@push.rocks/smartproxy 25.12.0 → 25.14.0

package/ts/proxies/smart-proxy/models/metrics-types.ts

@@ -74,6 +74,14 @@ export interface IMetrics {
     topByErrors(limit?: number): Array<{ backend: string; errors: number }>;
   };
 
+  // UDP metrics
+  udp: {
+    activeSessions(): number;
+    totalSessions(): number;
+    datagramsIn(): number;
+    datagramsOut(): number;
+  };
+
   // Performance metrics
   percentiles: {
     connectionDuration(): { p50: number; p95: number; p99: number };

package/ts/proxies/smart-proxy/models/route-types.ts

@@ -20,9 +20,15 @@ export type TSocketHandler = (socket: plugins.net.Socket, context: IRouteContext
 export type TTlsMode = 'passthrough' | 'terminate' | 'terminate-and-reencrypt';
 
 /**
- * Port range specification format
+ * Transport protocol for route matching
  */
-export type TPortRange = number | number[] | Array<{ from: number; to: number }>;
+export type TTransportProtocol = 'tcp' | 'udp' | 'all';
+
+/**
+ * Port range specification format.
+ * Supports: single number, array of numbers, array of ranges, or mixed arrays.
+ */
+export type TPortRange = number | Array<number | { from: number; to: number }>;
 
 /**
  * Route match criteria for incoming requests
@@ -31,6 +37,9 @@ export interface IRouteMatch {
   // Listen on these ports (required)
   ports: TPortRange;
 
+  // Transport protocol: 'tcp' (default), 'udp', or 'all' (both TCP and UDP)
+  transport?: TTransportProtocol;
+
   // Optional domain patterns to match (default: all domains)
   domains?: string | string[];
 
@@ -39,7 +48,7 @@ export interface IRouteMatch {
   clientIp?: string[];     // Match specific client IPs
   tlsVersion?: string[];   // Match specific TLS versions
   headers?: Record<string, string | RegExp>; // Match specific HTTP headers
-  protocol?: 'http' | 'tcp';  // Match specific protocol (http includes h2 + websocket upgrades)
+  protocol?: 'http' | 'tcp' | 'udp' | 'quic' | 'http3';  // Match specific protocol
 }
 
 
@@ -72,6 +81,9 @@ export interface IRouteTarget {
   headers?: IRouteHeaders;                     // Override route-level headers
   advanced?: IRouteAdvanced;                   // Override route-level advanced settings
   
+  // Override transport for backend connection (e.g., receive QUIC but forward as HTTP/1.1 via TCP)
+  backendTransport?: 'tcp' | 'udp';
+
   // Priority for matching (higher values are checked first, default: 0)
   priority?: number;
 }
@@ -262,7 +274,7 @@ export interface IRouteAction {
   
   // Additional options for backend-specific settings
   options?: {
-    backendProtocol?: 'http1' | 'http2' | 'auto';
+    backendProtocol?: 'http1' | 'http2' | 'http3' | 'auto';
     [key: string]: any;
   };
 
@@ -274,9 +286,15 @@ export interface IRouteAction {
 
   // Socket handler function (when type is 'socket-handler')
   socketHandler?: TSocketHandler;
-  
+
+  // Datagram handler function for UDP (when type is 'socket-handler' and transport is 'udp')
+  datagramHandler?: TDatagramHandler;
+
   // PROXY protocol support (default for all targets, can be overridden per target)
   sendProxyProtocol?: boolean;
+
+  // UDP-specific settings (session tracking, datagram limits, QUIC config)
+  udp?: IRouteUdp;
 }
 
 /**
@@ -356,4 +374,64 @@ export interface IRouteConfig {
   enabled?: boolean;         // Whether the route is active (default: true)
 }
 
