@push.rocks/smartproxy 21.1.7 → 22.4.2

package/dist_ts/proxies/smart-proxy/utils/route-helpers/load-balancer-helpers.js

@@ -0,0 +1,105 @@
+/**
+ * Load Balancer Route Helper Functions
+ *
+ * This module provides utility functions for creating load balancer route configurations.
+ */
+/**
+ * Create a load balancer route (round-robin between multiple backend hosts)
+ * @param domains Domain(s) to match
+ * @param backendsOrHosts Array of backend servers OR array of host strings (legacy)
+ * @param portOrOptions Port number (legacy) OR options object
+ * @param options Additional route options (legacy)
+ * @returns Route configuration object
+ */
+export function createLoadBalancerRoute(domains, backendsOrHosts, portOrOptions, options) {
+    // Handle legacy signature: (domains, hosts[], port, options)
+    let backends;
+    let finalOptions;
+    if (Array.isArray(backendsOrHosts) && backendsOrHosts.length > 0 && typeof backendsOrHosts[0] === 'string') {
+        // Legacy signature
+        const hosts = backendsOrHosts;
+        const port = portOrOptions;
+        backends = hosts.map(host => ({ host, port }));
+        finalOptions = options || {};
+    }
+    else {
+        // New signature
+        backends = backendsOrHosts;
+        finalOptions = portOrOptions || {};
+    }
+    // Extract hosts and ensure all backends use the same port
+    const port = backends[0].port;
+    const hosts = backends.map(backend => backend.host);
+    // Create route match
+    const match = {
+        ports: finalOptions.match?.ports || (finalOptions.tls || finalOptions.useTls ? 443 : 80),
+        domains
+    };
+    // Create route target
+    const target = {
+        host: hosts,
+        port
+    };
+    // Create route action
+    const action = {
+        type: 'forward',
+        targets: [target]
+    };
+    // Add TLS configuration if provided
+    if (finalOptions.tls || finalOptions.useTls) {
+        action.tls = {
+            mode: finalOptions.tls?.mode || 'terminate',
+            certificate: finalOptions.tls?.certificate || finalOptions.certificate || 'auto'
+        };
+    }
+    // Add load balancing options
+    if (finalOptions.algorithm || finalOptions.healthCheck) {
+        action.loadBalancing = {
+            algorithm: finalOptions.algorithm || 'round-robin',
+            healthCheck: finalOptions.healthCheck
+        };
+    }
+    // Create the route config
+    return {
+        match,
+        action,
+        name: finalOptions.name || `Load Balancer for ${Array.isArray(domains) ? domains.join(', ') : domains}`,
+        ...finalOptions
+    };
+}
+/**
+ * Create a smart load balancer with dynamic domain-based backend selection
+ * @param options Smart load balancer options
+ * @returns Route configuration object
+ */
+export function createSmartLoadBalancer(options) {
+    // Extract all domain keys to create the match criteria
+    const domains = Object.keys(options.domainTargets);
+    // Create the smart host selector function
+    const hostSelector = (context) => {
+        const domain = context.domain || '';
+        return options.domainTargets[domain] || options.defaultTarget || 'localhost';
+    };
+    // Create route match
+    const match = {
+        ports: options.ports,
+        domains
+    };
+    // Create route action
+    const action = {
+        type: 'forward',
+        targets: [{
+                host: hostSelector,
+                port: options.portMapper
+            }]
