@push.rocks/smartproxy 6.0.0 → 7.0.1

package/dist_ts/00_commitinfo_data.js

@@ -3,7 +3,7 @@
  */
 export const commitinfo = {
     name: '@push.rocks/smartproxy',
-    version: '5.1.0',
+    version: '7.0.1',
     description: 'A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, dynamic routing with authentication options, and automatic ACME certificate management.'
 };
 //# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiMDBfY29tbWl0aW5mb19kYXRhLmpzIiwic291cmNlUm9vdCI6IiIsInNvdXJjZXMiOlsiLi4vdHMvMDBfY29tbWl0aW5mb19kYXRhLnRzIl0sIm5hbWVzIjpbXSwibWFwcGluZ3MiOiJBQUFBOztHQUVHO0FBQ0gsTUFBTSxDQUFDLE1BQU0sVUFBVSxHQUFHO0lBQ3hCLElBQUksRUFBRSx3QkFBd0I7SUFDOUIsT0FBTyxFQUFFLE9BQU87SUFDaEIsV0FBVyxFQUFFLG1PQUFtTztDQUNqUCxDQUFBIn0=

package/dist_ts/index.d.ts

@@ -1,7 +1,7 @@
 export * from './nfttablesproxy/classes.nftablesproxy.js';
 export * from './networkproxy/classes.np.networkproxy.js';
 export * from './port80handler/classes.port80handler.js';
-export * from './classes.sslredirect.js';
+export * from './redirect/classes.redirect.js';
 export * from './smartproxy/classes.smartproxy.js';
 export * from './smartproxy/classes.pp.snihandler.js';
 export * from './smartproxy/classes.pp.interfaces.js';

package/dist_ts/index.js

@@ -1,8 +1,8 @@
 export * from './nfttablesproxy/classes.nftablesproxy.js';
 export * from './networkproxy/classes.np.networkproxy.js';
 export * from './port80handler/classes.port80handler.js';
-export * from './classes.sslredirect.js';
+export * from './redirect/classes.redirect.js';
 export * from './smartproxy/classes.smartproxy.js';
 export * from './smartproxy/classes.pp.snihandler.js';
 export * from './smartproxy/classes.pp.interfaces.js';
-//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxjQUFjLDJDQUEyQyxDQUFDO0FBQzFELGNBQWMsMkNBQTJDLENBQUM7QUFDMUQsY0FBYywwQ0FBMEMsQ0FBQztBQUN6RCxjQUFjLDBCQUEwQixDQUFDO0FBQ3pDLGNBQWMsb0NBQW9DLENBQUM7QUFDbkQsY0FBYyx1Q0FBdUMsQ0FBQztBQUN0RCxjQUFjLHVDQUF1QyxDQUFDIn0=
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiaW5kZXguanMiLCJzb3VyY2VSb290IjoiIiwic291cmNlcyI6WyIuLi90cy9pbmRleC50cyJdLCJuYW1lcyI6W10sIm1hcHBpbmdzIjoiQUFBQSxjQUFjLDJDQUEyQyxDQUFDO0FBQzFELGNBQWMsMkNBQTJDLENBQUM7QUFDMUQsY0FBYywwQ0FBMEMsQ0FBQztBQUN6RCxjQUFjLGdDQUFnQyxDQUFDO0FBQy9DLGNBQWMsb0NBQW9DLENBQUM7QUFDbkQsY0FBYyx1Q0FBdUMsQ0FBQztBQUN0RCxjQUFjLHVDQUF1QyxDQUFDIn0=

