@push.rocks/smartproxy 19.3.1 → 19.3.3

package/ts/proxies/smart-proxy/route-connection-handler.ts

@@ -1,21 +1,15 @@
 import * as plugins from '../../plugins.js';
-import type {
-  IConnectionRecord,
-  ISmartProxyOptions
-} from './models/interfaces.js';
+import type { IConnectionRecord, ISmartProxyOptions } from './models/interfaces.js';
 // Route checking functions have been removed
-import type {
-  IRouteConfig,
-  IRouteAction,
-  IRouteContext
-} from './models/route-types.js';
+import type { IRouteConfig, IRouteAction, IRouteContext } from './models/route-types.js';
 import { ConnectionManager } from './connection-manager.js';
 import { SecurityManager } from './security-manager.js';
 import { TlsManager } from './tls-manager.js';
-import { NetworkProxyBridge } from './network-proxy-bridge.js';
+import { HttpProxyBridge } from './http-proxy-bridge.js';
 import { TimeoutManager } from './timeout-manager.js';
 import { RouteManager } from './route-manager.js';
 import type { ForwardingHandler } from '../../forwarding/handlers/base-handler.js';
+import { RedirectHandler, StaticHandler } from '../http-proxy/handlers/index.js';
 
 /**
  * Handles new connection processing and setup logic with support for route-based configuration
@@ -31,7 +25,7 @@ export class RouteConnectionHandler {
     private connectionManager: ConnectionManager,
     private securityManager: SecurityManager,
     private tlsManager: TlsManager,
-    private networkProxyBridge: NetworkProxyBridge,
+    private httpProxyBridge: HttpProxyBridge,
     private timeoutManager: TimeoutManager,
     private routeManager: RouteManager
   ) {
@@ -75,7 +69,7 @@ export class RouteConnectionHandler {
 
       // Additional properties
       timestamp: Date.now(),
-      connectionId: options.connectionId
+      connectionId: options.connectionId,
     };
   }
 
@@ -232,16 +226,19 @@ export class RouteConnectionHandler {
             console.log(`[${connectionId}] No SNI detected in TLS ClientHello; sending TLS alert.`);
             if (record.incomingTerminationReason === null) {
               record.incomingTerminationReason = 'session_ticket_blocked_no_sni';
-              this.connectionManager.incrementTerminationStat('incoming', 'session_ticket_blocked_no_sni');
+              this.connectionManager.incrementTerminationStat(
+                'incoming',
+                'session_ticket_blocked_no_sni'
+              );
             }
             const alert = Buffer.from([0x15, 0x03, 0x03, 0x00, 0x02, 0x01, 0x70]);
-            try { 
-              socket.cork(); 
-              socket.write(alert); 
-              socket.uncork(); 
-              socket.end(); 
-            } catch { 
-              socket.end(); 
+            try {
+              socket.cork();
+              socket.write(alert);
+              socket.uncork();
+              socket.end();
+            } catch {
+              socket.end();
             }
             this.connectionManager.cleanupConnection(record, 'session_ticket_blocked_no_sni');
             return;
@@ -262,7 +259,7 @@ export class RouteConnectionHandler {
    * Route the connection based on match criteria
    */
   private routeConnection(
-    socket: plugins.net.Socket, 
+    socket: plugins.net.Socket,
     record: IConnectionRecord,
     serverName: string,
     initialChunk?: Buffer
@@ -277,11 +274,13 @@ export class RouteConnectionHandler {
       domain: serverName,
       clientIp: remoteIP,
       path: undefined, // We don't have path info at this point
-      tlsVersion: undefined // We don't extract TLS version yet
+      tlsVersion: undefined, // We don't extract TLS version yet
     });
 
     if (!routeMatch) {
-      console.log(`[${connectionId}] No route found for ${serverName || 'connection'} on port ${localPort}`);
+      console.log(
+        `[${connectionId}] No route found for ${serverName || 'connection'} on port ${localPort}`
+      );
 