+// ─── UDP & QUIC Types ─────────────────────────────────────────────────
+
+/**
+ * Handler for individual UDP datagrams.
+ * Called for each incoming datagram on a socket-handler route with UDP transport.
+ */
+export type TDatagramHandler = (
+  datagram: Buffer,
+  info: IDatagramInfo,
+  reply: (data: Buffer) => void
+) => void | Promise<void>;
+
+/**
+ * Metadata for a received UDP datagram
+ */
+export interface IDatagramInfo {
+  /** Source IP address */
+  sourceIp: string;
+  /** Source port */
+  sourcePort: number;
+  /** Destination (local) port the datagram arrived on */
+  destPort: number;
+  /** Route context */
+  context: IRouteContext;
+}
+
+/**
+ * UDP-specific settings for route actions
+ */
+export interface IRouteUdp {
+  /** Idle timeout for a UDP session/flow (keyed by src IP:port), in ms. Default: 60000 */
+  sessionTimeout?: number;
+  /** Max concurrent UDP sessions per source IP. Default: 1000 */
+  maxSessionsPerIP?: number;
+  /** Max accepted datagram size in bytes. Oversized datagrams are dropped. Default: 65535 */
+  maxDatagramSize?: number;
+  /** QUIC-specific configuration. When present, traffic is treated as QUIC. */
+  quic?: IRouteQuic;
+}
+
+/**
+ * QUIC and HTTP/3 settings
+ */
+export interface IRouteQuic {
+  /** QUIC connection idle timeout in ms. Default: 30000 */
+  maxIdleTimeout?: number;
+  /** Max concurrent bidirectional streams per QUIC connection. Default: 100 */
+  maxConcurrentBidiStreams?: number;
+  /** Max concurrent unidirectional streams per QUIC connection. Default: 100 */
+  maxConcurrentUniStreams?: number;
+  /** Enable HTTP/3 over this QUIC endpoint. Default: false */
+  enableHttp3?: boolean;
+  /** Port to advertise in Alt-Svc header on TCP HTTP responses. Default: listening port */
+  altSvcPort?: number;
+  /** Max age for Alt-Svc advertisement in seconds. Default: 86400 */
+  altSvcMaxAge?: number;
+  /** Initial congestion window size in bytes. Default: implementation-defined */
+  initialCongestionWindow?: number;
+}
+
 // Configuration moved to models/interfaces.ts as ISmartProxyOptions

package/ts/proxies/smart-proxy/route-preprocessor.ts

@@ -74,6 +74,11 @@ export class RoutePreprocessor {
       return true;
     }
 
+    // Datagram handler routes always need TS
+    if (route.action.type === 'socket-handler' && route.action.datagramHandler) {
+      return true;
+    }
+
     // Routes with dynamic host/port functions need TS
     if (route.action.targets) {
       for (const target of route.action.targets) {
@@ -92,8 +97,9 @@ export class RoutePreprocessor {
     if (needsTsHandling) {
       // Convert to socket-handler type for Rust (Rust will relay back to TS)
       cleanAction.type = 'socket-handler';
-      // Remove the JS handler (not serializable)
+      // Remove the JS handlers (not serializable)
       delete (cleanAction as any).socketHandler;
+      delete (cleanAction as any).datagramHandler;
     }
 
     // Clean targets - replace functions with static values

package/ts/proxies/smart-proxy/rust-metrics-adapter.ts

@@ -218,6 +218,13 @@ export class RustMetricsAdapter implements IMetrics {
     },
   };
 
+  public udp = {
+    activeSessions: (): number => this.cache?.activeUdpSessions ?? 0,
+    totalSessions: (): number => this.cache?.totalUdpSessions ?? 0,
+    datagramsIn: (): number => this.cache?.totalDatagramsIn ?? 0,
+    datagramsOut: (): number => this.cache?.totalDatagramsOut ?? 0,
+  };
+
   public percentiles = {
     connectionDuration: (): { p50: number; p95: number; p99: number } => {
       return { p50: 0, p95: 0, p99: 0 };

package/ts/proxies/smart-proxy/rust-proxy-bridge.ts

@@ -20,6 +20,7 @@ type TSmartProxyCommands = {
   addListeningPort:      { params: { port: number };             result: void };
   removeListeningPort:   { params: { port: number };             result: void };
   loadCertificate:       { params: { domain: string; cert: string; key: string; ca?: string }; result: void };
+  setDatagramHandlerRelay: { params: { socketPath: string };     result: void };
 };
 
 /**
@@ -177,4 +178,8 @@ export class RustProxyBridge extends plugins.EventEmitter {
   public async loadCertificate(domain: string, cert: string, key: string, ca?: string): Promise<void> {
     await this.bridge.sendCommand('loadCertificate', { domain, cert, key, ca });
   }
+
+  public async setDatagramHandlerRelay(socketPath: string): Promise<void> {
+    await this.bridge.sendCommand('setDatagramHandlerRelay', { socketPath });
+  }
 }

package/ts/proxies/smart-proxy/smart-proxy.ts

@@ -5,6 +5,7 @@ import { logger } from '../../core/utils/logger.js';
 import { RustProxyBridge } from './rust-proxy-bridge.js';
 import { RoutePreprocessor } from './route-preprocessor.js';
 import { SocketHandlerServer } from './socket-handler-server.js';
+import { DatagramHandlerServer } from './datagram-handler-server.js';
 import { RustMetricsAdapter } from './rust-metrics-adapter.js';
 
 // Route management
@@ -36,6 +37,7 @@ export class SmartProxy extends plugins.EventEmitter {
   private bridge: RustProxyBridge;
   private preprocessor: RoutePreprocessor;
   private socketHandlerServer: SocketHandlerServer | null = null;
+  private datagramHandlerServer: DatagramHandlerServer | null = null;
   private metricsAdapter: RustMetricsAdapter;
   private routeUpdateLock: Mutex;
   private stopping = false;
@@ -145,6 +147,16 @@ export class SmartProxy extends plugins.EventEmitter {
       await this.socketHandlerServer.start();
     }
 
