npm - @push.rocks/smartproxy - Versions diffs - 3.25.4 → 3.28.0 - Mend

@push.rocks/smartproxy 3.25.4 → 3.28.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

package/dist_ts/00_commitinfo_data.js +1 -1
package/dist_ts/classes.port80handler.d.ts +96 -14
package/dist_ts/classes.port80handler.js +330 -61
package/dist_ts/classes.router.d.ts +85 -7
package/dist_ts/classes.router.js +241 -15
package/dist_ts/plugins.d.ts +4 -2
package/dist_ts/plugins.js +5 -3
package/package.json +1 -1
package/readme.md +108 -18
package/ts/00_commitinfo_data.ts +1 -1
package/ts/classes.port80handler.ts +413 -68
package/ts/classes.router.ts +335 -17
package/ts/plugins.ts +5 -2

package/dist_ts/classes.router.js CHANGED Viewed

@@ -1,33 +1,259 @@
-import * as plugins from './plugins.js';
+import * as http from 'http';
+import * as url from 'url';
+import * as tsclass from '@tsclass/tsclass';
 export class ProxyRouter {
-    constructor() {
+    constructor(configs, logger) {
+        // Store original configs for reference
         this.reverseProxyConfigs = [];
+        // Store path patterns separately since they're not in the original interface
+        this.pathPatterns = new Map();
+        this.logger = logger || console;
+        if (configs) {
+            this.setNewProxyConfigs(configs);
+        }
     }
     /**
-     * sets a new set of reverse configs to be routed to
-     * @param reverseCandidatesArg
+     * Sets a new set of reverse configs to be routed to
+     * @param reverseCandidatesArg Array of reverse proxy configurations
      */
     setNewProxyConfigs(reverseCandidatesArg) {
-        this.reverseProxyConfigs = reverseCandidatesArg;
+        this.reverseProxyConfigs = [...reverseCandidatesArg];
+        // Find default config if any (config with "*" as hostname)
+        this.defaultConfig = this.reverseProxyConfigs.find(config => config.hostName === '*');
+        this.logger.info(`Router initialized with ${this.reverseProxyConfigs.length} configs (${this.getHostnames().length} unique hosts)`);
     }
     /**
-     * routes a request
+     * Routes a request based on hostname and path
+     * @param req The incoming HTTP request
+     * @returns The matching proxy config or undefined if no match found
      */
     routeReq(req) {
+        const result = this.routeReqWithDetails(req);
+        return result ? result.config : undefined;
+    }
+    /**
+     * Routes a request with detailed matching information
+     * @param req The incoming HTTP request
+     * @returns Detailed routing result including matched config and path information
+     */
+    routeReqWithDetails(req) {
+        // Extract and validate host header
         const originalHost = req.headers.host;
         if (!originalHost) {
-            console.error('No host header found in request');
+            this.logger.error('No host header found in request');
+            return this.defaultConfig ? { config: this.defaultConfig } : undefined;
+        }
+        // Parse URL for path matching
+        const parsedUrl = url.parse(req.url || '/');
+        const urlPath = parsedUrl.pathname || '/';
+        // Extract hostname without port
+        const hostWithoutPort = originalHost.split(':')[0].toLowerCase();
+        // First try exact hostname match
+        const exactConfig = this.findConfigForHost(hostWithoutPort, urlPath);
+        if (exactConfig) {
+            return exactConfig;
+        }
+        // Try wildcard subdomain
+        if (hostWithoutPort.includes('.')) {
+            const domainParts = hostWithoutPort.split('.');
+            if (domainParts.length > 2) {
+                const wildcardDomain = `*.${domainParts.slice(1).join('.')}`;
+                const wildcardConfig = this.findConfigForHost(wildcardDomain, urlPath);
+                if (wildcardConfig) {
+                    return wildcardConfig;
+                }
+            }
+        }
+        // Fall back to default config if available
+        if (this.defaultConfig) {
+            this.logger.warn(`No specific config found for host: ${hostWithoutPort}, using default`);
+            return { config: this.defaultConfig };
+        }
+        this.logger.error(`No config found for host: ${hostWithoutPort}`);
+        return undefined;
+    }
+    /**
+     * Find a config for a specific host and path
+     */
+    findConfigForHost(hostname, path) {
+        // Find all configs for this hostname
+        const configs = this.reverseProxyConfigs.filter(config => config.hostName.toLowerCase() === hostname.toLowerCase());
+        if (configs.length === 0) {
             return undefined;
         }
-        // Strip port from host if present
-        const hostWithoutPort = originalHost.split(':')[0];
-        const correspodingReverseProxyConfig = this.reverseProxyConfigs.find((reverseConfig) => {
-            return reverseConfig.hostName === hostWithoutPort;
