@ export class SecurityManager {
         this.connectionRateByIP.clear();
     }
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjdXJpdHktbWFuYWdlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3RzL3Byb3hpZXMvc21hcnQtcHJveHkvc2VjdXJpdHktbWFuYWdlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLGtCQUFrQixDQUFDO0FBRzVDOztHQUVHO0FBQ0gsTUFBTSxPQUFPLGVBQWU7SUFJMUIsWUFBb0IsUUFBNEI7UUFBNUIsYUFBUSxHQUFSLFFBQVEsQ0FBb0I7UUFIeEMsb0JBQWUsR0FBNkIsSUFBSSxHQUFHLEVBQUUsQ0FBQztRQUN0RCx1QkFBa0IsR0FBMEIsSUFBSSxHQUFHLEVBQUUsQ0FBQztJQUVYLENBQUM7SUFFcEQ7O09BRUc7SUFDSSxzQkFBc0IsQ0FBQyxFQUFVO1FBQ3RDLE9BQU8sSUFBSSxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLEVBQUUsSUFBSSxJQUFJLENBQUMsQ0FBQztJQUNqRCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksbUJBQW1CLENBQUMsRUFBVTtRQUNuQyxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsR0FBRyxFQUFFLENBQUM7UUFDdkIsTUFBTSxNQUFNLEdBQUcsRUFBRSxHQUFHLElBQUksQ0FBQztRQUV6QixJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDO1lBQ3JDLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxHQUFHLENBQUMsRUFBRSxFQUFFLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztZQUN2QyxPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFFRCw0REFBNEQ7UUFDNUQsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUUsQ0FBQyxNQUFNLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLEdBQUcsR0FBRyxJQUFJLEdBQUcsTUFBTSxDQUFDLENBQUM7UUFDMUYsVUFBVSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUNyQixJQUFJLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLEVBQUUsRUFBRSxVQUFVLENBQUMsQ0FBQztRQUU1Qyw4QkFBOEI7UUFDOUIsT0FBTyxVQUFVLENBQUMsTUFBTSxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsNEJBQTZCLENBQUM7SUFDMUUsQ0FBQztJQUVEOztPQUVHO0lBQ0ksbUJBQW1CLENBQUMsRUFBVSxFQUFFLFlBQW9CO1FBQ3pELElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDO1lBQ2xDLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLEVBQUUsRUFBRSxJQUFJLEdBQUcsRUFBRSxDQUFDLENBQUM7UUFDMUMsQ0FBQztRQUNELElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBRSxDQUFDLEdBQUcsQ0FBQyxZQUFZLENBQUMsQ0FBQztJQUNsRCxDQUFDO0lBRUQ7O09BRUc7SUFDSSxvQkFBb0IsQ0FBQyxFQUFVLEVBQUUsWUFBb0I7UUFDMUQsSUFBSSxJQUFJLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDO1lBQ2pDLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBRSxDQUFDO1lBQ2xELFdBQVcsQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLENBQUM7WUFDakMsSUFBSSxXQUFXLENBQUMsSUFBSSxLQUFLLENBQUMsRUFBRSxDQUFDO2dCQUMzQixJQUFJLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUNsQyxDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUM7SUFFRDs7Ozs7Ozs7Ozs7O09BWUc7SUFDSSxjQUFjLENBQUMsRUFBVSxFQUFFLFVBQW9CLEVBQUUsYUFBdUIsRUFBRTtRQUMvRSw0Q0FBNEM7UUFDNUMsSUFBSSxDQUFDLEVBQUUsSUFBSSxDQUFDLFVBQVUsQ0FBQyxNQUFNLEtBQUssQ0FBQyxJQUFJLFVBQVUsQ0FBQyxNQUFNLEtBQUssQ0FBQyxDQUFDLEVBQUUsQ0FBQztZQUNoRSxPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFFRCw2REFBNkQ7UUFDN0QsSUFBSSxVQUFVLENBQUMsTUFBTSxHQUFHLENBQUMsSUFBSSxJQUFJLENBQUMsYUFBYSxDQUFDLEVBQUUsRUFBRSxVQUFVLENBQUMsRUFBRSxDQUFDO1lBQ2hFLE9BQU8sS0FBSyxDQUFDO1FBQ2YsQ0FBQztRQUVELDhCQUE4QjtRQUM5QixPQUFPLElBQUksQ0FBQyxhQUFhLENBQUMsRUFBRSxFQUFFLFVBQVUsQ0FBQyxDQUFDO0lBQzVDLENBQUM7SUFFRDs7Ozs7Ozs7O09BU0c7SUFDSyxhQUFhLENBQUMsRUFBVSxFQUFFLFFBQWtCO1FBQ2xELElBQUksQ0FBQyxFQUFFLElBQUksQ0FBQyxRQUFRLElBQUksUUFBUSxDQUFDLE1BQU0sS0FBSyxDQUFDO1lBQUUsT0FBTyxLQUFLLENBQUM7UUFFNUQscURBQXFEO1FBQ3JELE1BQU0sV0FBVyxHQUFHLENBQUMsRUFBVSxFQUFZLEVBQUU7WUFDM0MsSUFBSSxDQUFDLEVBQUU7Z0JBQUUsT0FBTyxFQUFFLENBQUM7WUFDbkIsdURBQXVEO1lBQ3ZELElBQUksRUFBRSxDQUFDLFVBQVUsQ0FBQyxTQUFTLENBQUMsRUFBRSxDQUFDO2dCQUM3QixNQUFNLElBQUksR0FBRyxFQUFFLENBQUMsS0FBSyxDQUFDLENBQUMsQ0FBQyxDQUFDO2dCQUN6QixPQUFPLENBQUMsRUFBRSxFQUFFLElBQUksQ0FBQyxDQUFDO1lBQ3BCLENBQUM7WUFDRCwwREFBMEQ7WUFDMUQsSUFBSSx5QkFBeUIsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDLEVBQUUsQ0FBQztnQkFDdkMsT0FBTyxDQUFDLEVBQUUsRUFBRSxVQUFVLEVBQUUsRUFBRSxDQUFDLENBQUM7WUFDOUIsQ0FBQztZQUNELE9BQU8sQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUNkLENBQUMsQ0FBQztRQUVGLGlDQUFpQztRQUNqQyxNQUFNLG9CQUFvQixHQUFHLFdBQVcsQ0FBQyxFQUFFLENBQUMsQ0FBQztRQUM3QyxJQUFJLG9CQUFvQixDQUFDLE1BQU0sS0FBSyxDQUFDO1lBQUUsT0FBTyxLQUFLLENBQUM7UUFFcEQsc0RBQXNEO1FBQ3RELE1BQU0sZ0JBQWdCLEdBQUcsUUFBUSxDQUFDLE9BQU8sQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUV2RCxrRUFBa0U7UUFDbEUsT0FBTyxvQkFBb0IsQ0FBQyxJQUFJLENBQUMsQ0FBQyxTQUFTLEVBQUUsRUFBRSxDQUM3QyxnQkFBZ0IsQ0FBQyxJQUFJLENBQUMsQ0FBQyxPQUFPLEVBQUUsRUFBRSxDQUFDLE9BQU8sQ0FBQyxTQUFTLENBQUMsU0FBUyxFQUFFLE9BQU8sQ0FBQyxDQUFDLENBQzFFLENBQUM7SUFDSixDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksVUFBVSxDQUFDLEVBQVU7UUFDMUIsK0JBQStCO1FBQy9CLElBQ0UsSUFBSSxDQUFDLFFBQVEsQ0FBQyxtQkFBbUI7WUFDakMsSUFBSSxDQUFDLHNCQUFzQixDQUFDLEVBQUUsQ0FBQyxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsbUJBQW1CLEVBQ3BFLENBQUM7WUFDRCxPQUFPO2dCQUNMLE9BQU8sRUFBRSxLQUFLO2dCQUNkLE1BQU0sRUFBRSwrQkFBK0IsSUFBSSxDQUFDLFFBQVEsQ0FBQyxtQkFBbUIsWUFBWTthQUNyRixDQUFDO1FBQ0osQ0FBQztRQUVELDhCQUE4QjtRQUM5QixJQUNFLElBQUksQ0FBQyxRQUFRLENBQUMsNEJBQTRCO1lBQzFDLENBQUMsSUFBSSxDQUFDLG1CQUFtQixDQUFDLEVBQUUsQ0FBQyxFQUM3QixDQUFDO1lBQ0QsT0FBTztnQkFDTCxPQUFPLEVBQUUsS0FBSztnQkFDZCxNQUFNLEVBQUUsMEJBQTBCLElBQUksQ0FBQyxRQUFRLENBQUMsNEJBQTRCLGdCQUFnQjthQUM3RixDQUFDO1FBQ0osQ0FBQztRQUVELE9BQU8sRUFBRSxPQUFPLEVBQUUsSUFBSSxFQUFFLENBQUM7SUFDM0IsQ0FBQztJQUVEOztPQUVHO0lBQ0ksZUFBZTtRQUNwQixJQUFJLENBQUMsZUFBZSxDQUFDLEtBQUssRUFBRSxDQUFDO1FBQzdCLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxLQUFLLEVBQUUsQ0FBQztJQUNsQyxDQUFDO0NBQ0YifQ==
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjdXJpdHktbWFuYWdlci5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uL3RzL3Byb3hpZXMvc21hcnQtcHJveHkvc2VjdXJpdHktbWFuYWdlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLGtCQUFrQixDQUFDO0FBRzVDOztHQUVHO0FBQ0gsTUFBTSxPQUFPLGVBQWU7SUFJMUIsWUFBb0IsUUFBNEI7UUFBNUIsYUFBUSxHQUFSLFFBQVEsQ0FBb0I7UUFIeEMsb0JBQWUsR0FBNkIsSUFBSSxHQUFHLEVBQUUsQ0FBQztRQUN0RCx1QkFBa0IsR0FBMEIsSUFBSSxHQUFHLEVBQUUsQ0FBQztJQUVYLENBQUM7SUFFcEQ7O09BRUc7SUFDSSxzQkFBc0IsQ0FBQyxFQUFVO1FBQ3RDLE9BQU8sSUFBSSxDQUFDLGVBQWUsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDLEVBQUUsSUFBSSxJQUFJLENBQUMsQ0FBQztJQUNqRCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksbUJBQW1CLENBQUMsRUFBVTtRQUNuQyxNQUFNLEdBQUcsR0FBRyxJQUFJLENBQUMsR0FBRyxFQUFFLENBQUM7UUFDdkIsTUFBTSxNQUFNLEdBQUcsRUFBRSxHQUFHLElBQUksQ0FBQztRQUV6QixJQUFJLENBQUMsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDO1lBQ3JDLElBQUksQ0FBQyxrQkFBa0IsQ0FBQyxHQUFHLENBQUMsRUFBRSxFQUFFLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQztZQUN2QyxPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFFRCw0REFBNEQ7UUFDNUQsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUUsQ0FBQyxNQUFNLENBQUMsQ0FBQyxJQUFJLEVBQUUsRUFBRSxDQUFDLEdBQUcsR0FBRyxJQUFJLEdBQUcsTUFBTSxDQUFDLENBQUM7UUFDMUYsVUFBVSxDQUFDLElBQUksQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUNyQixJQUFJLENBQUMsa0JBQWtCLENBQUMsR0FBRyxDQUFDLEVBQUUsRUFBRSxVQUFVLENBQUMsQ0FBQztRQUU1Qyw4QkFBOEI7UUFDOUIsT0FBTyxVQUFVLENBQUMsTUFBTSxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsNEJBQTZCLENBQUM7SUFDMUUsQ0FBQztJQUVEOztPQUVHO0lBQ0ksbUJBQW1CLENBQUMsRUFBVSxFQUFFLFlBQW9CO1FBQ3pELElBQUksQ0FBQyxJQUFJLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDO1lBQ2xDLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLEVBQUUsRUFBRSxJQUFJLEdBQUcsRUFBRSxDQUFDLENBQUM7UUFDMUMsQ0FBQztRQUNELElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBRSxDQUFDLEdBQUcsQ0FBQyxZQUFZLENBQUMsQ0FBQztJQUNsRCxDQUFDO0lBRUQ7O09BRUc7SUFDSSxvQkFBb0IsQ0FBQyxFQUFVLEVBQUUsWUFBb0I7UUFDMUQsSUFBSSxJQUFJLENBQUMsZUFBZSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDO1lBQ2pDLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxlQUFlLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBRSxDQUFDO1lBQ2xELFdBQVcsQ0FBQyxNQUFNLENBQUMsWUFBWSxDQUFDLENBQUM7WUFDakMsSUFBSSxXQUFXLENBQUMsSUFBSSxLQUFLLENBQUMsRUFBRSxDQUFDO2dCQUMzQixJQUFJLENBQUMsZUFBZSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsQ0FBQztZQUNsQyxDQUFDO1FBQ0gsQ0FBQztJQUNILENBQUM7SUFFRDs7Ozs7Ozs7Ozs7T0FXRztJQUNJLGNBQWMsQ0FBQyxFQUFVLEVBQUUsVUFBb0IsRUFBRSxhQUF1QixFQUFFO1FBQy9FLDRDQUE0QztRQUM1QyxJQUFJLENBQUMsRUFBRSxJQUFJLENBQUMsVUFBVSxDQUFDLE1BQU0sS0FBSyxDQUFDLElBQUksVUFBVSxDQUFDLE1BQU0sS0FBSyxDQUFDLENBQUMsRUFBRSxDQUFDO1lBQ2hFLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztRQUVELDZEQUE2RDtRQUM3RCxJQUFJLFVBQVUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxJQUFJLElBQUksQ0FBQyxhQUFhLENBQUMsRUFBRSxFQUFFLFVBQVUsQ0FBQyxFQUFFLENBQUM7WUFDaEUsT0FBTyxLQUFLLENBQUM7UUFDZixDQUFDO1FBRUQsOEJBQThCO1FBQzlCLE9BQU8sSUFBSSxDQUFDLGFBQWEsQ0FBQyxFQUFFLEVBQUUsVUFBVSxDQUFDLENBQUM7SUFDNUMsQ0FBQztJQUVEOzs7Ozs7Ozs7T0FTRztJQUNLLGFBQWEsQ0FBQyxFQUFVLEVBQUUsUUFBa0I7UUFDbEQsSUFBSSxDQUFDLEVBQUUsSUFBSSxDQUFDLFFBQVEsSUFBSSxRQUFRLENBQUMsTUFBTSxLQUFLLENBQUM7WUFBRSxPQUFPLEtBQUssQ0FBQztRQUU1RCxxREFBcUQ7UUFDckQsTUFBTSxXQUFXLEdBQUcsQ0FBQyxFQUFVLEVBQVksRUFBRTtZQUMzQyxJQUFJLENBQUMsRUFBRTtnQkFBRSxPQUFPLEVBQUUsQ0FBQztZQUNuQix1REFBdUQ7WUFDdkQsSUFBSSxFQUFFLENBQUMsVUFBVSxDQUFDLFNBQVMsQ0FBQyxFQUFFLENBQUM7Z0JBQzdCLE1BQU0sSUFBSSxHQUFHLEVBQUUsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ3pCLE9BQU8sQ0FBQyxFQUFFLEVBQUUsSUFBSSxDQUFDLENBQUM7WUFDcEIsQ0FBQztZQUNELDBEQUEwRDtZQUMxRCxJQUFJLHlCQUF5QixDQUFDLElBQUksQ0FBQyxFQUFFLENBQUMsRUFBRSxDQUFDO2dCQUN2QyxPQUFPLENBQUMsRUFBRSxFQUFFLFVBQVUsRUFBRSxFQUFFLENBQUMsQ0FBQztZQUM5QixDQUFDO1lBQ0QsT0FBTyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQ2QsQ0FBQyxDQUFDO1FBRUYsaUNBQWlDO1FBQ2pDLE1BQU0sb0JBQW9CLEdBQUcsV0FBVyxDQUFDLEVBQUUsQ0FBQyxDQUFDO1FBQzdDLElBQUksb0JBQW9CLENBQUMsTUFBTSxLQUFLLENBQUM7WUFBRSxPQUFPLEtBQUssQ0FBQztRQUVwRCxzREFBc0Q7UUFDdEQsTUFBTSxnQkFBZ0IsR0FBRyxRQUFRLENBQUMsT0FBTyxDQUFDLFdBQVcsQ0FBQyxDQUFDO1FBRXZELGtFQUFrRTtRQUNsRSxPQUFPLG9CQUFvQixDQUFDLElBQUksQ0FBQyxDQUFDLFNBQVMsRUFBRSxFQUFFLENBQzdDLGdCQUFnQixDQUFDLElBQUksQ0FBQyxDQUFDLE9BQU8sRUFBRSxFQUFFLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxTQUFTLEVBQUUsT0FBTyxDQUFDLENBQUMsQ0FDMUUsQ0FBQztJQUNKLENBQUM7SUFFRDs7O09BR0c7SUFDSSxVQUFVLENBQUMsRUFBVTtRQUMxQiwrQkFBK0I7UUFDL0IsSUFDRSxJQUFJLENBQUMsUUFBUSxDQUFDLG1CQUFtQjtZQUNqQyxJQUFJLENBQUMsc0JBQXNCLENBQUMsRUFBRSxDQUFDLElBQUksSUFBSSxDQUFDLFFBQVEsQ0FBQyxtQkFBbUIsRUFDcEUsQ0FBQztZQUNELE9BQU87Z0JBQ0wsT0FBTyxFQUFFLEtBQUs7Z0JBQ2QsTUFBTSxFQUFFLCtCQUErQixJQUFJLENBQUMsUUFBUSxDQUFDLG1CQUFtQixZQUFZO2FBQ3JGLENBQUM7UUFDSixDQUFDO1FBRUQsOEJBQThCO1FBQzlCLElBQ0UsSUFBSSxDQUFDLFFBQVEsQ0FBQyw0QkFBNEI7WUFDMUMsQ0FBQyxJQUFJLENBQUMsbUJBQW1CLENBQUMsRUFBRSxDQUFDLEVBQzdCLENBQUM7WUFDRCxPQUFPO2dCQUNMLE9BQU8sRUFBRSxLQUFLO2dCQUNkLE1BQU0sRUFBRSwwQkFBMEIsSUFBSSxDQUFDLFFBQVEsQ0FBQyw0QkFBNEIsZ0JBQWdCO2FBQzdGLENBQUM7UUFDSixDQUFDO1FBRUQsT0FBTyxFQUFFLE9BQU8sRUFBRSxJQUFJLEVBQUUsQ0FBQztJQUMzQixDQUFDO0lBRUQ7O09BRUc7SUFDSSxlQUFlO1FBQ3BCLElBQUksQ0FBQyxlQUFlLENBQUMsS0FBSyxFQUFFLENBQUM7UUFDN0IsSUFBSSxDQUFDLGtCQUFrQixDQUFDLEtBQUssRUFBRSxDQUFDO0lBQ2xDLENBQUM7Q0FDRiJ9

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@push.rocks/smartproxy",
-  "version": "17.0.0",
+  "version": "18.0.0",
   "private": false,
   "description": "A powerful proxy package with unified route-based configuration for high traffic management. Features include SSL/TLS support, flexible routing patterns, WebSocket handling, advanced security options, and automatic ACME certificate management.",
   "main": "dist_ts/index.js",

package/readme.plan.md CHANGED Viewed

@@ -1,201 +1,146 @@
-# SmartProxy Codebase Cleanup Plan
+# SmartProxy Interface Consolidation Plan
 ## Overview
-This document outlines a comprehensive plan to clean up the SmartProxy codebase by removing deprecated and unused code, consolidating functionality, and reducing complexity. The goal is to make the codebase more maintainable, easier to understand, and better positioned for future enhancements.
+This document outlines a plan to consolidate duplicate and inconsistent interfaces in the SmartProxy codebase, specifically the `IRouteSecurity` interface which is defined twice with different properties. This inconsistency caused issues with security checks for port forwarding. The goal is to unify these interfaces, use consistent property naming, and improve code maintainability.