       // No matching route, use default/fallback handling
       console.log(`[${connectionId}] Using default route handling for connection`);
@@ -304,7 +303,7 @@ export class RouteConnectionHandler {
           }
         }
       }
-      
+
       // Setup direct connection with default settings
       if (this.settings.defaults?.target) {
         // Use defaults from configuration
@@ -328,54 +327,56 @@ export class RouteConnectionHandler {
         return;
       }
     }
-    
+
     // A matching route was found
     const route = routeMatch.route;
-    
+
     if (this.settings.enableDetailedLogging) {
       console.log(
-        `[${connectionId}] Route matched: "${route.name || 'unnamed'}" for ${serverName || 'connection'} on port ${localPort}`
+        `[${connectionId}] Route matched: "${route.name || 'unnamed'}" for ${
+          serverName || 'connection'
+        } on port ${localPort}`
       );
     }
-    
+
     // Check if this route uses NFTables for forwarding
     if (route.action.forwardingEngine === 'nftables') {
       // For NFTables routes, we don't need to do anything at the application level
       // The packet is forwarded at the kernel level
-      
+
       // Log the connection
       console.log(
         `[${connectionId}] Connection forwarded by NFTables: ${record.remoteIP} -> port ${record.localPort}`
       );
-      
+
       // Just close the socket in our application since it's handled at kernel level
       socket.end();
       this.connectionManager.cleanupConnection(record, 'nftables_handled');
       return;
     }
-    
+
     // Handle the route based on its action type
     switch (route.action.type) {
       case 'forward':
         return this.handleForwardAction(socket, record, route, initialChunk);
-      
+
       case 'redirect':
         return this.handleRedirectAction(socket, record, route);
-      
+
       case 'block':
         return this.handleBlockAction(socket, record, route);
-      
+
       case 'static':
         this.handleStaticAction(socket, record, route);
         return;
-      
+
       default:
         console.log(`[${connectionId}] Unknown action type: ${(route.action as any).type}`);
         socket.end();
         this.connectionManager.cleanupConnection(record, 'unknown_action');
     }
   }
-  
+
   /**
    * Handle a forward action for a route
    */
@@ -394,33 +395,35 @@ export class RouteConnectionHandler {
       if (this.settings.enableDetailedLogging) {
         console.log(
           `[${record.id}] Connection forwarded by NFTables (kernel-level): ` +
-          `${record.remoteIP}:${socket.remotePort} -> ${socket.localAddress}:${record.localPort}` +
-          ` (Route: "${route.name || 'unnamed'}", Domain: ${record.lockedDomain || 'n/a'})`
+            `${record.remoteIP}:${socket.remotePort} -> ${socket.localAddress}:${record.localPort}` +
+            ` (Route: "${route.name || 'unnamed'}", Domain: ${record.lockedDomain || 'n/a'})`
         );
       } else {
         console.log(
-          `[${record.id}] NFTables forwarding: ${record.remoteIP} -> port ${record.localPort} (Route: "${route.name || 'unnamed'}")`
+          `[${record.id}] NFTables forwarding: ${record.remoteIP} -> port ${
+            record.localPort
+          } (Route: "${route.name || 'unnamed'}")`
         );
       }
-      
+
       // Additional NFTables-specific logging if configured
       if (action.nftables) {
         const nftConfig = action.nftables;
         if (this.settings.enableDetailedLogging) {
           console.log(
             `[${record.id}] NFTables config: ` +
-            `protocol=${nftConfig.protocol || 'tcp'}, ` +
-            `preserveSourceIP=${nftConfig.preserveSourceIP || false}, ` +
-            `priority=${nftConfig.priority || 'default'}, ` +
-            `maxRate=${nftConfig.maxRate || 'unlimited'}`
+              `protocol=${nftConfig.protocol || 'tcp'}, ` +
+              `preserveSourceIP=${nftConfig.preserveSourceIP || false}, ` +
+              `priority=${nftConfig.priority || 'default'}, ` +
+              `maxRate=${nftConfig.maxRate || 'unlimited'}`
           );
         }
       }
-      
+
       // This connection is handled at the kernel level, no need to process at application level
       // Close the socket gracefully in our application layer
       socket.end();
-      
+
       // Mark the connection as handled by NFTables for proper cleanup
       record.nftablesHandled = true;
       this.connectionManager.initiateCleanupOnce(record, 'nftables_handled');
@@ -445,7 +448,7 @@ export class RouteConnectionHandler {
       isTls: record.isTLS || false,
       tlsVersion: record.tlsVersion,
       routeName: route.name,
-      routeId: route.id
+      routeId: route.id,
     });
 