+    };
+    // Create the route config
+    return {
+        match,
+        action,
+        name: options.name || `Smart Load Balancer for ${domains.join(', ')}`,
+        priority: options.priority,
+        ...options
+    };
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibG9hZC1iYWxhbmNlci1oZWxwZXJzLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vLi4vLi4vLi4vLi4vdHMvcHJveGllcy9zbWFydC1wcm94eS91dGlscy9yb3V0ZS1oZWxwZXJzL2xvYWQtYmFsYW5jZXItaGVscGVycy50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQTs7OztHQUlHO0FBSUg7Ozs7Ozs7R0FPRztBQUNILE1BQU0sVUFBVSx1QkFBdUIsQ0FDckMsT0FBMEIsRUFDMUIsZUFBaUUsRUFDakUsYUFnQkMsRUFDRCxPQU1DO0lBRUQsNkRBQTZEO0lBQzdELElBQUksUUFBK0MsQ0FBQztJQUNwRCxJQUFJLFlBQWlCLENBQUM7SUFFdEIsSUFBSSxLQUFLLENBQUMsT0FBTyxDQUFDLGVBQWUsQ0FBQyxJQUFJLGVBQWUsQ0FBQyxNQUFNLEdBQUcsQ0FBQyxJQUFJLE9BQU8sZUFBZSxDQUFDLENBQUMsQ0FBQyxLQUFLLFFBQVEsRUFBRSxDQUFDO1FBQzNHLG1CQUFtQjtRQUNuQixNQUFNLEtBQUssR0FBRyxlQUEyQixDQUFDO1FBQzFDLE1BQU0sSUFBSSxHQUFHLGFBQXVCLENBQUM7UUFDckMsUUFBUSxHQUFHLEtBQUssQ0FBQyxHQUFHLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQyxDQUFDLEVBQUUsSUFBSSxFQUFFLElBQUksRUFBRSxDQUFDLENBQUMsQ0FBQztRQUMvQyxZQUFZLEdBQUcsT0FBTyxJQUFJLEVBQUUsQ0FBQztJQUMvQixDQUFDO1NBQU0sQ0FBQztRQUNOLGdCQUFnQjtRQUNoQixRQUFRLEdBQUcsZUFBd0QsQ0FBQztRQUNwRSxZQUFZLEdBQUksYUFBcUIsSUFBSSxFQUFFLENBQUM7SUFDOUMsQ0FBQztJQUVELDBEQUEwRDtJQUMxRCxNQUFNLElBQUksR0FBRyxRQUFRLENBQUMsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDO0lBQzlCLE1BQU0sS0FBSyxHQUFHLFFBQVEsQ0FBQyxHQUFHLENBQUMsT0FBTyxDQUFDLEVBQUUsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLENBQUM7SUFFcEQscUJBQXFCO0lBQ3JCLE1BQU0sS0FBSyxHQUFnQjtRQUN6QixLQUFLLEVBQUUsWUFBWSxDQUFDLEtBQUssRUFBRSxLQUFLLElBQUksQ0FBQyxZQUFZLENBQUMsR0FBRyxJQUFJLFlBQVksQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDO1FBQ3hGLE9BQU87S0FDUixDQUFDO0lBRUYsc0JBQXNCO0lBQ3RCLE1BQU0sTUFBTSxHQUFpQjtRQUMzQixJQUFJLEVBQUUsS0FBSztRQUNYLElBQUk7S0FDTCxDQUFDO0lBRUYsc0JBQXNCO0lBQ3RCLE1BQU0sTUFBTSxHQUFpQjtRQUMzQixJQUFJLEVBQUUsU0FBUztRQUNmLE9BQU8sRUFBRSxDQUFDLE1BQU0sQ0FBQztLQUNsQixDQUFDO0lBRUYsb0NBQW9DO0lBQ3BDLElBQUksWUFBWSxDQUFDLEdBQUcsSUFBSSxZQUFZLENBQUMsTUFBTSxFQUFFLENBQUM7UUFDNUMsTUFBTSxDQUFDLEdBQUcsR0FBRztZQUNYLElBQUksRUFBRSxZQUFZLENBQUMsR0FBRyxFQUFFLElBQUksSUFBSSxXQUFXO1lBQzNDLFdBQVcsRUFBRSxZQUFZLENBQUMsR0FBRyxFQUFFLFdBQVcsSUFBSSxZQUFZLENBQUMsV0FBVyxJQUFJLE1BQU07U0FDakYsQ0FBQztJQUNKLENBQUM7SUFFRCw2QkFBNkI7SUFDN0IsSUFBSSxZQUFZLENBQUMsU0FBUyxJQUFJLFlBQVksQ0FBQyxXQUFXLEVBQUUsQ0FBQztRQUN2RCxNQUFNLENBQUMsYUFBYSxHQUFHO1lBQ3JCLFNBQVMsRUFBRSxZQUFZLENBQUMsU0FBUyxJQUFJLGFBQWE7WUFDbEQsV0FBVyxFQUFFLFlBQVksQ0FBQyxXQUFXO1NBQ3RDLENBQUM7SUFDSixDQUFDO0lBRUQsMEJBQTBCO0lBQzFCLE9BQU87UUFDTCxLQUFLO1FBQ0wsTUFBTTtRQUNOLElBQUksRUFBRSxZQUFZLENBQUMsSUFBSSxJQUFJLHFCQUFxQixLQUFLLENBQUMsT0FBTyxDQUFDLE9BQU8sQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLElBQUksQ0FBQyxDQUFDLENBQUMsQ0FBQyxPQUFPLEVBQUU7UUFDdkcsR0FBRyxZQUFZO0tBQ2hCLENBQUM7QUFDSixDQUFDO0FBRUQ7Ozs7R0FJRztBQUNILE1BQU0sVUFBVSx1QkFBdUIsQ0FBQyxPQVF2QztJQUNDLHVEQUF1RDtJQUN2RCxNQUFNLE9BQU8sR0FBRyxNQUFNLENBQUMsSUFBSSxDQUFDLE9BQU8sQ0FBQyxhQUFhLENBQUMsQ0FBQztJQUVuRCwwQ0FBMEM7SUFDMUMsTUFBTSxZQUFZLEdBQUcsQ0FBQyxPQUFzQixFQUFFLEVBQUU7UUFDOUMsTUFBTSxNQUFNLEdBQUcsT0FBTyxDQUFDLE1BQU0sSUFBSSxFQUFFLENBQUM7UUFDcEMsT0FBTyxPQUFPLENBQUMsYUFBYSxDQUFDLE1BQU0sQ0FBQyxJQUFJLE9BQU8sQ0FBQyxhQUFhLElBQUksV0FBVyxDQUFDO0lBQy9FLENBQUMsQ0FBQztJQUVGLHFCQUFxQjtJQUNyQixNQUFNLEtBQUssR0FBZ0I7UUFDekIsS0FBSyxFQUFFLE9BQU8sQ0FBQyxLQUFLO1FBQ3BCLE9BQU87S0FDUixDQUFDO0lBRUYsc0JBQXNCO0lBQ3RCLE1BQU0sTUFBTSxHQUFpQjtRQUMzQixJQUFJLEVBQUUsU0FBUztRQUNmLE9BQU8sRUFBRSxDQUFDO2dCQUNSLElBQUksRUFBRSxZQUFZO2dCQUNsQixJQUFJLEVBQUUsT0FBTyxDQUFDLFVBQVU7YUFDekIsQ0FBQztLQUNILENBQUM7SUFFRiwwQkFBMEI7SUFDMUIsT0FBTztRQUNMLEtBQUs7UUFDTCxNQUFNO1FBQ04sSUFBSSxFQUFFLE9BQU8sQ0FBQyxJQUFJLElBQUksMkJBQTJCLE9BQU8sQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUU7UUFDckUsUUFBUSxFQUFFLE9BQU8sQ0FBQyxRQUFRO1FBQzFCLEdBQUcsT0FBTztLQUNYLENBQUM7QUFDSixDQUFDIn0=