+## Problem Description
+We currently have two separate `IRouteSecurity` interfaces defined in `ts/proxies/smart-proxy/models/route-types.ts`:
+1. **First definition** (lines 116-122) - Used in IRouteAction:
+   ```typescript
+   export interface IRouteSecurity {
+     allowedIps?: string[];
+     blockedIps?: string[];
+     maxConnections?: number;
+     authentication?: IRouteAuthentication;
+   }
+   ```
+2. **Second definition** (lines 253-272) - Used directly in IRouteConfig:
+   ```typescript
+   export interface IRouteSecurity {
+     rateLimit?: IRouteRateLimit;
+     basicAuth?: {...};
+     jwtAuth?: {...};
+     ipAllowList?: string[];
+     ipBlockList?: string[];
+   }
+   ```
+This duplication with inconsistent naming (`allowedIps` vs `ipAllowList` and `blockedIps` vs `ipBlockList`) caused routing issues when IP security checks were used, as we had to implement a workaround to check both property names.
+## Implementation Plan
+### Phase 1: Interface Consolidation
+1. **Create a unified interface definition:**
+   - Create one comprehensive `IRouteSecurity` interface that includes all properties
+   - Use consistent property naming (standardize on `ipAllowList` and `ipBlockList`)
+   - Add proper documentation for each property
+   - Remove the duplicate interface definition
+2. **Update references to use the unified interface:**
+   - Update all code that references the old interface properties
+   - Update all configurations to use the new property names
+   - Ensure implementation in `route-manager.ts` uses the correct property names
+### Phase 2: Code and Documentation Updates
+1. **Update type usages and documentation:**
+   - Update all code that creates or uses security configurations
+   - Update documentation to reflect the new interface structure
+   - Add examples of the correct property usage
+   - Document the breaking change in changelog.md
+2. **Add tests:**
+   - Update existing tests to use the new property names
+   - Add test cases for all security configuration scenarios
+   - Verify that port range configurations with security settings work correctly
+## Implementation Steps
-## Phase 1: Remove Deprecated Code
-### 1.1 Delete Legacy Migration Utilities ✅
-The route migration utilities were created to assist in transitioning from the legacy domain-based configuration to the new route-based configuration system. As this migration is now complete, these utilities can be safely removed.
-- **Action:** ✅ Remove `/ts/proxies/smart-proxy/utils/route-migration-utils.ts`
-- **Impact:** Low - This file is explicitly marked as temporary and for migration purposes only
-- **Dependencies:** ✅ Update any imports of these utilities (check forwarding-types.ts)
-### 1.2 Clean Up References to Deleted Files ✅
-Several files are marked for deletion in the git status but are still referenced in the codebase.
-- **Action:** ✅ Remove references to deleted route-helpers files:
-  - ✅ Update `/ts/proxies/smart-proxy/utils/index.ts` to remove `export * from './route-helpers.js';`
-  - ✅ Update `/ts/forwarding/config/forwarding-types.ts` to remove imports and re-exports of route helper functions
-- **Impact:** Medium - May break code that still relies on these helpers
-- **Dependencies:** ✅ Ensure route-patterns.js provides equivalent functionality (moved helper functions from route-helpers.js to route-patterns.ts)
-### 1.3 Remove Deprecated Forwarding Types and Helpers ✅
-Legacy forwarding types and helper functions in forwarding-types.ts are marked as deprecated.
-- **Action:** ✅
-  - ✅ Clean up `/ts/forwarding/config/forwarding-types.ts`
-  - ✅ Remove deprecated helper functions: `httpOnly`, `tlsTerminateToHttp`, `tlsTerminateToHttps`, `httpsPassthrough`
-  - ✅ Remove deprecated interfaces: `IDeprecatedForwardConfig`
-- **Impact:** Medium - May break code that still uses these helpers
-- **Dependencies:** ✅ Ensure route patterns provide equivalent functionality
-## Phase 2: Consolidate and Simplify Code
-### 2.1 Streamline Interface Definitions ✅
-There are several redundant interfaces that could be simplified.
-- **Action:** ✅
-  - ✅ Remove legacy type checking functions (`isLegacyOptions`, `isRoutedOptions`) in `/ts/proxies/smart-proxy/models/interfaces.ts`
-  - ✅ Update `ISmartProxyOptions` interface to remove obsolete properties
-  - ✅ Remove backward compatibility aliases like `IRoutedSmartProxyOptions`
-- **Impact:** Medium - May break code that relies on these interfaces
-- **Dependencies:** ✅ Update any code that references these interfaces
-### 2.2 Consolidate Route Utilities
-The route utilities are spread across multiple files with some overlapping functionality.
-- **Action:**
-  - Consolidate route utilities into a single coherent structure
-  - Move common functions from route-utils.ts, route-patterns.ts into a single location
-  - Ensure consistent naming conventions for route utility functions
-- **Impact:** Medium - Requires careful refactoring
-- **Dependencies:** Update all references to these utilities
-### 2.3 Clean Up Legacy Connection Handling ✅
-The route-connection-handler.ts file contains legacy code and parameters kept for backward compatibility.