     // Cache the context for potential reuse
@@ -457,7 +460,11 @@ export class RouteConnectionHandler {
       try {
         targetHost = action.target.host(routeContext);
         if (this.settings.enableDetailedLogging) {
-          console.log(`[${connectionId}] Dynamic host resolved to: ${Array.isArray(targetHost) ? targetHost.join(', ') : targetHost}`);
+          console.log(
+            `[${connectionId}] Dynamic host resolved to: ${
+              Array.isArray(targetHost) ? targetHost.join(', ') : targetHost
+            }`
+          );
         }
       } catch (err) {
         console.log(`[${connectionId}] Error in host mapping function: ${err}`);
@@ -480,7 +487,9 @@ export class RouteConnectionHandler {
       try {
         targetPort = action.target.port(routeContext);
         if (this.settings.enableDetailedLogging) {
-          console.log(`[${connectionId}] Dynamic port mapping: ${record.localPort} -> ${targetPort}`);
+          console.log(
+            `[${connectionId}] Dynamic port mapping: ${record.localPort} -> ${targetPort}`
+          );
         }
         // Store the resolved target port in the context for potential future use
         routeContext.targetPort = targetPort;
@@ -509,7 +518,7 @@ export class RouteConnectionHandler {
           if (this.settings.enableDetailedLogging) {
             console.log(`[${connectionId}] Using TLS passthrough to ${selectedHost}:${targetPort}`);
           }
-          
+
           return this.setupDirectConnection(
             socket,
             record,
@@ -519,48 +528,50 @@ export class RouteConnectionHandler {
             selectedHost,
             targetPort
           );
-          
+
         case 'terminate':
         case 'terminate-and-reencrypt':
-          // For TLS termination, use NetworkProxy
-          if (this.networkProxyBridge.getNetworkProxy()) {
+          // For TLS termination, use HttpProxy
+          if (this.httpProxyBridge.getHttpProxy()) {
             if (this.settings.enableDetailedLogging) {
               console.log(
-                `[${connectionId}] Using NetworkProxy for TLS termination to ${action.target.host}`
+                `[${connectionId}] Using HttpProxy for TLS termination to ${action.target.host}`
               );
             }
-            
+
             // If we have an initial chunk with TLS data, start processing it
             if (initialChunk && record.isTLS) {
-              this.networkProxyBridge.forwardToNetworkProxy(
+              this.httpProxyBridge.forwardToHttpProxy(
                 connectionId,
                 socket,
                 record,
                 initialChunk,
-                this.settings.networkProxyPort,
+                this.settings.httpProxyPort || 8443,
                 (reason) => this.connectionManager.initiateCleanupOnce(record, reason)
               );
               return;
             }
-            
+
             // This shouldn't normally happen - we should have TLS data at this point
             console.log(`[${connectionId}] TLS termination route without TLS data`);
             socket.end();
             this.connectionManager.cleanupConnection(record, 'tls_error');
             return;
           } else {
-            console.log(`[${connectionId}] NetworkProxy not available for TLS termination`);
+            console.log(`[${connectionId}] HttpProxy not available for TLS termination`);
             socket.end();
-            this.connectionManager.cleanupConnection(record, 'no_network_proxy');
+            this.connectionManager.cleanupConnection(record, 'no_http_proxy');
             return;
           }
       }
     } else {
       // No TLS settings - basic forwarding
       if (this.settings.enableDetailedLogging) {
-        console.log(`[${connectionId}] Using basic forwarding to ${action.target.host}:${action.target.port}`);
+        console.log(
+          `[${connectionId}] Using basic forwarding to ${action.target.host}:${action.target.port}`
+        );
       }
-      
+
       // Get the appropriate host value
       let targetHost: string;
 