package/dist_ts/proxies/smart-proxy/utils/route-helpers/nftables-helpers.d.ts

@@ -0,0 +1,83 @@
+/**
+ * NFTables Route Helper Functions
+ *
+ * This module provides utility functions for creating NFTables-based route configurations
+ * for high-performance packet forwarding at the kernel level.
+ */
+import type { IRouteConfig, TPortRange } from '../../models/route-types.js';
+/**
+ * Create an NFTables-based route for high-performance packet forwarding
+ * @param nameOrDomains Name or domain(s) to match
+ * @param target Target host and port
+ * @param options Additional route options
+ * @returns Route configuration object
+ */
+export declare function createNfTablesRoute(nameOrDomains: string | string[], target: {
+    host: string;
+    port: number | 'preserve';
+}, options?: {
+    ports?: TPortRange;
+    protocol?: 'tcp' | 'udp' | 'all';
+    preserveSourceIP?: boolean;
+    ipAllowList?: string[];
+    ipBlockList?: string[];
+    maxRate?: string;
+    priority?: number;
+    useTls?: boolean;
+    tableName?: string;
+    useIPSets?: boolean;
+    useAdvancedNAT?: boolean;
+}): IRouteConfig;
+/**
+ * Create an NFTables-based TLS termination route
+ * @param nameOrDomains Name or domain(s) to match
+ * @param target Target host and port
+ * @param options Additional route options
+ * @returns Route configuration object
+ */
+export declare function createNfTablesTerminateRoute(nameOrDomains: string | string[], target: {
+    host: string;
+    port: number | 'preserve';
+}, options?: {
+    ports?: TPortRange;
+    protocol?: 'tcp' | 'udp' | 'all';
+    preserveSourceIP?: boolean;
+    ipAllowList?: string[];
+    ipBlockList?: string[];
+    maxRate?: string;
+    priority?: number;
+    tableName?: string;
+    useIPSets?: boolean;
+    useAdvancedNAT?: boolean;
+    certificate?: 'auto' | {
+        key: string;
+        cert: string;
+    };
+}): IRouteConfig;
+/**
+ * Create a complete NFTables-based HTTPS setup with HTTP redirect
+ * @param nameOrDomains Name or domain(s) to match
+ * @param target Target host and port
+ * @param options Additional route options
+ * @returns Array of two route configurations (HTTPS and HTTP redirect)
+ */
+export declare function createCompleteNfTablesHttpsServer(nameOrDomains: string | string[], target: {
+    host: string;
+    port: number | 'preserve';
+}, options?: {
+    httpPort?: TPortRange;
+    httpsPort?: TPortRange;
+    protocol?: 'tcp' | 'udp' | 'all';
+    preserveSourceIP?: boolean;
+    ipAllowList?: string[];
+    ipBlockList?: string[];
+    maxRate?: string;
+    priority?: number;
+    tableName?: string;
+    useIPSets?: boolean;
+    useAdvancedNAT?: boolean;
+    certificate?: 'auto' | {
+        key: string;
+        cert: string;
+    };
+}): IRouteConfig[];

package/dist_ts/proxies/smart-proxy/utils/route-helpers/nftables-helpers.js

@@ -0,0 +1,126 @@
+/**
+ * NFTables Route Helper Functions
+ *
+ * This module provides utility functions for creating NFTables-based route configurations
+ * for high-performance packet forwarding at the kernel level.