+    // Check if any routes need datagram handler relay (UDP socket-handler routes)
+    const hasDatagramHandlers = this.settings.routes.some(
+      (r) => r.action.type === 'socket-handler' && r.action.datagramHandler
+    );
+    if (hasDatagramHandlers) {
+      const dgPath = `/tmp/smartproxy-dgram-relay-${process.pid}.sock`;
+      this.datagramHandlerServer = new DatagramHandlerServer(dgPath, this.preprocessor);
+      await this.datagramHandlerServer.start();
+    }
+
     // Preprocess routes (strip JS functions, convert socket-handler routes)
     const rustRoutes = this.preprocessor.preprocessForRust(this.settings.routes);
 
@@ -167,6 +179,11 @@ export class SmartProxy extends plugins.EventEmitter {
       await this.bridge.setSocketHandlerRelay(this.socketHandlerServer.getSocketPath());
     }
 
+    // Configure datagram handler relay
+    if (this.datagramHandlerServer) {
+      await this.bridge.setDatagramHandlerRelay(this.datagramHandlerServer.getSocketPath());
+    }
+
     // Load default self-signed fallback certificate (domain: '*')
     if (!this.settings.disableDefaultCert) {
       try {
@@ -240,6 +257,12 @@ export class SmartProxy extends plugins.EventEmitter {
       this.socketHandlerServer = null;
     }
 
+    // Stop datagram handler relay
+    if (this.datagramHandlerServer) {
+      await this.datagramHandlerServer.stop();
+      this.datagramHandlerServer = null;
+    }
+
     logger.log('info', 'SmartProxy shutdown complete.', { component: 'smart-proxy' });
   }
 
@@ -280,6 +303,21 @@ export class SmartProxy extends plugins.EventEmitter {
         this.socketHandlerServer = null;
       }
 
+      // Update datagram handler relay if datagram handler routes changed
+      const hasDatagramHandlers = newRoutes.some(
+        (r) => r.action.type === 'socket-handler' && r.action.datagramHandler
+      );
+
+      if (hasDatagramHandlers && !this.datagramHandlerServer) {
+        const dgPath = `/tmp/smartproxy-dgram-relay-${process.pid}.sock`;
+        this.datagramHandlerServer = new DatagramHandlerServer(dgPath, this.preprocessor);
+        await this.datagramHandlerServer.start();
+        await this.bridge.setDatagramHandlerRelay(this.datagramHandlerServer.getSocketPath());
+      } else if (!hasDatagramHandlers && this.datagramHandlerServer) {
+        await this.datagramHandlerServer.stop();
+        this.datagramHandlerServer = null;
+      }
+
       // Update stored routes
       this.settings.routes = newRoutes;
 

package/ts/proxies/smart-proxy/utils/route-validator.ts

@@ -123,10 +123,10 @@ export class RouteValidator {
         errors.push(`Invalid action type: ${route.action.type}. Must be one of: ${this.VALID_ACTION_TYPES.join(', ')}`);
       }
 
-      // Validate socket-handler
+      // Validate socket-handler (TCP socketHandler or UDP datagramHandler)
       if (route.action.type === 'socket-handler') {
-        if (typeof route.action.socketHandler !== 'function') {
-          errors.push('socket-handler action requires a socketHandler function');
+        if (typeof route.action.socketHandler !== 'function' && typeof route.action.datagramHandler !== 'function') {
+          errors.push('socket-handler action requires a socketHandler or datagramHandler function');
         }
       }
 
@@ -620,10 +620,12 @@ export function validateRouteAction(action: IRouteAction): { valid: boolean; err
   }
 
   if (action.type === 'socket-handler') {
-    if (!action.socketHandler) {
-      errors.push('Socket handler function is required for socket-handler action');
-    } else if (typeof action.socketHandler !== 'function') {
+    if (!action.socketHandler && !action.datagramHandler) {
+      errors.push('Socket handler or datagram handler function is required for socket-handler action');
+    } else if (action.socketHandler && typeof action.socketHandler !== 'function') {
       errors.push('Socket handler must be a function');
+    } else if (action.datagramHandler && typeof action.datagramHandler !== 'function') {
+      errors.push('Datagram handler must be a function');
     }
   }
 
@@ -714,7 +716,8 @@ export function hasRequiredPropertiesForAction(route: IRouteConfig, actionType:
              route.action.targets.length > 0 &&
              route.action.targets.every(t => t.host && t.port !== undefined);
     case 'socket-handler':
-      return !!route.action.socketHandler && typeof route.action.socketHandler === 'function';
+      return (!!route.action.socketHandler && typeof route.action.socketHandler === 'function') ||
+             (!!route.action.datagramHandler && typeof route.action.datagramHandler === 'function');
     default:
       return false;
   }