+        // First try configs with path patterns
+        const configsWithPaths = configs.filter(config => this.pathPatterns.has(config));
+        // Sort by path pattern specificity - more specific first
+        configsWithPaths.sort((a, b) => {
+            const aPattern = this.pathPatterns.get(a) || '';
+            const bPattern = this.pathPatterns.get(b) || '';
+            // Exact patterns come before wildcard patterns
+            const aHasWildcard = aPattern.includes('*');
+            const bHasWildcard = bPattern.includes('*');
+            if (aHasWildcard && !bHasWildcard)
+                return 1;
+            if (!aHasWildcard && bHasWildcard)
+                return -1;
+            // Longer patterns are considered more specific
+            return bPattern.length - aPattern.length;
         });
-        if (!correspodingReverseProxyConfig) {
-            console.error(`No config found for host: ${hostWithoutPort}`);
+        // Check each config with path pattern
+        for (const config of configsWithPaths) {
+            const pathPattern = this.pathPatterns.get(config);
+            if (pathPattern) {
+                const pathMatch = this.matchPath(path, pathPattern);
+                if (pathMatch) {
+                    return {
+                        config,
+                        pathMatch: pathMatch.matched,
+                        pathParams: pathMatch.params,
+                        pathRemainder: pathMatch.remainder
+                    };
+                }
+            }
+        }
+        // If no path pattern matched, use the first config without a path pattern
+        const configWithoutPath = configs.find(config => !this.pathPatterns.has(config));
+        if (configWithoutPath) {
+            return { config: configWithoutPath };
+        }
+        return undefined;
+    }
+    /**
+     * Matches a URL path against a pattern
+     * Supports:
+     * - Exact matches: /users/profile
+     * - Wildcards: /api/* (matches any path starting with /api/)
+     * - Path parameters: /users/:id (captures id as a parameter)
+     *
+     * @param path The URL path to match
+     * @param pattern The pattern to match against
+     * @returns Match result with params and remainder, or null if no match
+     */
+    matchPath(path, pattern) {
+        // Handle exact match
+        if (path === pattern) {
+            return {
+                matched: pattern,
+                params: {},
+                remainder: ''
+            };
+        }
+        // Handle wildcard match
+        if (pattern.endsWith('/*')) {
+            const prefix = pattern.slice(0, -2);
+            if (path === prefix || path.startsWith(`${prefix}/`)) {
+                return {
+                    matched: prefix,
+                    params: {},
+                    remainder: path.slice(prefix.length)
+                };
+            }
+            return null;
+        }
+        // Handle path parameters
+        const patternParts = pattern.split('/').filter(p => p);
+        const pathParts = path.split('/').filter(p => p);
+        // Too few path parts to match
+        if (pathParts.length < patternParts.length) {
+            return null;
+        }
+        const params = {};
+        // Compare each part
+        for (let i = 0; i < patternParts.length; i++) {
+            const patternPart = patternParts[i];
+            const pathPart = pathParts[i];
+            // Handle parameter
+            if (patternPart.startsWith(':')) {
+                const paramName = patternPart.slice(1);
+                params[paramName] = pathPart;
+                continue;
+            }
+            // Handle wildcard at the end
+            if (patternPart === '*' && i === patternParts.length - 1) {
+                break;
+            }
+            // Handle exact match for this part
+            if (patternPart !== pathPart) {
+                return null;
+            }
+        }
+        // Calculate the remainder - the unmatched path parts
+        const remainderParts = pathParts.slice(patternParts.length);
+        const remainder = remainderParts.length ? '/' + remainderParts.join('/') : '';
+        // Calculate the matched path
+        const matchedParts = patternParts.map((part, i) => {
+            return part.startsWith(':') ? pathParts[i] : part;
+        });
+        const matched = '/' + matchedParts.join('/');
+        return {
+            matched,
+            params,
+            remainder
+        };
+    }
+    /**
+     * Gets all currently active proxy configurations
+     * @returns Array of all active configurations
+     */
+    getProxyConfigs() {
+        return [...this.reverseProxyConfigs];
+    }
+    /**
+     * Gets all hostnames that this router is configured to handle
+     * @returns Array of hostnames
+     */