-- **Action:** ✅
-  - ✅ Remove unused parameters and legacy comments from `setupDirectConnection` method
-  - ✅ Simplify connection handling logic by removing special cases for legacy configurations
-- **Impact:** Medium - Requires careful testing to ensure no regressions
-- **Dependencies:** ✅ Test with all current route configurations
-## Phase 3: Code Modernization
-### 3.1 Standardize on 'preserve' Port Handling ✅
-Previously implemented changes to use `port: 'preserve'` instead of `preservePort: true` should be consistently applied.
-- **Action:** ✅
-  - ✅ Ensure all code paths handle the 'preserve' value for port
-  - ✅ Remove any remaining references to preservePort in code and documentation
-- **Impact:** Low - Already implemented in most places
-- **Dependencies:** None
-### 3.2 Normalize IPv6-Mapped IPv4 Addresses ✅
-Implement consistent handling of IPv6-mapped IPv4 addresses throughout the codebase.
-- **Action:** ✅
-  - ✅ Ensure any IP address comparisons consistently handle IPv6-mapped IPv4 addresses
-  - ✅ Standardize on a single approach to IP normalization
-- **Impact:** Low - Already partially implemented
-- **Dependencies:** None
-### 3.3 Improve Type Safety ✅
-Enhance type safety throughout the codebase to catch errors at compile time.
-- **Action:** ✅
-  - ✅ Add stronger types where appropriate
-  - ✅ Remove any `any` types that could be replaced with more specific types
-  - ✅ Add explicit return types to functions
-- **Impact:** Medium - May uncover existing issues
-- **Dependencies:** None
-## Phase 4: Documentation and Tests
-### 4.1 Update API Documentation ✅
-Ensure documentation is current and accurately reflects the cleaned-up API.
-- **Action:** ✅
-  - ✅ Update comments and JSDoc throughout the codebase
-  - ✅ Ensure porthandling.md and other documentation reflect current implementation
-  - ✅ Remove references to deprecated functionality
-- **Impact:** Low
-- **Dependencies:** None
-### 4.2 Add or Update Tests ✅
-Ensure test coverage for the cleaned-up codebase.
-- **Action:** ✅
-  - ✅ Update existing tests to remove references to deprecated functionality
-  - ✅ Add tests for edge cases in IP normalization
-  - ✅ Add tests for the updated route utility functions
-- **Impact:** Medium
-- **Dependencies:** None
-## Implementation Sequence ✅
-The changes were implemented in this order:
-1. ✅ **Phase 1.1**: Remove Legacy Migration Utilities
-2. ✅ **Phase 1.2**: Clean Up References to Deleted Files
-3. ✅ **Phase 1.3**: Remove Deprecated Forwarding Types and Helpers
-4. ✅ **Phase 2.1**: Streamline Interface Definitions
-5. ✅ **Phase 3.1**: Standardize on 'preserve' Port Handling
-6. ✅ **Phase 3.2**: Normalize IPv6-Mapped IPv4 Addresses
-7. ⏸️ **Phase 2.2**: Consolidate Route Utilities (Postponed - Low priority)
-8. ✅ **Phase 2.3**: Clean Up Legacy Connection Handling
-9. ✅ **Phase 3.3**: Improve Type Safety
-10. ✅ **Phase 4.1**: Update API Documentation
-11. ✅ **Phase 4.2**: Add or Update Tests
-## Detailed Implementation Steps
-### 1. Remove Legacy Migration Utilities
-```bash
-# Delete the file
-git rm ts/proxies/smart-proxy/utils/route-migration-utils.ts
-# Remove the export from the index file
-# Edit ts/proxies/smart-proxy/utils/index.ts to remove the export line
-```
-### 2. Clean Up References to Deleted Files
-```bash
-# Update forwarding-types.ts to remove imports from route-helpers.js
-# Edit ts/forwarding/config/forwarding-types.ts
-# Remove or update imports in index.ts
-# Edit ts/proxies/smart-proxy/utils/index.ts
-```
-### 3. Remove Deprecated Forwarding Types
-```bash
-# Edit ts/forwarding/config/forwarding-types.ts to remove deprecated helpers and interfaces
-```
-### 4. Streamline Interface Definitions
-```bash
-# Edit ts/proxies/smart-proxy/models/interfaces.ts to remove legacy functions and aliases
+```typescript
+// Step 1: Define the unified interface
+export interface IRouteSecurity {
+  // Access control lists
+  ipAllowList?: string[];        // IP addresses that are allowed to connect
+  ipBlockList?: string[];        // IP addresses that are blocked from connecting
+  // Connection limits
+  maxConnections?: number;       // Maximum concurrent connections
+  // Authentication
+  authentication?: IRouteAuthentication;
+  // Rate limiting
+  rateLimit?: IRouteRateLimit;
+  // Authentication methods
+  basicAuth?: {
+    enabled: boolean;
+    users: Array<{ username: string; password: string }>;
+    realm?: string;
+    excludePaths?: string[];
+  };
+  jwtAuth?: {
+    enabled: boolean;
+    secret: string;
+    algorithm?: string;
+    issuer?: string;
+    audience?: string;
+    expiresIn?: number;
+    excludePaths?: string[];
+  };
+}
 ```
-### 5. Normalize IPv6-Mapped IPv4 Addresses
-Ensure all IP matching functions consistently handle IPv6-mapped IPv4 addresses:
+Update `isClientIpAllowed` method to use only the new property names:
 ```typescript
-// In all IP matching functions:
-const normalizeIp = (ip: string): string => {
-  return ip.startsWith('::ffff:') ? ip.substring(7) : ip;
-};
+private isClientIpAllowed(route: IRouteConfig, clientIp: string): boolean {