package/dist_ts/redirect/classes.redirect.d.ts

@@ -0,0 +1,96 @@
+export interface RedirectRule {
+    /**
+     * Optional protocol to match (http or https). If not specified, matches both.
+     */
+    fromProtocol?: 'http' | 'https';
+    /**
+     * Optional hostname pattern to match. Can use * as wildcard.
+     * If not specified, matches all hosts.
+     */
+    fromHost?: string;
+    /**
+     * Optional path prefix to match. If not specified, matches all paths.
+     */
+    fromPath?: string;
+    /**
+     * Target protocol for the redirect (http or https)
+     */
+    toProtocol: 'http' | 'https';
+    /**
+     * Target hostname for the redirect. Can use $1, $2, etc. to reference
+     * captured groups from wildcard matches in fromHost.
+     */
+    toHost: string;
+    /**
+     * Optional target path prefix. If not specified, keeps original path.
+     * Can use $path to reference the original path.
+     */
+    toPath?: string;
+    /**
+     * HTTP status code for the redirect (301 for permanent, 302 for temporary)
+     */
+    statusCode?: 301 | 302 | 307 | 308;
+}
+export declare class Redirect {
+    private httpServer?;
+    private httpsServer?;
+    private rules;
+    private httpPort;
+    private httpsPort;
+    private sslOptions?;
+    /**
+     * Create a new Redirect instance
+     * @param options Configuration options
+     */
+    constructor(options?: {
+        httpPort?: number;
+        httpsPort?: number;
+        sslOptions?: {
+            key: Buffer;
+            cert: Buffer;
+        };
+        rules?: RedirectRule[];
+    });
+    /**
+     * Add a redirect rule
+     */
+    addRule(rule: RedirectRule): void;
+    /**
+     * Remove all redirect rules
+     */
+    clearRules(): void;
+    /**
+     * Set SSL options for HTTPS redirects
+     */
+    setSslOptions(options: {
+        key: Buffer;
+        cert: Buffer;
+    }): void;
+    /**
+     * Process a request according to the configured rules
+     */
+    private handleRequest;
+    /**
+     * Find a matching redirect rule for the given request
+     */
+    private findMatchingRule;
+    /**
+     * Build the target URL for a redirect
+     */
+    private buildTargetUrl;
+    /**
+     * Start the redirect server(s)
+     */
+    start(): Promise<void>;
+    /**
+     * Stop the redirect server(s)
+     */
+    stop(): Promise<void>;
+}
+export declare class SslRedirect {
+    private redirect;
+    port: number;
+    constructor(portArg: number);
+    start(): Promise<void>;
+    stop(): Promise<void>;
+}