+    getHostnames() {
+        const hostnames = new Set();
+        for (const config of this.reverseProxyConfigs) {
+            if (config.hostName !== '*') {
+                hostnames.add(config.hostName.toLowerCase());
+            }
+        }
+        return Array.from(hostnames);
+    }
+    /**
+     * Adds a single new proxy configuration
+     * @param config The configuration to add
+     * @param pathPattern Optional path pattern for route matching
+     */
+    addProxyConfig(config, pathPattern) {
+        this.reverseProxyConfigs.push(config);
+        // Store path pattern if provided
+        if (pathPattern) {
+            this.pathPatterns.set(config, pathPattern);
+        }
+    }
+    /**
+     * Sets a path pattern for an existing config
+     * @param config The existing configuration
+     * @param pathPattern The path pattern to set
+     * @returns Boolean indicating if the config was found and updated
+     */
+    setPathPattern(config, pathPattern) {
+        const exists = this.reverseProxyConfigs.includes(config);
+        if (exists) {
+            this.pathPatterns.set(config, pathPattern);
+            return true;
+        }
+        return false;
+    }
+    /**
+     * Removes a proxy configuration by hostname
+     * @param hostname The hostname to remove
+     * @returns Boolean indicating whether any configs were removed
+     */
+    removeProxyConfig(hostname) {
+        const initialCount = this.reverseProxyConfigs.length;
+        // Find configs to remove
+        const configsToRemove = this.reverseProxyConfigs.filter(config => config.hostName === hostname);
+        // Remove them from the patterns map
+        for (const config of configsToRemove) {
+            this.pathPatterns.delete(config);
         }
-        return correspodingReverseProxyConfig;
+        // Filter them out of the configs array
+        this.reverseProxyConfigs = this.reverseProxyConfigs.filter(config => config.hostName !== hostname);
+        return this.reverseProxyConfigs.length !== initialCount;
     }
 }
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5yb3V0ZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9jbGFzc2VzLnJvdXRlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssT0FBTyxNQUFNLGNBQWMsQ0FBQztBQUV4QyxNQUFNLE9BQU8sV0FBVztJQUF4QjtRQUNTLHdCQUFtQixHQUFrRCxFQUFFLENBQUM7SUE2QmpGLENBQUM7SUEzQkM7OztPQUdHO0lBQ0ksa0JBQWtCLENBQUMsb0JBQW1FO1FBQzNGLElBQUksQ0FBQyxtQkFBbUIsR0FBRyxvQkFBb0IsQ0FBQztJQUNsRCxDQUFDO0lBRUQ7O09BRUc7SUFDSSxRQUFRLENBQUMsR0FBaUM7UUFDL0MsTUFBTSxZQUFZLEdBQUcsR0FBRyxDQUFDLE9BQU8sQ0FBQyxJQUFJLENBQUM7UUFDdEMsSUFBSSxDQUFDLFlBQVksRUFBRSxDQUFDO1lBQ2xCLE9BQU8sQ0FBQyxLQUFLLENBQUMsaUNBQWlDLENBQUMsQ0FBQztZQUNqRCxPQUFPLFNBQVMsQ0FBQztRQUNuQixDQUFDO1FBQ0Qsa0NBQWtDO1FBQ2xDLE1BQU0sZUFBZSxHQUFHLFlBQVksQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUM7UUFDbkQsTUFBTSw4QkFBOEIsR0FBRyxJQUFJLENBQUMsbUJBQW1CLENBQUMsSUFBSSxDQUFDLENBQUMsYUFBYSxFQUFFLEVBQUU7WUFDckYsT0FBTyxhQUFhLENBQUMsUUFBUSxLQUFLLGVBQWUsQ0FBQztRQUNwRCxDQUFDLENBQUMsQ0FBQztRQUNILElBQUksQ0FBQyw4QkFBOEIsRUFBRSxDQUFDO1lBQ3BDLE9BQU8sQ0FBQyxLQUFLLENBQUMsNkJBQTZCLGVBQWUsRUFBRSxDQUFDLENBQUM7UUFDaEUsQ0FBQztRQUNELE9BQU8sOEJBQThCLENBQUM7SUFDeEMsQ0FBQztDQUNGIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5yb3V0ZXIuanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9jbGFzc2VzLnJvdXRlci50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxPQUFPLEtBQUssSUFBSSxNQUFNLE1BQU0sQ0FBQztBQUM3QixPQUFPLEtBQUssR0FBRyxNQUFNLEtBQUssQ0FBQztBQUMzQixPQUFPLEtBQUssT0FBTyxNQUFNLGtCQUFrQixDQUFDO0FBbUI1QyxNQUFNLE9BQU8sV0FBVztJQWV0QixZQUNFLE9BQStDLEVBQy9DLE1BS0M7UUFyQkgsdUNBQXVDO1FBQy9CLHdCQUFtQixHQUEwQyxFQUFFLENBQUM7UUFHeEUsNkVBQTZFO1FBQ3JFLGlCQUFZLEdBQXFELElBQUksR0FBRyxFQUFFLENBQUM7UUFrQmpGLElBQUksQ0FBQyxNQUFNLEdBQUcsTUFBTSxJQUFJLE9BQU8sQ0FBQztRQUNoQyxJQUFJLE9BQU8sRUFBRSxDQUFDO1lBQ1osSUFBSSxDQUFDLGtCQUFrQixDQUFDLE9BQU8sQ0FBQyxDQUFDO1FBQ25DLENBQUM7SUFDSCxDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksa0JBQWtCLENBQUMsb0JBQTJEO1FBQ25GLElBQUksQ0FBQyxtQkFBbUIsR0FBRyxDQUFDLEdBQUcsb0JBQW9CLENBQUMsQ0FBQztRQUVyRCwyREFBMkQ7UUFDM0QsSUFBSSxDQUFDLGFBQWEsR0FBRyxJQUFJLENBQUMsbUJBQW1CLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsTUFBTSxDQUFDLFFBQVEsS0FBSyxHQUFHLENBQUMsQ0FBQztRQUV0RixJQUFJLENBQUMsTUFBTSxDQUFDLElBQUksQ0FBQywyQkFBMkIsSUFBSSxDQUFDLG1CQUFtQixDQUFDLE1BQU0sYUFBYSxJQUFJLENBQUMsWUFBWSxFQUFFLENBQUMsTUFBTSxnQkFBZ0IsQ0FBQyxDQUFDO0lBQ3RJLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ksUUFBUSxDQUFDLEdBQXlCO1FBQ3ZDLE1BQU0sTUFBTSxHQUFHLElBQUksQ0FBQyxtQkFBbUIsQ0FBQyxHQUFHLENBQUMsQ0FBQztRQUM3QyxPQUFPLE1BQU0sQ0FBQyxDQUFDLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsU0FBUyxDQUFDO0lBQzVDLENBQUM7SUFFRDs7OztPQUlHO0lBQ0ksbUJBQW1CLENBQUMsR0FBeUI7UUFDbEQsbUNBQW1DO1FBQ25DLE1BQU0sWUFBWSxHQUFHLEdBQUcsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDO1FBQ3RDLElBQUksQ0FBQyxZQUFZLEVBQUUsQ0FBQztZQUNsQixJQUFJLENBQUMsTUFBTSxDQUFDLEtBQUssQ0FBQyxpQ0FBaUMsQ0FBQyxDQUFDO1lBQ3JELE9BQU8sSUFBSSxDQUFDLGFBQWEsQ0FBQyxDQUFDLENBQUMsRUFBRSxNQUFNLEVBQUUsSUFBSSxDQUFDLGFBQWEsRUFBRSxDQUFDLENBQUMsQ0FBQyxTQUFTLENBQUM7UUFDekUsQ0FBQztRQUVELDhCQUE4QjtRQUM5QixNQUFNLFNBQVMsR0FBRyxHQUFHLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxHQUFHLElBQUksR0FBRyxDQUFDLENBQUM7UUFDNUMsTUFBTSxPQUFPLEdBQUcsU0FBUyxDQUFDLFFBQVEsSUFBSSxHQUFHLENBQUM7UUFFMUMsZ0NBQWdDO1FBQ2hDLE1BQU0sZUFBZSxHQUFHLFlBQVksQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsV0FBVyxFQUFFLENBQUM7UUFFakUsaUNBQWlDO1FBQ2pDLE1BQU0sV0FBVyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxlQUFlLEVBQUUsT0FBTyxDQUFDLENBQUM7UUFDckUsSUFBSSxXQUFXLEVBQUUsQ0FBQztZQUNoQixPQUFPLFdBQVcsQ0FBQztRQUNyQixDQUFDO1FBRUQseUJBQXlCO1FBQ3pCLElBQUksZUFBZSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsRUFBRSxDQUFDO1lBQ2xDLE1BQU0sV0FBVyxHQUFHLGVBQWUsQ0FBQyxLQUFLLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDL0MsSUFBSSxXQUFXLENBQUMsTUFBTSxHQUFHLENBQUMsRUFBRSxDQUFDO2dCQUMzQixNQUFNLGNBQWMsR0FBRyxLQUFLLFdBQVcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7Z0JBQzdELE1BQU0sY0FBYyxHQUFHLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxjQUFjLEVBQUUsT0FBTyxDQUFDLENBQUM7Z0JBQ3ZFLElBQUksY0FBYyxFQUFFLENBQUM7b0JBQ25CLE9BQU8sY0FBYyxDQUFDO2dCQUN4QixDQUFDO1lBQ0gsQ0FBQztRQUNILENBQUM7UUFFRCwyQ0FBMkM7UUFDM0MsSUFBSSxJQUFJLENBQUMsYUFBYSxFQUFFLENBQUM7WUFDdkIsSUFBSSxDQUFDLE1BQU0sQ0FBQyxJQUFJLENBQUMsc0NBQXNDLGVBQWUsaUJBQWlCLENBQUMsQ0FBQztZQUN6RixPQUFPLEVBQUUsTUFBTSxFQUFFLElBQUksQ0FBQyxhQUFhLEVBQUUsQ0FBQztRQUN4QyxDQUFDO1FBRUQsSUFBSSxDQUFDLE1BQU0sQ0FBQyxLQUFLLENBQUMsNkJBQTZCLGVBQWUsRUFBRSxDQUFDLENBQUM7UUFDbEUsT0FBTyxTQUFTLENBQUM7SUFDbkIsQ0FBQztJQUVEOztPQUVHO0lBQ0ssaUJBQWlCLENBQUMsUUFBZ0IsRUFBRSxJQUFZO1FBQ3RELHFDQUFxQztRQUNyQyxNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsbUJBQW1CLENBQUMsTUFBTSxDQUM3QyxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsV0FBVyxFQUFFLEtBQUssUUFBUSxDQUFDLFdBQVcsRUFBRSxDQUNuRSxDQUFDO1FBRUYsSUFBSSxPQUFPLENBQUMsTUFBTSxLQUFLLENBQUMsRUFBRSxDQUFDO1lBQ3pCLE9BQU8sU0FBUyxDQUFDO1FBQ25CLENBQUM7UUFFRCx1Q0FBdUM7UUFDdkMsTUFBTSxnQkFBZ0IsR0FBRyxPQUFPLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQztRQUVqRix5REFBeUQ7UUFDekQsZ0JBQWdCLENBQUMsSUFBSSxDQUFDLENBQUMsQ0FBQyxFQUFFLENBQUMsRUFBRSxFQUFFO1lBQzdCLE1BQU0sUUFBUSxHQUFHLElBQUksQ0FBQyxZQUFZLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxJQUFJLEVBQUUsQ0FBQztZQUNoRCxNQUFNLFFBQVEsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxDQUFDLENBQUMsSUFBSSxFQUFFLENBQUM7WUFFaEQsK0NBQStDO1lBQy9DLE1BQU0sWUFBWSxHQUFHLFFBQVEsQ0FBQyxRQUFRLENBQUMsR0FBRyxDQUFDLENBQUM7WUFDNUMsTUFBTSxZQUFZLEdBQUcsUUFBUSxDQUFDLFFBQVEsQ0FBQyxHQUFHLENBQUMsQ0FBQztZQUU1QyxJQUFJLFlBQVksSUFBSSxDQUFDLFlBQVk7Z0JBQUUsT0FBTyxDQUFDLENBQUM7WUFDNUMsSUFBSSxDQUFDLFlBQVksSUFBSSxZQUFZO2dCQUFFLE9BQU8sQ0FBQyxDQUFDLENBQUM7WUFFN0MsK0NBQStDO1lBQy9DLE9BQU8sUUFBUSxDQUFDLE1BQU0sR0FBRyxRQUFRLENBQUMsTUFBTSxDQUFDO1FBQzNDLENBQUMsQ0FBQyxDQUFDO1FBRUgsc0NBQXNDO1FBQ3RDLEtBQUssTUFBTSxNQUFNLElBQUksZ0JBQWdCLEVBQUUsQ0FBQztZQUN0QyxNQUFNLFdBQVcsR0FBRyxJQUFJLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsQ0FBQztZQUNsRCxJQUFJLFdBQVcsRUFBRSxDQUFDO2dCQUNoQixNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsU0FBUyxDQUFDLElBQUksRUFBRSxXQUFXLENBQUMsQ0FBQztnQkFDcEQsSUFBSSxTQUFTLEVBQUUsQ0FBQztvQkFDZCxPQUFPO3dCQUNMLE1BQU07d0JBQ04sU0FBUyxFQUFFLFNBQVMsQ0FBQyxPQUFPO3dCQUM1QixVQUFVLEVBQUUsU0FBUyxDQUFDLE1BQU07d0JBQzVCLGFBQWEsRUFBRSxTQUFTLENBQUMsU0FBUztxQkFDbkMsQ0FBQztnQkFDSixDQUFDO1lBQ0gsQ0FBQztRQUNILENBQUM7UUFFRCwwRUFBMEU7UUFDMUUsTUFBTSxpQkFBaUIsR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDLE1BQU0sQ0FBQyxFQUFFLENBQUMsQ0FBQyxJQUFJLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDO1FBQ2pGLElBQUksaUJBQWlCLEVBQUUsQ0FBQztZQUN0QixPQUFPLEVBQUUsTUFBTSxFQUFFLGlCQUFpQixFQUFFLENBQUM7UUFDdkMsQ0FBQztRQUVELE9BQU8sU0FBUyxDQUFDO0lBQ25CLENBQUM7SUFFRDs7Ozs7Ozs7OztPQVVHO0lBQ0ssU0FBUyxDQUFDLElBQVksRUFBRSxPQUFlO1FBSzdDLHFCQUFxQjtRQUNyQixJQUFJLElBQUksS0FBSyxPQUFPLEVBQUUsQ0FBQztZQUNyQixPQUFPO2dCQUNMLE9BQU8sRUFBRSxPQUFPO2dCQUNoQixNQUFNLEVBQUUsRUFBRTtnQkFDVixTQUFTLEVBQUUsRUFBRTthQUNkLENBQUM7UUFDSixDQUFDO1FBRUQsd0JBQXdCO1FBQ3hCLElBQUksT0FBTyxDQUFDLFFBQVEsQ0FBQyxJQUFJLENBQUMsRUFBRSxDQUFDO1lBQzNCLE1BQU0sTUFBTSxHQUFHLE9BQU8sQ0FBQyxLQUFLLENBQUMsQ0FBQyxFQUFFLENBQUMsQ0FBQyxDQUFDLENBQUM7WUFDcEMsSUFBSSxJQUFJLEtBQUssTUFBTSxJQUFJLElBQUksQ0FBQyxVQUFVLENBQUMsR0FBRyxNQUFNLEdBQUcsQ0FBQyxFQUFFLENBQUM7Z0JBQ3JELE9BQU87b0JBQ0wsT0FBTyxFQUFFLE1BQU07b0JBQ2YsTUFBTSxFQUFFLEVBQUU7b0JBQ1YsU0FBUyxFQUFFLElBQUksQ0FBQyxLQUFLLENBQUMsTUFBTSxDQUFDLE1BQU0sQ0FBQztpQkFDckMsQ0FBQztZQUNKLENBQUM7WUFDRCxPQUFPLElBQUksQ0FBQztRQUNkLENBQUM7UUFFRCx5QkFBeUI7UUFDekIsTUFBTSxZQUFZLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQyxHQUFHLENBQUMsQ0FBQyxNQUFNLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQyxDQUFDLENBQUMsQ0FBQztRQUN2RCxNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsS0FBSyxDQUFDLEdBQUcsQ0FBQyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsRUFBRSxDQUFDLENBQUMsQ0FBQyxDQUFDO1FBRWpELDhCQUE4QjtRQUM5QixJQUFJLFNBQVMsQ0FBQyxNQUFNLEdBQUcsWUFBWSxDQUFDLE1BQU0sRUFBRSxDQUFDO1lBQzNDLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztRQUVELE1BQU0sTUFBTSxHQUEyQixFQUFFLENBQUM7UUFFMUMsb0JBQW9CO1FBQ3BCLEtBQUssSUFBSSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUMsR0FBRyxZQUFZLENBQUMsTUFBTSxFQUFFLENBQUMsRUFBRSxFQUFFLENBQUM7WUFDN0MsTUFBTSxXQUFXLEdBQUcsWUFBWSxDQUFDLENBQUMsQ0FBQyxDQUFDO1lBQ3BDLE1BQU0sUUFBUSxHQUFHLFNBQVMsQ0FBQyxDQUFDLENBQUMsQ0FBQztZQUU5QixtQkFBbUI7WUFDbkIsSUFBSSxXQUFXLENBQUMsVUFBVSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7Z0JBQ2hDLE1BQU0sU0FBUyxHQUFHLFdBQVcsQ0FBQyxLQUFLLENBQUMsQ0FBQyxDQUFDLENBQUM7Z0JBQ3ZDLE1BQU0sQ0FBQyxTQUFTLENBQUMsR0FBRyxRQUFRLENBQUM7Z0JBQzdCLFNBQVM7WUFDWCxDQUFDO1lBRUQsNkJBQTZCO1lBQzdCLElBQUksV0FBVyxLQUFLLEdBQUcsSUFBSSxDQUFDLEtBQUssWUFBWSxDQUFDLE1BQU0sR0FBRyxDQUFDLEVBQUUsQ0FBQztnQkFDekQsTUFBTTtZQUNSLENBQUM7WUFFRCxtQ0FBbUM7WUFDbkMsSUFBSSxXQUFXLEtBQUssUUFBUSxFQUFFLENBQUM7Z0JBQzdCLE9BQU8sSUFBSSxDQUFDO1lBQ2QsQ0FBQztRQUNILENBQUM7UUFFRCxxREFBcUQ7UUFDckQsTUFBTSxjQUFjLEdBQUcsU0FBUyxDQUFDLEtBQUssQ0FBQyxZQUFZLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDNUQsTUFBTSxTQUFTLEdBQUcsY0FBYyxDQUFDLE1BQU0sQ0FBQyxDQUFDLENBQUMsR0FBRyxHQUFHLGNBQWMsQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLEVBQUUsQ0FBQztRQUU5RSw2QkFBNkI7UUFDN0IsTUFBTSxZQUFZLEdBQUcsWUFBWSxDQUFDLEdBQUcsQ0FBQyxDQUFDLElBQUksRUFBRSxDQUFDLEVBQUUsRUFBRTtZQUNoRCxPQUFPLElBQUksQ0FBQyxVQUFVLENBQUMsR0FBRyxDQUFDLENBQUMsQ0FBQyxDQUFDLFNBQVMsQ0FBQyxDQUFDLENBQUMsQ0FBQyxDQUFDLENBQUMsSUFBSSxDQUFDO1FBQ3BELENBQUMsQ0FBQyxDQUFDO1FBQ0gsTUFBTSxPQUFPLEdBQUcsR0FBRyxHQUFHLFlBQVksQ0FBQyxJQUFJLENBQUMsR0FBRyxDQUFDLENBQUM7UUFFN0MsT0FBTztZQUNMLE9BQU87WUFDUCxNQUFNO1lBQ04sU0FBUztTQUNWLENBQUM7SUFDSixDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksZUFBZTtRQUNwQixPQUFPLENBQUMsR0FBRyxJQUFJLENBQUMsbUJBQW1CLENBQUMsQ0FBQztJQUN2QyxDQUFDO0lBRUQ7OztPQUdHO0lBQ0ksWUFBWTtRQUNqQixNQUFNLFNBQVMsR0FBRyxJQUFJLEdBQUcsRUFBVSxDQUFDO1FBQ3BDLEtBQUssTUFBTSxNQUFNLElBQUksSUFBSSxDQUFDLG1CQUFtQixFQUFFLENBQUM7WUFDOUMsSUFBSSxNQUFNLENBQUMsUUFBUSxLQUFLLEdBQUcsRUFBRSxDQUFDO2dCQUM1QixTQUFTLENBQUMsR0FBRyxDQUFDLE1BQU0sQ0FBQyxRQUFRLENBQUMsV0FBVyxFQUFFLENBQUMsQ0FBQztZQUMvQyxDQUFDO1FBQ0gsQ0FBQztRQUNELE9BQU8sS0FBSyxDQUFDLElBQUksQ0FBQyxTQUFTLENBQUMsQ0FBQztJQUMvQixDQUFDO0lBRUQ7Ozs7T0FJRztJQUNJLGNBQWMsQ0FDbkIsTUFBMkMsRUFDM0MsV0FBb0I7UUFFcEIsSUFBSSxDQUFDLG1CQUFtQixDQUFDLElBQUksQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUV0QyxpQ0FBaUM7UUFDakMsSUFBSSxXQUFXLEVBQUUsQ0FBQztZQUNoQixJQUFJLENBQUMsWUFBWSxDQUFDLEdBQUcsQ0FBQyxNQUFNLEVBQUUsV0FBVyxDQUFDLENBQUM7UUFDN0MsQ0FBQztJQUNILENBQUM7SUFFRDs7Ozs7T0FLRztJQUNJLGNBQWMsQ0FDbkIsTUFBMkMsRUFDM0MsV0FBbUI7UUFFbkIsTUFBTSxNQUFNLEdBQUcsSUFBSSxDQUFDLG1CQUFtQixDQUFDLFFBQVEsQ0FBQyxNQUFNLENBQUMsQ0FBQztRQUN6RCxJQUFJLE1BQU0sRUFBRSxDQUFDO1lBQ1gsSUFBSSxDQUFDLFlBQVksQ0FBQyxHQUFHLENBQUMsTUFBTSxFQUFFLFdBQVcsQ0FBQyxDQUFDO1lBQzNDLE9BQU8sSUFBSSxDQUFDO1FBQ2QsQ0FBQztRQUNELE9BQU8sS0FBSyxDQUFDO0lBQ2YsQ0FBQztJQUVEOzs7O09BSUc7SUFDSSxpQkFBaUIsQ0FBQyxRQUFnQjtRQUN2QyxNQUFNLFlBQVksR0FBRyxJQUFJLENBQUMsbUJBQW1CLENBQUMsTUFBTSxDQUFDO1FBRXJELHlCQUF5QjtRQUN6QixNQUFNLGVBQWUsR0FBRyxJQUFJLENBQUMsbUJBQW1CLENBQUMsTUFBTSxDQUNyRCxNQUFNLENBQUMsRUFBRSxDQUFDLE1BQU0sQ0FBQyxRQUFRLEtBQUssUUFBUSxDQUN2QyxDQUFDO1FBRUYsb0NBQW9DO1FBQ3BDLEtBQUssTUFBTSxNQUFNLElBQUksZUFBZSxFQUFFLENBQUM7WUFDckMsSUFBSSxDQUFDLFlBQVksQ0FBQyxNQUFNLENBQUMsTUFBTSxDQUFDLENBQUM7UUFDbkMsQ0FBQztRQUVELHVDQUF1QztRQUN2QyxJQUFJLENBQUMsbUJBQW1CLEdBQUcsSUFBSSxDQUFDLG1CQUFtQixDQUFDLE1BQU0sQ0FDeEQsTUFBTSxDQUFDLEVBQUUsQ0FBQyxNQUFNLENBQUMsUUFBUSxLQUFLLFFBQVEsQ0FDdkMsQ0FBQztRQUVGLE9BQU8sSUFBSSxDQUFDLG1CQUFtQixDQUFDLE1BQU0sS0FBSyxZQUFZLENBQUM7SUFDMUQsQ0FBQztDQUNGIn0=

package/dist_ts/plugins.d.ts CHANGED Viewed

@@ -1,9 +1,10 @@
+import { EventEmitter } from 'events';
 import * as http from 'http';
 import * as https from 'https';
 import * as net from 'net';
 import * as tls from 'tls';
 import * as url from 'url';
-export { http, https, net, tls, url };
+export { EventEmitter, http, https, net, tls, url };
 import * as tsclass from '@tsclass/tsclass';
 export { tsclass };
 import * as lik from '@push.rocks/lik';
@@ -12,8 +13,9 @@ import * as smartpromise from '@push.rocks/smartpromise';
 import * as smartrequest from '@push.rocks/smartrequest';
 import * as smartstring from '@push.rocks/smartstring';
 export { lik, smartdelay, smartrequest, smartpromise, smartstring };
+import * as acme from 'acme-client';
 import prettyMs from 'pretty-ms';
 import * as ws from 'ws';
 import wsDefault from 'ws';
 import { minimatch } from 'minimatch';
-export { prettyMs, ws, wsDefault, minimatch };
+export { acme, prettyMs, ws, wsDefault, minimatch };

package/dist_ts/plugins.js CHANGED Viewed

@@ -1,10 +1,11 @@
 // node native scope
+import { EventEmitter } from 'events';
 import * as http from 'http';
 import * as https from 'https';
 import * as net from 'net';