+ */
+import { createHttpToHttpsRedirect } from './https-helpers.js';
+/**
+ * Create an NFTables-based route for high-performance packet forwarding
+ * @param nameOrDomains Name or domain(s) to match
+ * @param target Target host and port
+ * @param options Additional route options
+ * @returns Route configuration object
+ */
+export function createNfTablesRoute(nameOrDomains, target, options = {}) {
+    // Determine if this is a name or domain
+    let name;
+    let domains;
+    if (Array.isArray(nameOrDomains) || (typeof nameOrDomains === 'string' && nameOrDomains.includes('.'))) {
+        domains = nameOrDomains;
+        name = Array.isArray(nameOrDomains) ? nameOrDomains[0] : nameOrDomains;
+    }
+    else {
+        name = nameOrDomains;
+        domains = undefined; // No domains
+    }
+    // Create route match
+    const match = {
+        domains,
+        ports: options.ports || 80
+    };
+    // Create route action
+    const action = {
+        type: 'forward',
+        targets: [{
+                host: target.host,
+                port: target.port
+            }],
+        forwardingEngine: 'nftables',
+        nftables: {
+            protocol: options.protocol || 'tcp',
+            preserveSourceIP: options.preserveSourceIP,
+            maxRate: options.maxRate,
+            priority: options.priority,
+            tableName: options.tableName,
+            useIPSets: options.useIPSets,
+            useAdvancedNAT: options.useAdvancedNAT
+        }
+    };
+    // Add TLS options if needed
+    if (options.useTls) {
+        action.tls = {
+            mode: 'passthrough'
+        };
+    }
+    // Create the route config
+    const routeConfig = {
+        name,
+        match,
+        action
+    };
+    // Add security if allowed or blocked IPs are specified
+    if (options.ipAllowList?.length || options.ipBlockList?.length) {
+        routeConfig.security = {
+            ipAllowList: options.ipAllowList,
+            ipBlockList: options.ipBlockList
+        };
+    }
+    return routeConfig;
+}
+/**
+ * Create an NFTables-based TLS termination route
+ * @param nameOrDomains Name or domain(s) to match
+ * @param target Target host and port
+ * @param options Additional route options
+ * @returns Route configuration object
+ */
+export function createNfTablesTerminateRoute(nameOrDomains, target, options = {}) {
+    // Create basic NFTables route
+    const route = createNfTablesRoute(nameOrDomains, target, {
+        ...options,
+        ports: options.ports || 443,
+        useTls: false
+    });
+    // Set TLS termination
+    route.action.tls = {
+        mode: 'terminate',
+        certificate: options.certificate || 'auto'
+    };
+    return route;
+}
+/**
+ * Create a complete NFTables-based HTTPS setup with HTTP redirect
+ * @param nameOrDomains Name or domain(s) to match
+ * @param target Target host and port
+ * @param options Additional route options
+ * @returns Array of two route configurations (HTTPS and HTTP redirect)
+ */
+export function createCompleteNfTablesHttpsServer(nameOrDomains, target, options = {}) {
+    // Create the HTTPS route using NFTables
+    const httpsRoute = createNfTablesTerminateRoute(nameOrDomains, target, {
+        ...options,
+        ports: options.httpsPort || 443
+    });
+    // Determine the domain(s) for HTTP redirect
+    const domains = typeof nameOrDomains === 'string' && !nameOrDomains.includes('.')