@@ -602,7 +613,7 @@ export class RouteConnectionHandler {
       );
     }
   }
-  
+
   /**
    * Handle a redirect action for a route
    */
@@ -611,87 +622,22 @@ export class RouteConnectionHandler {
     record: IConnectionRecord,
     route: IRouteConfig
   ): void {
-    const connectionId = record.id;
-    const action = route.action;
-    
-    // We should have a redirect configuration
-    if (!action.redirect) {
-      console.log(`[${connectionId}] Redirect action missing redirect configuration`);
-      socket.end();
-      this.connectionManager.cleanupConnection(record, 'missing_redirect');
-      return;
-    }
-    
     // For TLS connections, we can't do redirects at the TCP level
     if (record.isTLS) {
-      console.log(`[${connectionId}] Cannot redirect TLS connection at TCP level`);
+      console.log(`[${record.id}] Cannot redirect TLS connection at TCP level`);
       socket.end();
       this.connectionManager.cleanupConnection(record, 'tls_redirect_error');
       return;
     }
-    
-    // Wait for the first HTTP request to perform the redirect
-    const dataListeners: ((chunk: Buffer) => void)[] = [];
-    
-    const httpDataHandler = (chunk: Buffer) => {
-      // Remove all data listeners to avoid duplicated processing
-      for (const listener of dataListeners) {
-        socket.removeListener('data', listener);
-      }
-      
-      // Parse HTTP request to get path
-      try {
-        const headersEnd = chunk.indexOf('\r\n\r\n');
-        if (headersEnd === -1) {
-          // Not a complete HTTP request, need more data
-          socket.once('data', httpDataHandler);
-          dataListeners.push(httpDataHandler);
-          return;
-        }
-        
-        const httpHeaders = chunk.slice(0, headersEnd).toString();
-        const requestLine = httpHeaders.split('\r\n')[0];
-        const [method, path] = requestLine.split(' ');
-        
-        // Extract Host header
-        const hostMatch = httpHeaders.match(/Host: (.+?)(\r\n|\r|\n|$)/i);
-        const host = hostMatch ? hostMatch[1].trim() : record.lockedDomain || '';
-        
-        // Process the redirect URL with template variables
-        let redirectUrl = action.redirect.to;
-        redirectUrl = redirectUrl.replace(/\{domain\}/g, host);
-        redirectUrl = redirectUrl.replace(/\{path\}/g, path || '');
-        redirectUrl = redirectUrl.replace(/\{port\}/g, record.localPort.toString());
-        
-        // Prepare the HTTP redirect response
-        const redirectResponse = [
-          `HTTP/1.1 ${action.redirect.status} Moved`,
-          `Location: ${redirectUrl}`,
-          'Connection: close',
-          'Content-Length: 0',
-          '',
-          ''
-        ].join('\r\n');
-        
-        if (this.settings.enableDetailedLogging) {
-          console.log(`[${connectionId}] Redirecting to ${redirectUrl} with status ${action.redirect.status}`);
-        }
-        
-        // Send the redirect response
-        socket.end(redirectResponse);
-        this.connectionManager.initiateCleanupOnce(record, 'redirect_complete');
-      } catch (err) {
-        console.log(`[${connectionId}] Error processing HTTP redirect: ${err}`);
-        socket.end();
-        this.connectionManager.initiateCleanupOnce(record, 'redirect_error');
-      }
-    };
-    
-    // Setup the HTTP data handler
-    socket.once('data', httpDataHandler);
-    dataListeners.push(httpDataHandler);
+
+    // Delegate to HttpProxy's RedirectHandler
+    RedirectHandler.handleRedirect(socket, route, {
+      connectionId: record.id,
+      connectionManager: this.connectionManager,
+      settings: this.settings
+    });
   }
-  
+
   /**
    * Handle a block action for a route
    */
@@ -701,16 +647,18 @@ export class RouteConnectionHandler {
     route: IRouteConfig
   ): void {
     const connectionId = record.id;
-    
+
     if (this.settings.enableDetailedLogging) {
-      console.log(`[${connectionId}] Blocking connection based on route "${route.name || 'unnamed'}"`);
+      console.log(
+        `[${connectionId}] Blocking connection based on route "${route.name || 'unnamed'}"`
+      );
     }
-    
+
     // Simply close the connection
     socket.end();
     this.connectionManager.initiateCleanupOnce(record, 'route_blocked');
   }
-  
+
   /**
    * Handle a static action for a route
    */
@@ -719,150 +667,14 @@ export class RouteConnectionHandler {
     record: IConnectionRecord,
     route: IRouteConfig
   ): Promise<void> {
-    const connectionId = record.id;
-    
-    if (!route.action.handler) {
-      console.error(`[${connectionId}] Static route '${route.name}' has no handler`);
-      socket.end();
-      this.connectionManager.cleanupConnection(record, 'no_handler');
-      return;
-    }
-    
-    let buffer = Buffer.alloc(0);
-    
-    const handleHttpData = async (chunk: Buffer) => {
-      buffer = Buffer.concat([buffer, chunk]);
-      
-      // Look for end of HTTP headers