 import * as tls from 'tls';
 import * as url from 'url';
-export { http, https, net, tls, url };
+export { EventEmitter, http, https, net, tls, url };
 // tsclass scope
 import * as tsclass from '@tsclass/tsclass';
 export { tsclass };
@@ -16,9 +17,10 @@ import * as smartrequest from '@push.rocks/smartrequest';
 import * as smartstring from '@push.rocks/smartstring';
 export { lik, smartdelay, smartrequest, smartpromise, smartstring };
 // third party scope
+import * as acme from 'acme-client';
 import prettyMs from 'pretty-ms';
 import * as ws from 'ws';
 import wsDefault from 'ws';
 import { minimatch } from 'minimatch';
-export { prettyMs, ws, wsDefault, minimatch };
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGx1Z2lucy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3RzL3BsdWdpbnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsb0JBQW9CO0FBQ3BCLE9BQU8sS0FBSyxJQUFJLE1BQU0sTUFBTSxDQUFDO0FBQzdCLE9BQU8sS0FBSyxLQUFLLE1BQU0sT0FBTyxDQUFDO0FBQy9CLE9BQU8sS0FBSyxHQUFHLE1BQU0sS0FBSyxDQUFDO0FBQzNCLE9BQU8sS0FBSyxHQUFHLE1BQU0sS0FBSyxDQUFDO0FBQzNCLE9BQU8sS0FBSyxHQUFHLE1BQU0sS0FBSyxDQUFDO0FBRTNCLE9BQU8sRUFBRSxJQUFJLEVBQUUsS0FBSyxFQUFFLEdBQUcsRUFBRSxHQUFHLEVBQUUsR0FBRyxFQUFFLENBQUM7QUFFdEMsZ0JBQWdCO0FBQ2hCLE9BQU8sS0FBSyxPQUFPLE1BQU0sa0JBQWtCLENBQUM7QUFFNUMsT0FBTyxFQUFFLE9BQU8sRUFBRSxDQUFDO0FBRW5CLGtCQUFrQjtBQUNsQixPQUFPLEtBQUssR0FBRyxNQUFNLGlCQUFpQixDQUFDO0FBQ3ZDLE9BQU8sS0FBSyxVQUFVLE1BQU0sd0JBQXdCLENBQUM7QUFDckQsT0FBTyxLQUFLLFlBQVksTUFBTSwwQkFBMEIsQ0FBQztBQUN6RCxPQUFPLEtBQUssWUFBWSxNQUFNLDBCQUEwQixDQUFDO0FBQ3pELE9BQU8sS0FBSyxXQUFXLE1BQU0seUJBQXlCLENBQUM7QUFFdkQsT0FBTyxFQUFFLEdBQUcsRUFBRSxVQUFVLEVBQUUsWUFBWSxFQUFFLFlBQVksRUFBRSxXQUFXLEVBQUUsQ0FBQztBQUVwRSxvQkFBb0I7QUFDcEIsT0FBTyxRQUFRLE1BQU0sV0FBVyxDQUFDO0FBQ2pDLE9BQU8sS0FBSyxFQUFFLE1BQU0sSUFBSSxDQUFDO0FBQ3pCLE9BQU8sU0FBUyxNQUFNLElBQUksQ0FBQztBQUMzQixPQUFPLEVBQUUsU0FBUyxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBRXRDLE9BQU8sRUFBRSxRQUFRLEVBQUUsRUFBRSxFQUFFLFNBQVMsRUFBRSxTQUFTLEVBQUUsQ0FBQyJ9
+export { acme, prettyMs, ws, wsDefault, minimatch };
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoicGx1Z2lucy5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uL3RzL3BsdWdpbnMudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsb0JBQW9CO0FBQ3BCLE9BQU8sRUFBRSxZQUFZLEVBQUUsTUFBTSxRQUFRLENBQUM7QUFDdEMsT0FBTyxLQUFLLElBQUksTUFBTSxNQUFNLENBQUM7QUFDN0IsT0FBTyxLQUFLLEtBQUssTUFBTSxPQUFPLENBQUM7QUFDL0IsT0FBTyxLQUFLLEdBQUcsTUFBTSxLQUFLLENBQUM7QUFDM0IsT0FBTyxLQUFLLEdBQUcsTUFBTSxLQUFLLENBQUM7QUFDM0IsT0FBTyxLQUFLLEdBQUcsTUFBTSxLQUFLLENBQUM7QUFHM0IsT0FBTyxFQUFFLFlBQVksRUFBRSxJQUFJLEVBQUUsS0FBSyxFQUFFLEdBQUcsRUFBRSxHQUFHLEVBQUUsR0FBRyxFQUFFLENBQUM7QUFFcEQsZ0JBQWdCO0FBQ2hCLE9BQU8sS0FBSyxPQUFPLE1BQU0sa0JBQWtCLENBQUM7QUFFNUMsT0FBTyxFQUFFLE9BQU8sRUFBRSxDQUFDO0FBRW5CLGtCQUFrQjtBQUNsQixPQUFPLEtBQUssR0FBRyxNQUFNLGlCQUFpQixDQUFDO0FBQ3ZDLE9BQU8sS0FBSyxVQUFVLE1BQU0sd0JBQXdCLENBQUM7QUFDckQsT0FBTyxLQUFLLFlBQVksTUFBTSwwQkFBMEIsQ0FBQztBQUN6RCxPQUFPLEtBQUssWUFBWSxNQUFNLDBCQUEwQixDQUFDO0FBQ3pELE9BQU8sS0FBSyxXQUFXLE1BQU0seUJBQXlCLENBQUM7QUFFdkQsT0FBTyxFQUFFLEdBQUcsRUFBRSxVQUFVLEVBQUUsWUFBWSxFQUFFLFlBQVksRUFBRSxXQUFXLEVBQUUsQ0FBQztBQUVwRSxvQkFBb0I7QUFDcEIsT0FBTyxLQUFLLElBQUksTUFBTSxhQUFhLENBQUM7QUFDcEMsT0FBTyxRQUFRLE1BQU0sV0FBVyxDQUFDO0FBQ2pDLE9BQU8sS0FBSyxFQUFFLE1BQU0sSUFBSSxDQUFDO0FBQ3pCLE9BQU8sU0FBUyxNQUFNLElBQUksQ0FBQztBQUMzQixPQUFPLEVBQUUsU0FBUyxFQUFFLE1BQU0sV0FBVyxDQUFDO0FBRXRDLE9BQU8sRUFBRSxJQUFJLEVBQUUsUUFBUSxFQUFFLEVBQUUsRUFBRSxTQUFTLEVBQUUsU0FBUyxFQUFFLENBQUMifQ==

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "@push.rocks/smartproxy",
-  "version": "3.25.4",
+  "version": "3.28.0",
   "private": false,
   "description": "A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, and dynamic routing with authentication options.",
   "main": "dist_ts/index.js",

package/readme.md CHANGED Viewed

@@ -193,12 +193,14 @@ sequenceDiagram
 - **HTTPS Reverse Proxy** - Route traffic to backend services based on hostname with TLS termination
 - **WebSocket Support** - Full WebSocket proxying with heartbeat monitoring
 - **TCP Port Forwarding** - Advanced port forwarding with SNI inspection and domain-based routing
+- **Enhanced TLS Handling** - Robust TLS handshake processing with improved certificate error handling
 - **HTTP to HTTPS Redirection** - Automatically redirect HTTP requests to HTTPS
 - **Let's Encrypt Integration** - Automatic certificate management using ACME protocol
 - **IP Filtering** - Control access with IP allow/block lists using glob patterns
 - **IPTables Integration** - Direct manipulation of iptables for low-level port forwarding
 - **Basic Authentication** - Support for basic auth on proxied routes
-- **Connection Management** - Intelligent connection tracking and cleanup
+- **Connection Management** - Intelligent connection tracking and cleanup with configurable timeouts
+- **Browser Compatibility** - Optimized for modern browsers with fixes for common TLS handshake issues