+        ? undefined
+        : nameOrDomains;
+    // Extract the HTTPS port for the redirect destination
+    const httpsPort = typeof options.httpsPort === 'number'
+        ? options.httpsPort
+        : Array.isArray(options.httpsPort) && typeof options.httpsPort[0] === 'number'
+            ? options.httpsPort[0]
+            : 443;
+    // Create the HTTP redirect route (this uses standard forwarding, not NFTables)
+    const httpRedirectRoute = createHttpToHttpsRedirect(domains, // Type cast needed since domains can be undefined now
+    httpsPort, {
+        match: {
+            ports: options.httpPort || 80,
+            domains: domains // Type cast needed since domains can be undefined now
+        },
+        name: `HTTP to HTTPS Redirect for ${Array.isArray(domains) ? domains.join(', ') : domains || 'all domains'}`
+    });
+    return [httpsRoute, httpRedirectRoute];
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoibmZ0YWJsZXMtaGVscGVycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL3RzL3Byb3hpZXMvc21hcnQtcHJveHkvdXRpbHMvcm91dGUtaGVscGVycy9uZnRhYmxlcy1oZWxwZXJzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7OztHQUtHO0FBR0gsT0FBTyxFQUFFLHlCQUF5QixFQUFFLE1BQU0sb0JBQW9CLENBQUM7QUFFL0Q7Ozs7OztHQU1HO0FBQ0gsTUFBTSxVQUFVLG1CQUFtQixDQUNqQyxhQUFnQyxFQUNoQyxNQUFtRCxFQUNuRCxVQVlJLEVBQUU7SUFFTix3Q0FBd0M7SUFDeEMsSUFBSSxJQUFZLENBQUM7SUFDakIsSUFBSSxPQUFzQyxDQUFDO0lBRTNDLElBQUksS0FBSyxDQUFDLE9BQU8sQ0FBQyxhQUFhLENBQUMsSUFBSSxDQUFDLE9BQU8sYUFBYSxLQUFLLFFBQVEsSUFBSSxhQUFhLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxDQUFDLEVBQUUsQ0FBQztRQUN2RyxPQUFPLEdBQUcsYUFBYSxDQUFDO1FBQ3hCLElBQUksR0FBRyxLQUFLLENBQUMsT0FBTyxDQUFDLGFBQWEsQ0FBQyxDQUFDLENBQUMsQ0FBQyxhQUFhLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLGFBQWEsQ0FBQztJQUN6RSxDQUFDO1NBQU0sQ0FBQztRQUNOLElBQUksR0FBRyxhQUFhLENBQUM7UUFDckIsT0FBTyxHQUFHLFNBQVMsQ0FBQyxDQUFDLGFBQWE7SUFDcEMsQ0FBQztJQUVELHFCQUFxQjtJQUNyQixNQUFNLEtBQUssR0FBZ0I7UUFDekIsT0FBTztRQUNQLEtBQUssRUFBRSxPQUFPLENBQUMsS0FBSyxJQUFJLEVBQUU7S0FDM0IsQ0FBQztJQUVGLHNCQUFzQjtJQUN0QixNQUFNLE1BQU0sR0FBaUI7UUFDM0IsSUFBSSxFQUFFLFNBQVM7UUFDZixPQUFPLEVBQUUsQ0FBQztnQkFDUixJQUFJLEVBQUUsTUFBTSxDQUFDLElBQUk7Z0JBQ2pCLElBQUksRUFBRSxNQUFNLENBQUMsSUFBSTthQUNsQixDQUFDO1FBQ0YsZ0JBQWdCLEVBQUUsVUFBVTtRQUM1QixRQUFRLEVBQUU7WUFDUixRQUFRLEVBQUUsT0FBTyxDQUFDLFFBQVEsSUFBSSxLQUFLO1lBQ25DLGdCQUFnQixFQUFFLE9BQU8sQ0FBQyxnQkFBZ0I7WUFDMUMsT0FBTyxFQUFFLE9BQU8sQ0FBQyxPQUFPO1lBQ3hCLFFBQVEsRUFBRSxPQUFPLENBQUMsUUFBUTtZQUMxQixTQUFTLEVBQUUsT0FBTyxDQUFDLFNBQVM7WUFDNUIsU0FBUyxFQUFFLE9BQU8sQ0FBQyxTQUFTO1lBQzVCLGNBQWMsRUFBRSxPQUFPLENBQUMsY0FBYztTQUN2QztLQUNGLENBQUM7SUFFRiw0QkFBNEI7SUFDNUIsSUFBSSxPQUFPLENBQUMsTUFBTSxFQUFFLENBQUM7UUFDbkIsTUFBTSxDQUFDLEdBQUcsR0FBRztZQUNYLElBQUksRUFBRSxhQUFhO1NBQ3BCLENBQUM7SUFDSixDQUFDO0lBRUQsMEJBQTBCO0lBQzFCLE1BQU0sV0FBVyxHQUFpQjtRQUNoQyxJQUFJO1FBQ0osS0FBSztRQUNMLE1BQU07S0FDUCxDQUFDO0lBRUYsdURBQXVEO0lBQ3ZELElBQUksT0FBTyxDQUFDLFdBQVcsRUFBRSxNQUFNLElBQUksT0FBTyxDQUFDLFdBQVcsRUFBRSxNQUFNLEVBQUUsQ0FBQztRQUMvRCxXQUFXLENBQUMsUUFBUSxHQUFHO1lBQ3JCLFdBQVcsRUFBRSxPQUFPLENBQUMsV0FBVztZQUNoQyxXQUFXLEVBQUUsT0FBTyxDQUFDLFdBQVc7U0FDakMsQ0FBQztJQUNKLENBQUM7SUFFRCxPQUFPLFdBQVcsQ0FBQztBQUNyQixDQUFDO0FBRUQ7Ozs7OztHQU1HO0FBQ0gsTUFBTSxVQUFVLDRCQUE0QixDQUMxQyxhQUFnQyxFQUNoQyxNQUFtRCxFQUNuRCxVQVlJLEVBQUU7SUFFTiw4QkFBOEI7SUFDOUIsTUFBTSxLQUFLLEdBQUcsbUJBQW1CLENBQy9CLGFBQWEsRUFDYixNQUFNLEVBQ047UUFDRSxHQUFHLE9BQU87UUFDVixLQUFLLEVBQUUsT0FBTyxDQUFDLEtBQUssSUFBSSxHQUFHO1FBQzNCLE1BQU0sRUFBRSxLQUFLO0tBQ2QsQ0FDRixDQUFDO0lBRUYsc0JBQXNCO0lBQ3RCLEtBQUssQ0FBQyxNQUFNLENBQUMsR0FBRyxHQUFHO1FBQ2pCLElBQUksRUFBRSxXQUFXO1FBQ2pCLFdBQVcsRUFBRSxPQUFPLENBQUMsV0FBVyxJQUFJLE1BQU07S0FDM0MsQ0FBQztJQUVGLE9BQU8sS0FBSyxDQUFDO0FBQ2YsQ0FBQztBQUVEOzs7Ozs7R0FNRztBQUNILE1BQU0sVUFBVSxpQ0FBaUMsQ0FDL0MsYUFBZ0MsRUFDaEMsTUFBbUQsRUFDbkQsVUFhSSxFQUFFO0lBRU4sd0NBQXdDO0lBQ3hDLE1BQU0sVUFBVSxHQUFHLDRCQUE0QixDQUM3QyxhQUFhLEVBQ2IsTUFBTSxFQUNOO1FBQ0UsR0FBRyxPQUFPO1FBQ1YsS0FBSyxFQUFFLE9BQU8sQ0FBQyxTQUFTLElBQUksR0FBRztLQUNoQyxDQUNGLENBQUM7SUFFRiw0Q0FBNEM7SUFDNUMsTUFBTSxPQUFPLEdBQUcsT0FBTyxhQUFhLEtBQUssUUFBUSxJQUFJLENBQUMsYUFBYSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUM7UUFDL0UsQ0FBQyxDQUFDLFNBQVM7UUFDWCxDQUFDLENBQUMsYUFBYSxDQUFDO0lBRWxCLHNEQUFzRDtJQUN0RCxNQUFNLFNBQVMsR0FBRyxPQUFPLE9BQU8sQ0FBQyxTQUFTLEtBQUssUUFBUTtRQUNyRCxDQUFDLENBQUMsT0FBTyxDQUFDLFNBQVM7UUFDbkIsQ0FBQyxDQUFDLEtBQUssQ0FBQyxPQUFPLENBQUMsT0FBTyxDQUFDLFNBQVMsQ0FBQyxJQUFJLE9BQU8sT0FBTyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsS0FBSyxRQUFRO1lBQzVFLENBQUMsQ0FBQyxPQUFPLENBQUMsU0FBUyxDQUFDLENBQUMsQ0FBQztZQUN0QixDQUFDLENBQUMsR0FBRyxDQUFDO0lBRVYsK0VBQStFO0lBQy9FLE1BQU0saUJBQWlCLEdBQUcseUJBQXlCLENBQ2pELE9BQWMsRUFBRSxzREFBc0Q7SUFDdEUsU0FBUyxFQUNUO1FBQ0UsS0FBSyxFQUFFO1lBQ0wsS0FBSyxFQUFFLE9BQU8sQ0FBQyxRQUFRLElBQUksRUFBRTtZQUM3QixPQUFPLEVBQUUsT0FBYyxDQUFDLHNEQUFzRDtTQUMvRTtRQUNELElBQUksRUFBRSw4QkFBOEIsS0FBSyxDQUFDLE9BQU8sQ0FBQyxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxDQUFDLElBQUksQ0FBQyxJQUFJLENBQUMsQ0FBQyxDQUFDLENBQUMsT0FBTyxJQUFJLGFBQWEsRUFBRTtLQUM3RyxDQUNGLENBQUM7SUFFRixPQUFPLENBQUMsVUFBVSxFQUFFLGlCQUFpQixDQUFDLENBQUM7QUFDekMsQ0FBQyJ9

package/dist_ts/proxies/smart-proxy/utils/route-helpers/security-helpers.d.ts

@@ -0,0 +1,47 @@
+/**
+ * Security Route Helper Functions
+ *
+ * This module provides utility functions for adding security features to routes.