-      const headerEndIndex = buffer.indexOf('\r\n\r\n');
-      if (headerEndIndex === -1) {
-        // Need more data
-        if (buffer.length > 8192) { // Prevent excessive buffering
-          console.error(`[${connectionId}] HTTP headers too large`);
-          socket.end();
-          this.connectionManager.cleanupConnection(record, 'headers_too_large');
-        }
-        return;
-      }
-      
-      // Parse the HTTP request
-      const headerBuffer = buffer.slice(0, headerEndIndex);
-      const headers = headerBuffer.toString();
-      const lines = headers.split('\r\n');
-      
-      if (lines.length === 0) {
-        console.error(`[${connectionId}] Invalid HTTP request`);
-        socket.end();
-        this.connectionManager.cleanupConnection(record, 'invalid_request');
-        return;
-      }
-      
-      // Parse request line
-      const requestLine = lines[0];
-      const requestParts = requestLine.split(' ');
-      if (requestParts.length < 3) {
-        console.error(`[${connectionId}] Invalid HTTP request line`);
-        socket.end();
-        this.connectionManager.cleanupConnection(record, 'invalid_request_line');
-        return;
-      }
-      
-      const [method, path, httpVersion] = requestParts;
-      
-      // Parse headers
-      const headersMap: Record<string, string> = {};
-      for (let i = 1; i < lines.length; i++) {
-        const colonIndex = lines[i].indexOf(':');
-        if (colonIndex > 0) {
-          const key = lines[i].slice(0, colonIndex).trim().toLowerCase();
-          const value = lines[i].slice(colonIndex + 1).trim();
-          headersMap[key] = value;
-        }
-      }
-      
-      // Extract query string if present
-      let pathname = path;
-      let query: string | undefined;
-      const queryIndex = path.indexOf('?');
-      if (queryIndex !== -1) {
-        pathname = path.slice(0, queryIndex);
-        query = path.slice(queryIndex + 1);
-      }
-      
-      try {
-        // Build route context with parsed HTTP information
-        const context: IRouteContext = {
-          port: record.localPort,
-          domain: record.lockedDomain || headersMap['host']?.split(':')[0],
-          clientIp: record.remoteIP,
-          serverIp: socket.localAddress!,
-          path: pathname,
-          query: query,
-          headers: headersMap,
-          method: method,
-          isTls: record.isTLS,
-          tlsVersion: record.tlsVersion,
-          routeName: route.name,
-          routeId: route.name,
-          timestamp: Date.now(),
-          connectionId
-        };
-        
-        // Remove the data listener since we're handling the request
-        socket.removeListener('data', handleHttpData);
-        
-        // Call the handler with the properly parsed context
-        const response = await route.action.handler(context);
-        
-        // Prepare the HTTP response
-        const responseHeaders = response.headers || {};
-        const contentLength = Buffer.byteLength(response.body || '');
-        responseHeaders['Content-Length'] = contentLength.toString();
-        
-        if (!responseHeaders['Content-Type']) {
-          responseHeaders['Content-Type'] = 'text/plain';
-        }
-        
-        // Build the response
-        let httpResponse = `HTTP/1.1 ${response.status} ${getStatusText(response.status)}\r\n`;
-        for (const [key, value] of Object.entries(responseHeaders)) {
-          httpResponse += `${key}: ${value}\r\n`;
-        }
-        httpResponse += '\r\n';
-        
-        // Send response
-        socket.write(httpResponse);
-        if (response.body) {
-          socket.write(response.body);
-        }
-        socket.end();
-        
-        this.connectionManager.cleanupConnection(record, 'completed');
-      } catch (error) {
-        console.error(`[${connectionId}] Error in static handler: ${error}`);
-        
-        // Send error response
-        const errorResponse = 'HTTP/1.1 500 Internal Server Error\r\n' +
-                            'Content-Type: text/plain\r\n' +
-                            'Content-Length: 21\r\n' +
-                            '\r\n' +
-                            'Internal Server Error';
-        socket.write(errorResponse);
-        socket.end();
-        
-        this.connectionManager.cleanupConnection(record, 'handler_error');
-      }
-    };
-    
-    // Listen for data
-    socket.on('data', handleHttpData);
-    
-    // Ensure cleanup on socket close
-    socket.once('close', () => {
-      socket.removeListener('data', handleHttpData);
-    });
+    // Delegate to HttpProxy's StaticHandler
+    await StaticHandler.handleStatic(socket, route, {
+      connectionId: record.id,
+      connectionManager: this.connectionManager,
+      settings: this.settings
+    }, record);
   }
-  
+
   /**
    * Sets up a direct connection to the target
    */
@@ -878,22 +690,23 @@ export class RouteConnectionHandler {
     const connectionId = record.id;
 