package/dist_ts/redirect/classes.redirect.js

@@ -0,0 +1,194 @@
+import * as plugins from '../plugins.js';
+export class Redirect {
+    /**
+     * Create a new Redirect instance
+     * @param options Configuration options
+     */
+    constructor(options = {}) {
+        this.rules = [];
+        this.httpPort = 80;
+        this.httpsPort = 443;
+        if (options.httpPort)
+            this.httpPort = options.httpPort;
+        if (options.httpsPort)
+            this.httpsPort = options.httpsPort;
+        if (options.sslOptions)
+            this.sslOptions = options.sslOptions;
+        if (options.rules)
+            this.rules = options.rules;
+    }
+    /**
+     * Add a redirect rule
+     */
+    addRule(rule) {
+        this.rules.push(rule);
+    }
+    /**
+     * Remove all redirect rules
+     */
+    clearRules() {
+        this.rules = [];
+    }
+    /**
+     * Set SSL options for HTTPS redirects
+     */
+    setSslOptions(options) {
+        this.sslOptions = options;
+    }
+    /**
+     * Process a request according to the configured rules
+     */
+    handleRequest(request, response, protocol) {
+        const requestUrl = new URL(request.url || '/', `${protocol}://${request.headers.host || 'localhost'}`);
+        const host = requestUrl.hostname;
+        const path = requestUrl.pathname + requestUrl.search;
+        // Find matching rule
+        const matchedRule = this.findMatchingRule(protocol, host, path);
+        if (matchedRule) {
+            const targetUrl = this.buildTargetUrl(matchedRule, host, path);
+            console.log(`Redirecting ${protocol}://${host}${path} to ${targetUrl}`);
+            response.writeHead(matchedRule.statusCode || 302, {
+                Location: targetUrl,
+            });
+            response.end();
+        }
+        else {
+            // No matching rule, send 404
+            response.writeHead(404, { 'Content-Type': 'text/plain' });
+            response.end('Not Found');
+        }
+    }
+    /**
+     * Find a matching redirect rule for the given request
+     */
+    findMatchingRule(protocol, host, path) {
+        return this.rules.find((rule) => {
+            // Check protocol match
+            if (rule.fromProtocol && rule.fromProtocol !== protocol) {
+                return false;
+            }
+            // Check host match
+            if (rule.fromHost) {
+                const pattern = rule.fromHost.replace(/\*/g, '(.*)');
+                const regex = new RegExp(`^${pattern}$`);
+                if (!regex.test(host)) {
+                    return false;
+                }
+            }
+            // Check path match
+            if (rule.fromPath && !path.startsWith(rule.fromPath)) {
+                return false;
+            }
+            return true;
+        });
+    }
+    /**
+     * Build the target URL for a redirect
+     */
+    buildTargetUrl(rule, originalHost, originalPath) {
+        let targetHost = rule.toHost;
+        // Replace wildcards in host
+        if (rule.fromHost && rule.fromHost.includes('*')) {
+            const pattern = rule.fromHost.replace(/\*/g, '(.*)');
+            const regex = new RegExp(`^${pattern}$`);
+            const matches = originalHost.match(regex);
+            if (matches) {
+                for (let i = 1; i < matches.length; i++) {
+                    targetHost = targetHost.replace(`$${i}`, matches[i]);