 ## Installation
@@ -275,18 +277,38 @@ const portProxy = new PortProxy({
   toPort: 8443,
   targetIP: 'localhost', // Default target host
   sniEnabled: true,      // Enable SNI inspection
+  // Enhanced reliability settings
+  initialDataTimeout: 60000,        // 60 seconds for initial TLS handshake
+  socketTimeout: 3600000,           // 1 hour socket timeout
+  maxConnectionLifetime: 3600000,   // 1 hour connection lifetime
+  inactivityTimeout: 3600000,       // 1 hour inactivity timeout
+  maxPendingDataSize: 10 * 1024 * 1024, // 10MB buffer for large TLS handshakes
+  // Browser compatibility enhancement
+  enableTlsDebugLogging: false,     // Enable for troubleshooting TLS issues
+  // Port and IP configuration
   globalPortRanges: [{ from: 443, to: 443 }],
   defaultAllowedIPs: ['*'], // Allow all IPs by default
+  // Socket optimizations for better connection stability
+  noDelay: true,                    // Disable Nagle's algorithm
+  keepAlive: true,                  // Enable TCP keepalive
+  enableKeepAliveProbes: true,      // Enhanced keepalive for stability
+  // Domain-specific routing configuration
   domainConfigs: [
     {
       domains: ['example.com', '*.example.com'], // Glob patterns for matching domains
       allowedIPs: ['192.168.1.*'],               // Restrict access by IP
       blockedIPs: ['192.168.1.100'],             // Block specific IPs
       targetIPs: ['10.0.0.1', '10.0.0.2'],       // Round-robin between multiple targets
-      portRanges: [{ from: 443, to: 443 }]
+      portRanges: [{ from: 443, to: 443 }],
+      connectionTimeout: 7200000                 // Domain-specific timeout (2 hours)
     }
   ],
-  maxConnectionLifetime: 3600000, // 1 hour in milliseconds
   preserveSourceIP: true
 });
@@ -333,19 +355,31 @@ acmeHandler.addDomain('api.example.com');
 ### PortProxy Settings
-| Option                   | Description                                            | Default     |
-|--------------------------|--------------------------------------------------------|-------------|
-| `fromPort`               | Port to listen on                                      | -           |
-| `toPort`                 | Destination port to forward to                         | -           |
-| `targetIP`               | Default destination IP if not specified in domainConfig | 'localhost' |
-| `sniEnabled`             | Enable SNI inspection for TLS connections              | false       |
-| `defaultAllowedIPs`      | IP patterns allowed by default                         | -           |
-| `defaultBlockedIPs`      | IP patterns blocked by default                         | -           |
-| `preserveSourceIP`       | Preserve the original client IP                        | false       |
-| `maxConnectionLifetime`  | Maximum time in ms to keep a connection open           | 600000      |
-| `globalPortRanges`       | Array of port ranges to listen on                      | -           |
-| `forwardAllGlobalRanges` | Forward all global range connections to targetIP       | false       |
-| `gracefulShutdownTimeout`| Time in ms to wait during shutdown                     | 30000       |
+| Option                    | Description                                            | Default     |
+|---------------------------|--------------------------------------------------------|-------------|
+| `fromPort`                | Port to listen on                                      | -           |
+| `toPort`                  | Destination port to forward to                         | -           |
+| `targetIP`                | Default destination IP if not specified in domainConfig | 'localhost' |
+| `sniEnabled`              | Enable SNI inspection for TLS connections              | false       |
+| `defaultAllowedIPs`       | IP patterns allowed by default                         | -           |
+| `defaultBlockedIPs`       | IP patterns blocked by default                         | -           |
+| `preserveSourceIP`        | Preserve the original client IP                        | false       |
+| `maxConnectionLifetime`   | Maximum time in ms to keep a connection open           | 3600000     |
+| `initialDataTimeout`      | Timeout for initial data/handshake in ms               | 60000       |
+| `socketTimeout`           | Socket inactivity timeout in ms                        | 3600000     |
+| `inactivityTimeout`       | Connection inactivity check timeout in ms              | 3600000     |
+| `inactivityCheckInterval` | How often to check for inactive connections in ms      | 60000       |
+| `maxPendingDataSize`      | Maximum bytes to buffer during connection setup        | 10485760    |
+| `globalPortRanges`        | Array of port ranges to listen on                      | -           |