+ */
+import type { IRouteConfig } from '../../models/route-types.js';
+/**
+ * Create a rate limiting route pattern
+ * @param baseRoute Base route to add rate limiting to
+ * @param rateLimit Rate limiting configuration
+ * @returns Route with rate limiting
+ */
+export declare function addRateLimiting(baseRoute: IRouteConfig, rateLimit: {
+    maxRequests: number;
+    window: number;
+    keyBy?: 'ip' | 'path' | 'header';
+    headerName?: string;
+    errorMessage?: string;
+}): IRouteConfig;
+/**
+ * Create a basic authentication route pattern
+ * @param baseRoute Base route to add authentication to
+ * @param auth Authentication configuration
+ * @returns Route with basic authentication
+ */
+export declare function addBasicAuth(baseRoute: IRouteConfig, auth: {
+    users: Array<{
+        username: string;
+        password: string;
+    }>;
+    realm?: string;
+    excludePaths?: string[];
+}): IRouteConfig;
+/**
+ * Create a JWT authentication route pattern
+ * @param baseRoute Base route to add JWT authentication to
+ * @param jwt JWT authentication configuration
+ * @returns Route with JWT authentication
+ */
+export declare function addJwtAuth(baseRoute: IRouteConfig, jwt: {
+    secret: string;
+    algorithm?: string;
+    issuer?: string;
+    audience?: string;
+    expiresIn?: number;
+    excludePaths?: string[];
+}): IRouteConfig;

package/dist_ts/proxies/smart-proxy/utils/route-helpers/security-helpers.js

@@ -0,0 +1,66 @@
+/**
+ * Security Route Helper Functions
+ *
+ * This module provides utility functions for adding security features to routes.
+ */
+import { mergeRouteConfigs } from '../route-utils.js';
+/**
+ * Create a rate limiting route pattern
+ * @param baseRoute Base route to add rate limiting to
+ * @param rateLimit Rate limiting configuration
+ * @returns Route with rate limiting
+ */
+export function addRateLimiting(baseRoute, rateLimit) {
+    return mergeRouteConfigs(baseRoute, {
+        security: {
+            rateLimit: {
+                enabled: true,
+                maxRequests: rateLimit.maxRequests,
+                window: rateLimit.window,
+                keyBy: rateLimit.keyBy || 'ip',
+                headerName: rateLimit.headerName,
+                errorMessage: rateLimit.errorMessage || 'Rate limit exceeded. Please try again later.'
+            }
+        }
+    });
+}
+/**
+ * Create a basic authentication route pattern
+ * @param baseRoute Base route to add authentication to
+ * @param auth Authentication configuration
+ * @returns Route with basic authentication
+ */
+export function addBasicAuth(baseRoute, auth) {
+    return mergeRouteConfigs(baseRoute, {
+        security: {
+            basicAuth: {
+                enabled: true,
+                users: auth.users,
+                realm: auth.realm || 'Restricted Area',
+                excludePaths: auth.excludePaths || []
+            }
+        }
+    });
+}
+/**
+ * Create a JWT authentication route pattern
+ * @param baseRoute Base route to add JWT authentication to
+ * @param jwt JWT authentication configuration
+ * @returns Route with JWT authentication
+ */
+export function addJwtAuth(baseRoute, jwt) {
+    return mergeRouteConfigs(baseRoute, {
+        security: {
+            jwtAuth: {
+                enabled: true,
+                secret: jwt.secret,
+                algorithm: jwt.algorithm || 'HS256',
+                issuer: jwt.issuer,
+                audience: jwt.audience,
+                expiresIn: jwt.expiresIn,
+                excludePaths: jwt.excludePaths || []
+            }
+        }
+    });