     // Determine target host and port if not provided
-    const finalTargetHost = targetHost ||
-      record.targetHost ||
-      (this.settings.defaults?.target?.host || 'localhost');
+    const finalTargetHost =
+      targetHost || record.targetHost || this.settings.defaults?.target?.host || 'localhost';
 
     // Determine target port
-    const finalTargetPort = targetPort ||
+    const finalTargetPort =
+      targetPort ||
       record.targetPort ||
-      (overridePort !== undefined ? overridePort :
-       (this.settings.defaults?.target?.port || 443));
+      (overridePort !== undefined ? overridePort : this.settings.defaults?.target?.port || 443);
 
     // Update record with final target information
     record.targetHost = finalTargetHost;
     record.targetPort = finalTargetPort;
 
     if (this.settings.enableDetailedLogging) {
-      console.log(`[${connectionId}] Setting up direct connection to ${finalTargetHost}:${finalTargetPort}`);
+      console.log(
+        `[${connectionId}] Setting up direct connection to ${finalTargetHost}:${finalTargetPort}`
+      );
     }
 
     // Setup connection options
@@ -906,53 +719,53 @@ export class RouteConnectionHandler {
     if (this.settings.defaults?.preserveSourceIP || this.settings.preserveSourceIP) {
       connectionOptions.localAddress = record.remoteIP.replace('::ffff:', '');
     }
-    
+
     // Create a safe queue for incoming data
     const dataQueue: Buffer[] = [];
     let queueSize = 0;
     let processingQueue = false;
     let drainPending = false;
     let pipingEstablished = false;
-    
+
     // Pause the incoming socket to prevent buffer overflows
     socket.pause();
-    
+
     // Function to safely process the data queue without losing events
     const processDataQueue = () => {
       if (processingQueue || dataQueue.length === 0 || pipingEstablished) return;
-      
+
       processingQueue = true;
-      
+
       try {
         // Process all queued chunks with the current active handler
         while (dataQueue.length > 0) {
           const chunk = dataQueue.shift()!;
           queueSize -= chunk.length;
-          
+
           // Once piping is established, we shouldn't get here,
           // but just in case, pass to the outgoing socket directly
           if (pipingEstablished && record.outgoing) {
             record.outgoing.write(chunk);
             continue;
           }
-          
+
           // Track bytes received
           record.bytesReceived += chunk.length;
-          
+
           // Check for TLS handshake
           if (!record.isTLS && this.tlsManager.isTlsHandshake(chunk)) {
             record.isTLS = true;
-            
+
             if (this.settings.enableTlsDebugLogging) {
               console.log(
                 `[${connectionId}] TLS handshake detected in tempDataHandler, ${chunk.length} bytes`
               );
             }
           }
-          
+
           // Check if adding this chunk would exceed the buffer limit
           const newSize = record.pendingDataSize + chunk.length;
-          
+
           if (this.settings.maxPendingDataSize && newSize > this.settings.maxPendingDataSize) {
             console.log(
               `[${connectionId}] Buffer limit exceeded for connection from ${record.remoteIP}: ${newSize} bytes > ${this.settings.maxPendingDataSize} bytes`
@@ -961,7 +774,7 @@ export class RouteConnectionHandler {
             this.connectionManager.initiateCleanupOnce(record, 'buffer_limit_exceeded');
             return;
           }
-          
+
           // Buffer the chunk and update the size counter
           record.pendingData.push(Buffer.from(chunk));
           record.pendingDataSize = newSize;
@@ -969,7 +782,7 @@ export class RouteConnectionHandler {
         }
       } finally {
         processingQueue = false;
-        
+
         // If there's a pending drain and we've processed everything,
         // signal we're ready for more data if we haven't established piping yet
         if (drainPending && dataQueue.length === 0 && !pipingEstablished) {
@@ -978,48 +791,48 @@ export class RouteConnectionHandler {
         }
       }
     };
-    
+
     // Unified data handler that safely queues incoming data
     const safeDataHandler = (chunk: Buffer) => {
       // If piping is already established, just let the pipe handle it
       if (pipingEstablished) return;
-      
+
       // Add to our queue for orderly processing
       dataQueue.push(Buffer.from(chunk)); // Make a copy to be safe
       queueSize += chunk.length;