+| `forwardAllGlobalRanges`  | Forward all global range connections to targetIP       | false       |
+| `gracefulShutdownTimeout` | Time in ms to wait during shutdown                     | 30000       |
+| `noDelay`                 | Disable Nagle's algorithm                              | true        |
+| `keepAlive`               | Enable TCP keepalive                                   | true        |
+| `keepAliveInitialDelay`   | Initial delay before sending keepalive probes in ms    | 30000       |
+| `enableKeepAliveProbes`   | Enable enhanced TCP keep-alive probes                  | false       |
+| `enableTlsDebugLogging`   | Enable detailed TLS handshake debugging                | false       |
+| `enableDetailedLogging`   | Enable detailed connection logging                     | false       |
+| `enableRandomizedTimeouts`| Randomize timeouts slightly to prevent thundering herd | true        |
 ### IPTablesProxy Settings
@@ -359,14 +393,37 @@ acmeHandler.addDomain('api.example.com');
 ## Advanced Features
+### TLS Handshake Optimization
+The enhanced `PortProxy` implementation includes significant improvements for TLS handshake handling:
+- Robust SNI extraction with improved error handling
+- Increased buffer size for complex TLS handshakes (10MB)
+- Longer initial handshake timeout (60 seconds)
+- Detection and tracking of TLS connection states
+- Optional detailed TLS debug logging for troubleshooting
+- Browser compatibility fixes for Chrome certificate errors
+```typescript
+// Example configuration to solve Chrome certificate errors
+const portProxy = new PortProxy({
+  // ... other settings
+  initialDataTimeout: 60000,            // Give browser more time for handshake
+  maxPendingDataSize: 10 * 1024 * 1024, // Larger buffer for complex handshakes
+  enableTlsDebugLogging: true,          // Enable when troubleshooting
+});
+```
 ### Connection Management and Monitoring
 The `PortProxy` class includes built-in connection tracking and monitoring:
-- Automatic cleanup of idle connections
+- Automatic cleanup of idle connections with configurable timeouts
 - Timeouts for connections that exceed maximum lifetime
 - Detailed logging of connection states
 - Termination statistics
+- Randomized timeouts to prevent "thundering herd" problems
+- Per-domain timeout configuration
 ### WebSocket Support
@@ -385,6 +442,39 @@ The `PortProxy` class can inspect the SNI (Server Name Indication) field in TLS
 - Domain-specific allowed IP ranges
 - Protection against SNI renegotiation attacks
+## Troubleshooting
+### Browser Certificate Errors
+If you experience certificate errors in browsers, especially in Chrome, try these solutions:
+1. **Increase Initial Data Timeout**: Set `initialDataTimeout` to 60 seconds or higher
+2. **Increase Buffer Size**: Set `maxPendingDataSize` to 10MB or higher
+3. **Enable TLS Debug Logging**: Set `enableTlsDebugLogging: true` to troubleshoot handshake issues
+4. **Enable Keep-Alive Probes**: Set `enableKeepAliveProbes: true` for better connection stability
+5. **Check Certificate Chain**: Ensure your certificate chain is complete and in the correct order
+```typescript
+// Configuration to fix Chrome certificate errors
+const portProxy = new PortProxy({
+  // ... other settings
+  initialDataTimeout: 60000,
+  maxPendingDataSize: 10 * 1024 * 1024,
+  enableTlsDebugLogging: true,
+  enableKeepAliveProbes: true
+});
+```
+### Connection Stability
+For improved connection stability in high-traffic environments:
+1. **Set Appropriate Timeouts**: Use longer timeouts for long-lived connections
+2. **Use Domain-Specific Timeouts**: Configure per-domain timeouts for different types of services
+3. **Enable TCP Keep-Alive**: Ensure `keepAlive` is set to `true`
+4. **Monitor Connection Statistics**: Enable detailed logging to track termination reasons
+5. **Fine-tune Inactivity Checks**: Adjust `inactivityCheckInterval` based on your traffic patterns
 ## License and Legal Information
 This repository contains open-source code that is licensed under the MIT License. A copy of the MIT License can be found in the [license](license) file within this repository.
@@ -402,4 +492,4 @@ Registered at District court Bremen HRB 35230 HB, Germany
 For any legal inquiries or if you require further information, please contact us via email at hello@task.vc.
-By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.
+By using this repository, you acknowledge that you have read this section, agree to comply with its terms, and understand that the licensing of the code does not imply endorsement by Task Venture Capital GmbH of any derivative works.

package/ts/00_commitinfo_data.ts CHANGED Viewed

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@push.rocks/smartproxy',
-  version: '3.25.4',
+  version: '3.28.0',
   description: 'A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, and dynamic routing with authentication options.'
 }