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoic2VjdXJpdHktaGVscGVycy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uLy4uLy4uLy4uL3RzL3Byb3hpZXMvc21hcnQtcHJveHkvdXRpbHMvcm91dGUtaGVscGVycy9zZWN1cml0eS1oZWxwZXJzLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOzs7O0dBSUc7QUFHSCxPQUFPLEVBQUUsaUJBQWlCLEVBQUUsTUFBTSxtQkFBbUIsQ0FBQztBQUV0RDs7Ozs7R0FLRztBQUNILE1BQU0sVUFBVSxlQUFlLENBQzdCLFNBQXVCLEVBQ3ZCLFNBTUM7SUFFRCxPQUFPLGlCQUFpQixDQUFDLFNBQVMsRUFBRTtRQUNsQyxRQUFRLEVBQUU7WUFDUixTQUFTLEVBQUU7Z0JBQ1QsT0FBTyxFQUFFLElBQUk7Z0JBQ2IsV0FBVyxFQUFFLFNBQVMsQ0FBQyxXQUFXO2dCQUNsQyxNQUFNLEVBQUUsU0FBUyxDQUFDLE1BQU07Z0JBQ3hCLEtBQUssRUFBRSxTQUFTLENBQUMsS0FBSyxJQUFJLElBQUk7Z0JBQzlCLFVBQVUsRUFBRSxTQUFTLENBQUMsVUFBVTtnQkFDaEMsWUFBWSxFQUFFLFNBQVMsQ0FBQyxZQUFZLElBQUksOENBQThDO2FBQ3ZGO1NBQ0Y7S0FDRixDQUFDLENBQUM7QUFDTCxDQUFDO0FBRUQ7Ozs7O0dBS0c7QUFDSCxNQUFNLFVBQVUsWUFBWSxDQUMxQixTQUF1QixFQUN2QixJQUlDO0lBRUQsT0FBTyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUU7UUFDbEMsUUFBUSxFQUFFO1lBQ1IsU0FBUyxFQUFFO2dCQUNULE9BQU8sRUFBRSxJQUFJO2dCQUNiLEtBQUssRUFBRSxJQUFJLENBQUMsS0FBSztnQkFDakIsS0FBSyxFQUFFLElBQUksQ0FBQyxLQUFLLElBQUksaUJBQWlCO2dCQUN0QyxZQUFZLEVBQUUsSUFBSSxDQUFDLFlBQVksSUFBSSxFQUFFO2FBQ3RDO1NBQ0Y7S0FDRixDQUFDLENBQUM7QUFDTCxDQUFDO0FBRUQ7Ozs7O0dBS0c7QUFDSCxNQUFNLFVBQVUsVUFBVSxDQUN4QixTQUF1QixFQUN2QixHQU9DO0lBRUQsT0FBTyxpQkFBaUIsQ0FBQyxTQUFTLEVBQUU7UUFDbEMsUUFBUSxFQUFFO1lBQ1IsT0FBTyxFQUFFO2dCQUNQLE9BQU8sRUFBRSxJQUFJO2dCQUNiLE1BQU0sRUFBRSxHQUFHLENBQUMsTUFBTTtnQkFDbEIsU0FBUyxFQUFFLEdBQUcsQ0FBQyxTQUFTLElBQUksT0FBTztnQkFDbkMsTUFBTSxFQUFFLEdBQUcsQ0FBQyxNQUFNO2dCQUNsQixRQUFRLEVBQUUsR0FBRyxDQUFDLFFBQVE7Z0JBQ3RCLFNBQVMsRUFBRSxHQUFHLENBQUMsU0FBUztnQkFDeEIsWUFBWSxFQUFFLEdBQUcsQ0FBQyxZQUFZLElBQUksRUFBRTthQUNyQztTQUNGO0tBQ0YsQ0FBQyxDQUFDO0FBQ0wsQ0FBQyJ9

package/dist_ts/proxies/smart-proxy/utils/route-helpers/socket-handlers.d.ts

@@ -0,0 +1,70 @@
+/**
+ * Socket Handler Functions
+ *
+ * This module provides pre-built socket handlers for common use cases
+ * like echoing, proxying, HTTP responses, and redirects.
+ */
+import * as plugins from '../../../../plugins.js';
+import type { IRouteConfig, TPortRange, IRouteContext } from '../../models/route-types.js';
+/**
+ * Pre-built socket handlers for common use cases
+ */
+export declare const SocketHandlers: {
+    /**
+     * Simple echo server handler
+     */
+    echo: (socket: plugins.net.Socket, context: IRouteContext) => void;
+    /**
+     * TCP proxy handler
+     */
+    proxy: (targetHost: string, targetPort: number) => (socket: plugins.net.Socket, context: IRouteContext) => void;
+    /**
+     * Line-based protocol handler
+     */
+    lineProtocol: (handler: (line: string, socket: plugins.net.Socket) => void) => (socket: plugins.net.Socket, context: IRouteContext) => void;
+    /**
+     * Simple HTTP response handler (for testing)
+     */
+    httpResponse: (statusCode: number, body: string) => (socket: plugins.net.Socket, context: IRouteContext) => void;
+    /**
+     * Block connection immediately
+     */
+    block: (message?: string) => (socket: plugins.net.Socket, context: IRouteContext) => void;
+    /**
+     * HTTP block response
+     */
+    httpBlock: (statusCode?: number, message?: string) => (socket: plugins.net.Socket, context: IRouteContext) => void;
+    /**
+     * HTTP redirect handler
+     * Uses the centralized detection module for HTTP parsing
+     */
+    httpRedirect: (locationTemplate: string, statusCode?: number) => (socket: plugins.net.Socket, context: IRouteContext) => void;
+    /**
+     * HTTP server handler for ACME challenges and other HTTP needs
+     * Uses the centralized detection module for HTTP parsing
+     */
+    httpServer: (handler: (req: {
+        method: string;
+        url: string;
+        headers: Record<string, string>;
+        body?: string;
+    }, res: {
+        status: (code: number) => void;
+        header: (name: string, value: string) => void;
+        send: (data: string) => void;
+        end: () => void;
+    }) => void) => (socket: plugins.net.Socket, context: IRouteContext) => void;
+};
+/**
+ * Create a socket handler route configuration
+ * @param domains Domain(s) to match
+ * @param ports Port(s) to listen on
+ * @param handler Socket handler function
+ * @param options Additional route options
+ * @returns Route configuration object
+ */
+export declare function createSocketHandlerRoute(domains: string | string[], ports: TPortRange, handler: (socket: plugins.net.Socket) => void | Promise<void>, options?: {
+    name?: string;
+    priority?: number;
+    path?: string;
+}): IRouteConfig;