-      
+
       // If queue is getting large, pause socket until we catch up
       if (this.settings.maxPendingDataSize && queueSize > this.settings.maxPendingDataSize * 0.8) {
         socket.pause();
         drainPending = true;
       }
-      
+
       // Process the queue
       processDataQueue();
     };
-    
+
     // Add our safe data handler
     socket.on('data', safeDataHandler);
-    
+
     // Add initial chunk to pending data if present
     if (initialChunk) {
       record.bytesReceived += initialChunk.length;
       record.pendingData.push(Buffer.from(initialChunk));
       record.pendingDataSize = initialChunk.length;
     }
-    
+
     // Create the target socket but don't set up piping immediately
     const targetSocket = plugins.net.connect(connectionOptions);
     record.outgoing = targetSocket;
     record.outgoingStartTime = Date.now();
-    
+
     // Apply socket optimizations
     targetSocket.setNoDelay(this.settings.noDelay);
-    
+
     // Apply keep-alive settings to the outgoing connection as well
     if (this.settings.keepAlive) {
       targetSocket.setKeepAlive(true, this.settings.keepAliveInitialDelay);
-      
+
       // Apply enhanced TCP keep-alive options if enabled
       if (this.settings.enableKeepAliveProbes) {
         try {
@@ -1039,7 +852,7 @@ export class RouteConnectionHandler {
         }
       }
     }
-    
+
     // Setup specific error handler for connection phase
     targetSocket.once('error', (err) => {
       // This handler runs only once during the initial connection phase
@@ -1047,10 +860,10 @@ export class RouteConnectionHandler {
       console.log(
         `[${connectionId}] Connection setup error to ${finalTargetHost}:${connectionOptions.port}: ${err.message} (${code})`
       );
-      
+
       // Resume the incoming socket to prevent it from hanging
       socket.resume();
-      
+
       if (code === 'ECONNREFUSED') {
         console.log(
           `[${connectionId}] Target ${finalTargetHost}:${connectionOptions.port} refused connection`
@@ -1066,28 +879,28 @@ export class RouteConnectionHandler {
       } else if (code === 'EHOSTUNREACH') {
         console.log(`[${connectionId}] Host ${finalTargetHost} is unreachable`);
       }
-      
+
       // Clear any existing error handler after connection phase
       targetSocket.removeAllListeners('error');
-      
+
       // Re-add the normal error handler for established connections
       targetSocket.on('error', this.connectionManager.handleError('outgoing', record));
-      
+
       if (record.outgoingTerminationReason === null) {
         record.outgoingTerminationReason = 'connection_failed';
         this.connectionManager.incrementTerminationStat('outgoing', 'connection_failed');
       }
-      
+
       // Route-based configuration doesn't use domain handlers
-      
+
       // Clean up the connection
       this.connectionManager.initiateCleanupOnce(record, `connection_failed_${code}`);
     });
-    
+
     // Setup close handler
     targetSocket.on('close', this.connectionManager.handleClose('outgoing', record));
     socket.on('close', this.connectionManager.handleClose('incoming', record));
-    
+
     // Handle timeouts with keep-alive awareness
     socket.on('timeout', () => {
       // For keep-alive connections, just log a warning instead of closing
@@ -1101,7 +914,7 @@ export class RouteConnectionHandler {
         );
         return;
       }
-      
+
       // For non-keep-alive connections, proceed with normal cleanup
       console.log(
         `[${connectionId}] Timeout on incoming side from ${
@@ -1114,7 +927,7 @@ export class RouteConnectionHandler {
       }
       this.connectionManager.initiateCleanupOnce(record, 'timeout_incoming');
     });
-    
+
     targetSocket.on('timeout', () => {
       // For keep-alive connections, just log a warning instead of closing
       if (record.hasKeepAlive) {
@@ -1127,7 +940,7 @@ export class RouteConnectionHandler {
         );
         return;
       }
-      
+
       // For non-keep-alive connections, proceed with normal cleanup
       console.log(
         `[${connectionId}] Timeout on outgoing side from ${
@@ -1140,40 +953,40 @@ export class RouteConnectionHandler {
       }
       this.connectionManager.initiateCleanupOnce(record, 'timeout_outgoing');
     });
-    
+
     // Apply socket timeouts
     this.timeoutManager.applySocketTimeouts(record);
-    
+
     // Track outgoing data for bytes counting
     targetSocket.on('data', (chunk: Buffer) => {