+  const security = route.action.security;
+  if (!security) {
+    return true; // No security settings means allowed
+  }
+  // Check blocked IPs first
+  if (security.ipBlockList && security.ipBlockList.length > 0) {
+    for (const pattern of security.ipBlockList) {
+      if (this.matchIpPattern(pattern, clientIp)) {
+        return false; // IP is blocked
+      }
+    }
+  }
+  // If there are allowed IPs, check them
+  if (security.ipAllowList && security.ipAllowList.length > 0) {
+    for (const pattern of security.ipAllowList) {
+      if (this.matchIpPattern(pattern, clientIp)) {
+        return true; // IP is allowed
+      }
+    }
+    return false; // IP not in allowed list
+  }
+  // No allowed IPs specified, so IP is allowed
+  return true;
+}
 ```
-## Implementation Results ✅
+## Expected Benefits
-The cleanup implementation was successful, resulting in:
+- **Improved Consistency**: Single, unified interface with consistent property naming
+- **Better Type Safety**: Eliminating confusing duplicate interface definitions
+- **Reduced Errors**: Prevent misunderstandings about which property names to use
+- **Forward Compatibility**: Clearer path for future security enhancements
+- **Better Developer Experience**: Simplified interface with comprehensive documentation
-- **Reduced Codebase Size**: Successfully removed multiple deprecated files and functions
-- **Improved Maintainability**: Cleaner, more focused code without legacy compatibility layers
-- **Reduced Complexity**: Eliminated special cases for legacy config formats
-- **Better Developer Experience**: Standardized on consistent patterns for port handling
-- **Future-Proofing**: Removed deprecated code that would complicate future upgrades
-- **Type Safety**: Fixed multiple TypeScript errors and improved type checking
+## Testing Plan
-All changes successfully compile and the build process passes with no errors. The codebase is now simpler, more maintainable, and better positioned for future enhancements.
+1. Test with existing configurations using both old and new property names
+2. Create specific test cases for port ranges with different security configurations
+3. Verify that port forwarding with IP allow lists works correctly with the unified interface

package/ts/00_commitinfo_data.ts CHANGED Viewed

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@push.rocks/smartproxy',
-  version: '17.0.0',
+  version: '18.0.0',
   description: 'A powerful proxy package with unified route-based configuration for high traffic management. Features include SSL/TLS support, flexible routing patterns, WebSocket handling, advanced security options, and automatic ACME certificate management.'
 }

package/ts/core/utils/shared-security-manager.ts CHANGED Viewed

@@ -199,8 +199,8 @@ export class SharedSecurityManager {
     }
     // Check IP against route security settings
-    const ipAllowList = route.security.ipAllowList || route.security.allowedIps;
-    const ipBlockList = route.security.ipBlockList || route.security.blockedIps;
+    const ipAllowList = route.security.ipAllowList;
+    const ipBlockList = route.security.ipBlockList;
     const allowed = this.isIPAuthorized(clientIp, ipAllowList, ipBlockList);

package/ts/forwarding/handlers/base-handler.ts CHANGED Viewed

@@ -40,9 +40,10 @@ export abstract class ForwardingHandler extends plugins.EventEmitter implements
   /**
    * Get a target from the configuration, supporting round-robin selection
+   * @param incomingPort Optional incoming port for 'preserve' mode
    * @returns A resolved target object with host and port
    */
-  protected getTargetFromConfig(): { host: string, port: number } {
+  protected getTargetFromConfig(incomingPort: number = 80): { host: string, port: number } {
     const { target } = this.config;
     // Handle round-robin host selection
@@ -55,32 +56,37 @@ export abstract class ForwardingHandler extends plugins.EventEmitter implements
       const randomIndex = Math.floor(Math.random() * target.host.length);
       return {
         host: target.host[randomIndex],
-        port: this.resolvePort(target.port)
+        port: this.resolvePort(target.port, incomingPort)
       };
     }
     // Single host
     return {
       host: target.host,
-      port: this.resolvePort(target.port)
+      port: this.resolvePort(target.port, incomingPort)
     };
   }
   /**
    * Resolves a port value, handling 'preserve' and function ports
+   * @param port The port value to resolve
+   * @param incomingPort Optional incoming port to use for 'preserve' mode
    */
-  protected resolvePort(port: number | 'preserve' | ((ctx: any) => number)): number {
+  protected resolvePort(
+    port: number | 'preserve' | ((ctx: any) => number),
+    incomingPort: number = 80
+  ): number {
     if (typeof port === 'function') {
       try {
-        // Create a minimal context for the function
-        const ctx = { port: 80 }; // Default port for minimal context
+        // Create a minimal context for the function that includes the incoming port