+                }
+            }
+        }
+        // Build target path
+        let targetPath = originalPath;
+        if (rule.toPath) {
+            if (rule.toPath.includes('$path')) {
+                // Replace $path with original path, optionally removing the fromPath prefix
+                const pathSuffix = rule.fromPath ?
+                    originalPath.substring(rule.fromPath.length) :
+                    originalPath;
+                targetPath = rule.toPath.replace('$path', pathSuffix);
+            }
+            else {
+                targetPath = rule.toPath;
+            }
+        }
+        return `${rule.toProtocol}://${targetHost}${targetPath}`;
+    }
+    /**
+     * Start the redirect server(s)
+     */
+    async start() {
+        const tasks = [];
+        // Create and start HTTP server if we have a port
+        if (this.httpPort) {
+            this.httpServer = plugins.http.createServer((req, res) => this.handleRequest(req, res, 'http'));
+            const httpStartPromise = new Promise((resolve) => {
+                this.httpServer?.listen(this.httpPort, () => {
+                    console.log(`HTTP redirect server started on port ${this.httpPort}`);
+                    resolve();
+                });
+            });
+            tasks.push(httpStartPromise);
+        }
+        // Create and start HTTPS server if we have SSL options and a port
+        if (this.httpsPort && this.sslOptions) {
+            this.httpsServer = plugins.https.createServer(this.sslOptions, (req, res) => this.handleRequest(req, res, 'https'));
+            const httpsStartPromise = new Promise((resolve) => {
+                this.httpsServer?.listen(this.httpsPort, () => {
+                    console.log(`HTTPS redirect server started on port ${this.httpsPort}`);
+                    resolve();
+                });
+            });
+            tasks.push(httpsStartPromise);
+        }
+        // Wait for all servers to start
+        await Promise.all(tasks);
+    }
+    /**
+     * Stop the redirect server(s)
+     */
+    async stop() {
+        const tasks = [];
+        if (this.httpServer) {
+            const httpStopPromise = new Promise((resolve) => {
+                this.httpServer?.close(() => {
+                    console.log('HTTP redirect server stopped');
+                    resolve();
+                });
+            });
+            tasks.push(httpStopPromise);
+        }
+        if (this.httpsServer) {
+            const httpsStopPromise = new Promise((resolve) => {
+                this.httpsServer?.close(() => {
+                    console.log('HTTPS redirect server stopped');
+                    resolve();
+                });
+            });
+            tasks.push(httpsStopPromise);
+        }
+        await Promise.all(tasks);
+    }
+}
+// For backward compatibility
+export class SslRedirect {
+    constructor(portArg) {
+        this.port = portArg;
+        this.redirect = new Redirect({
+            httpPort: portArg,
+            rules: [{
+                    fromProtocol: 'http',
+                    toProtocol: 'https',
+                    toHost: '$1',
+                    statusCode: 302
+                }]
+        });
+    }
+    async start() {
+        await this.redirect.start();
+    }
+    async stop() {
+        await this.redirect.stop();
+    }
+}