       record.bytesSent += chunk.length;
       this.timeoutManager.updateActivity(record);
     });
-    
+
     // Wait for the outgoing connection to be ready before setting up piping
     targetSocket.once('connect', () => {
       // Clear the initial connection error handler
       targetSocket.removeAllListeners('error');
-      
+
       // Add the normal error handler for established connections
       targetSocket.on('error', this.connectionManager.handleError('outgoing', record));
-      
+
       // Process any remaining data in the queue before switching to piping
       processDataQueue();
-      
+
       // Set up piping immediately
       pipingEstablished = true;
-      
+
       // Flush all pending data to target
       if (record.pendingData.length > 0) {
         const combinedData = Buffer.concat(record.pendingData);
-        
+
         if (this.settings.enableDetailedLogging) {
           console.log(
             `[${connectionId}] Forwarding ${combinedData.length} bytes of initial data to target`
           );
         }
-        
+
         // Write pending data immediately
         targetSocket.write(combinedData, (err) => {
           if (err) {
@@ -1181,19 +994,19 @@ export class RouteConnectionHandler {
             return this.connectionManager.initiateCleanupOnce(record, 'write_error');
           }
         });
-        
+
         // Clear the buffer now that we've processed it
         record.pendingData = [];
         record.pendingDataSize = 0;
       }
-      
+
       // Setup piping in both directions without any delays
       socket.pipe(targetSocket);
       targetSocket.pipe(socket);
-      
+
       // Resume the socket to ensure data flows
       socket.resume();
-      
+
       // Process any data that might be queued in the interim
       if (dataQueue.length > 0) {
         // Write any remaining queued data directly to the target socket
@@ -1204,7 +1017,7 @@ export class RouteConnectionHandler {
         dataQueue.length = 0;
         queueSize = 0;
       }
-      
+
       if (this.settings.enableDetailedLogging) {
         console.log(
           `[${connectionId}] Connection established: ${record.remoteIP} -> ${finalTargetHost}:${connectionOptions.port}` +
@@ -1231,7 +1044,7 @@ export class RouteConnectionHandler {
             }`
         );
       }
-      
+
       // Add the renegotiation handler for SNI validation
       if (serverName) {
         // Create connection info object for the existing connection
@@ -1241,7 +1054,7 @@ export class RouteConnectionHandler {
           destIp: record.incoming.localAddress || '',
           destPort: record.incoming.localPort || 0,
         };
-        
+
         // Create a renegotiation handler function
         const renegotiationHandler = this.tlsManager.createRenegotiationHandler(
           connectionId,
@@ -1249,13 +1062,13 @@ export class RouteConnectionHandler {
           connInfo,
           (connectionId, reason) => this.connectionManager.initiateCleanupOnce(record, reason)
         );
-        
+
         // Store the handler in the connection record so we can remove it during cleanup
         record.renegotiationHandler = renegotiationHandler;
-        
+
         // Add the handler to the socket
         socket.on('data', renegotiationHandler);
-        
+
         if (this.settings.enableDetailedLogging) {
           console.log(
             `[${connectionId}] TLS renegotiation handler installed for SNI domain: ${serverName}`
@@ -1267,7 +1080,7 @@ export class RouteConnectionHandler {
           }
         }
       }
-      
+
       // Set connection timeout
       record.cleanupTimer = this.timeoutManager.setupConnectionTimeout(record, (record, reason) => {
         console.log(
@@ -1275,11 +1088,11 @@ export class RouteConnectionHandler {
         );
         this.connectionManager.initiateCleanupOnce(record, reason);
       });
-      
+
       // Mark TLS handshake as complete for TLS connections
       if (record.isTLS) {
         record.tlsHandshakeComplete = true;
-        
+
         if (this.settings.enableTlsDebugLogging) {
           console.log(
             `[${connectionId}] TLS handshake complete for connection from ${record.remoteIP}`
@@ -1290,12 +1103,3 @@ export class RouteConnectionHandler {
   }
 }
 
-// Helper function for status text
-function getStatusText(status: number): string {
-  const statusTexts: Record<number, string> = {
-    200: 'OK',
-    404: 'Not Found',
-    500: 'Internal Server Error'
-  };
-  return statusTexts[status] || 'Unknown';
-}