+        const ctx = { port: incomingPort };
         return port(ctx);
       } catch (err) {
         console.error('Error resolving port function:', err);
-        return 80; // Default fallback port
+        return incomingPort; // Fall back to incoming port
       }
     } else if (port === 'preserve') {
-      return 80; // Default port for 'preserve' in base handler
+      return incomingPort; // Use the actual incoming port for 'preserve'
     } else {
       return port;
     }

package/ts/forwarding/handlers/http-handler.ts CHANGED Viewed

@@ -38,6 +38,7 @@ export class HttpForwardingHandler extends ForwardingHandler {
     // For HTTP, we mainly handle parsed requests, but we can still set up
     // some basic connection tracking
     const remoteAddress = socket.remoteAddress || 'unknown';
+    const localPort = socket.localPort || 80;
     socket.on('close', (hadError) => {
       this.emit(ForwardingHandlerEvents.DISCONNECTED, {
@@ -54,7 +55,8 @@ export class HttpForwardingHandler extends ForwardingHandler {
     });
     this.emit(ForwardingHandlerEvents.CONNECTED, {
-      remoteAddress
+      remoteAddress,
+      localPort
     });
   }
@@ -64,8 +66,11 @@ export class HttpForwardingHandler extends ForwardingHandler {
    * @param res The HTTP response
    */
   public handleHttpRequest(req: plugins.http.IncomingMessage, res: plugins.http.ServerResponse): void {
-    // Get the target from configuration
-    const target = this.getTargetFromConfig();
+    // Get the local port from the request (for 'preserve' port handling)
+    const localPort = req.socket.localPort || 80;
+    // Get the target from configuration, passing the incoming port
+    const target = this.getTargetFromConfig(localPort);
     // Create a custom headers object with variables for substitution
     const variables = {

package/ts/proxies/smart-proxy/models/interfaces.ts CHANGED Viewed

@@ -27,8 +27,8 @@ export interface ISmartProxyOptions {
       port: number; // Default port to use when not specified in routes
     };
     security?: {
-      allowedIps?: string[]; // Default allowed IPs
-      blockedIps?: string[]; // Default blocked IPs
+      ipAllowList?: string[]; // Default allowed IPs
+      ipBlockList?: string[]; // Default blocked IPs
       maxConnections?: number; // Default max connections
     };
     preserveSourceIP?: boolean; // Default source IP preservation

package/ts/proxies/smart-proxy/models/route-types.ts CHANGED Viewed

@@ -112,13 +112,39 @@ export interface IRouteAuthentication {
 }
 /**
- * Security options for route actions
+ * Security options for routes
  */
 export interface IRouteSecurity {
-  allowedIps?: string[];
-  blockedIps?: string[];
-  maxConnections?: number;
+  // Access control lists
+  ipAllowList?: string[];       // IP addresses that are allowed to connect
+  ipBlockList?: string[];       // IP addresses that are blocked from connecting
+  // Connection limits
+  maxConnections?: number;      // Maximum concurrent connections
+  // Authentication
   authentication?: IRouteAuthentication;
+  // Rate limiting
+  rateLimit?: IRouteRateLimit;
+  // Authentication methods
+  basicAuth?: {
+    enabled: boolean;
+    users: Array<{ username: string; password: string }>;
+    realm?: string;
+    excludePaths?: string[];
+  };
+  jwtAuth?: {
+    enabled: boolean;
+    secret: string;
+    algorithm?: string;
+    issuer?: string;
+    audience?: string;
+    expiresIn?: number;
+    excludePaths?: string[];
+  };
 }
 /**
@@ -247,29 +273,7 @@ export interface IRouteRateLimit {
   errorMessage?: string;
 }
-/**
- * Security features for routes
- */
-export interface IRouteSecurity {
-  rateLimit?: IRouteRateLimit;
-  basicAuth?: {
-    enabled: boolean;
-    users: Array<{ username: string; password: string }>;
-    realm?: string;
-    excludePaths?: string[];
-  };
-  jwtAuth?: {
-    enabled: boolean;
-    secret: string;
-    algorithm?: string;
-    issuer?: string;
-    audience?: string;
-    expiresIn?: number;
-    excludePaths?: string[];
-  };
-  ipAllowList?: string[];
-  ipBlockList?: string[];
-}
+// IRouteSecurity is defined above - unified definition is used for all routes
 /**
  * CORS configuration for a route

package/ts/proxies/smart-proxy/route-connection-handler.ts CHANGED Viewed

@@ -289,11 +289,11 @@ export class RouteConnectionHandler {
       // Check default security settings
       const defaultSecuritySettings = this.settings.defaults?.security;
       if (defaultSecuritySettings) {
-        if (defaultSecuritySettings.allowedIps && defaultSecuritySettings.allowedIps.length > 0) {
+        if (defaultSecuritySettings.ipAllowList && defaultSecuritySettings.ipAllowList.length > 0) {
           const isAllowed = this.securityManager.isIPAuthorized(
             remoteIP,
-            defaultSecuritySettings.allowedIps,
-            defaultSecuritySettings.blockedIps || []
+            defaultSecuritySettings.ipAllowList,
+            defaultSecuritySettings.ipBlockList || []
           );
           if (!isAllowed) {