+//# sourceMappingURL=data:application/json;base64,eyJ2ZXJzaW9uIjozLCJmaWxlIjoiY2xhc3Nlcy5yZWRpcmVjdC5qcyIsInNvdXJjZVJvb3QiOiIiLCJzb3VyY2VzIjpbIi4uLy4uL3RzL3JlZGlyZWN0L2NsYXNzZXMucmVkaXJlY3QudHMiXSwibmFtZXMiOltdLCJtYXBwaW5ncyI6IkFBQUEsT0FBTyxLQUFLLE9BQU8sTUFBTSxlQUFlLENBQUM7QUEwQ3pDLE1BQU0sT0FBTyxRQUFRO0lBV25COzs7T0FHRztJQUNILFlBQVksVUFRUixFQUFFO1FBcEJFLFVBQUssR0FBbUIsRUFBRSxDQUFDO1FBQzNCLGFBQVEsR0FBVyxFQUFFLENBQUM7UUFDdEIsY0FBUyxHQUFXLEdBQUcsQ0FBQztRQW1COUIsSUFBSSxPQUFPLENBQUMsUUFBUTtZQUFFLElBQUksQ0FBQyxRQUFRLEdBQUcsT0FBTyxDQUFDLFFBQVEsQ0FBQztRQUN2RCxJQUFJLE9BQU8sQ0FBQyxTQUFTO1lBQUUsSUFBSSxDQUFDLFNBQVMsR0FBRyxPQUFPLENBQUMsU0FBUyxDQUFDO1FBQzFELElBQUksT0FBTyxDQUFDLFVBQVU7WUFBRSxJQUFJLENBQUMsVUFBVSxHQUFHLE9BQU8sQ0FBQyxVQUFVLENBQUM7UUFDN0QsSUFBSSxPQUFPLENBQUMsS0FBSztZQUFFLElBQUksQ0FBQyxLQUFLLEdBQUcsT0FBTyxDQUFDLEtBQUssQ0FBQztJQUNoRCxDQUFDO0lBRUQ7O09BRUc7SUFDSSxPQUFPLENBQUMsSUFBa0I7UUFDL0IsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLENBQUM7SUFDeEIsQ0FBQztJQUVEOztPQUVHO0lBQ0ksVUFBVTtRQUNmLElBQUksQ0FBQyxLQUFLLEdBQUcsRUFBRSxDQUFDO0lBQ2xCLENBQUM7SUFFRDs7T0FFRztJQUNJLGFBQWEsQ0FBQyxPQUFzQztRQUN6RCxJQUFJLENBQUMsVUFBVSxHQUFHLE9BQU8sQ0FBQztJQUM1QixDQUFDO0lBRUQ7O09BRUc7SUFDSyxhQUFhLENBQ25CLE9BQXFDLEVBQ3JDLFFBQXFDLEVBQ3JDLFFBQTBCO1FBRTFCLE1BQU0sVUFBVSxHQUFHLElBQUksR0FBRyxDQUN4QixPQUFPLENBQUMsR0FBRyxJQUFJLEdBQUcsRUFDbEIsR0FBRyxRQUFRLE1BQU0sT0FBTyxDQUFDLE9BQU8sQ0FBQyxJQUFJLElBQUksV0FBVyxFQUFFLENBQ3ZELENBQUM7UUFFRixNQUFNLElBQUksR0FBRyxVQUFVLENBQUMsUUFBUSxDQUFDO1FBQ2pDLE1BQU0sSUFBSSxHQUFHLFVBQVUsQ0FBQyxRQUFRLEdBQUcsVUFBVSxDQUFDLE1BQU0sQ0FBQztRQUVyRCxxQkFBcUI7UUFDckIsTUFBTSxXQUFXLEdBQUcsSUFBSSxDQUFDLGdCQUFnQixDQUFDLFFBQVEsRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7UUFFaEUsSUFBSSxXQUFXLEVBQUUsQ0FBQztZQUNoQixNQUFNLFNBQVMsR0FBRyxJQUFJLENBQUMsY0FBYyxDQUFDLFdBQVcsRUFBRSxJQUFJLEVBQUUsSUFBSSxDQUFDLENBQUM7WUFFL0QsT0FBTyxDQUFDLEdBQUcsQ0FBQyxlQUFlLFFBQVEsTUFBTSxJQUFJLEdBQUcsSUFBSSxPQUFPLFNBQVMsRUFBRSxDQUFDLENBQUM7WUFFeEUsUUFBUSxDQUFDLFNBQVMsQ0FBQyxXQUFXLENBQUMsVUFBVSxJQUFJLEdBQUcsRUFBRTtnQkFDaEQsUUFBUSxFQUFFLFNBQVM7YUFDcEIsQ0FBQyxDQUFDO1lBQ0gsUUFBUSxDQUFDLEdBQUcsRUFBRSxDQUFDO1FBQ2pCLENBQUM7YUFBTSxDQUFDO1lBQ04sNkJBQTZCO1lBQzdCLFFBQVEsQ0FBQyxTQUFTLENBQUMsR0FBRyxFQUFFLEVBQUUsY0FBYyxFQUFFLFlBQVksRUFBRSxDQUFDLENBQUM7WUFDMUQsUUFBUSxDQUFDLEdBQUcsQ0FBQyxXQUFXLENBQUMsQ0FBQztRQUM1QixDQUFDO0lBQ0gsQ0FBQztJQUVEOztPQUVHO0lBQ0ssZ0JBQWdCLENBQ3RCLFFBQTBCLEVBQzFCLElBQVksRUFDWixJQUFZO1FBRVosT0FBTyxJQUFJLENBQUMsS0FBSyxDQUFDLElBQUksQ0FBQyxDQUFDLElBQUksRUFBRSxFQUFFO1lBQzlCLHVCQUF1QjtZQUN2QixJQUFJLElBQUksQ0FBQyxZQUFZLElBQUksSUFBSSxDQUFDLFlBQVksS0FBSyxRQUFRLEVBQUUsQ0FBQztnQkFDeEQsT0FBTyxLQUFLLENBQUM7WUFDZixDQUFDO1lBRUQsbUJBQW1CO1lBQ25CLElBQUksSUFBSSxDQUFDLFFBQVEsRUFBRSxDQUFDO2dCQUNsQixNQUFNLE9BQU8sR0FBRyxJQUFJLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxLQUFLLEVBQUUsTUFBTSxDQUFDLENBQUM7Z0JBQ3JELE1BQU0sS0FBSyxHQUFHLElBQUksTUFBTSxDQUFDLElBQUksT0FBTyxHQUFHLENBQUMsQ0FBQztnQkFDekMsSUFBSSxDQUFDLEtBQUssQ0FBQyxJQUFJLENBQUMsSUFBSSxDQUFDLEVBQUUsQ0FBQztvQkFDdEIsT0FBTyxLQUFLLENBQUM7Z0JBQ2YsQ0FBQztZQUNILENBQUM7WUFFRCxtQkFBbUI7WUFDbkIsSUFBSSxJQUFJLENBQUMsUUFBUSxJQUFJLENBQUMsSUFBSSxDQUFDLFVBQVUsQ0FBQyxJQUFJLENBQUMsUUFBUSxDQUFDLEVBQUUsQ0FBQztnQkFDckQsT0FBTyxLQUFLLENBQUM7WUFDZixDQUFDO1lBRUQsT0FBTyxJQUFJLENBQUM7UUFDZCxDQUFDLENBQUMsQ0FBQztJQUNMLENBQUM7SUFFRDs7T0FFRztJQUNLLGNBQWMsQ0FBQyxJQUFrQixFQUFFLFlBQW9CLEVBQUUsWUFBb0I7UUFDbkYsSUFBSSxVQUFVLEdBQUcsSUFBSSxDQUFDLE1BQU0sQ0FBQztRQUU3Qiw0QkFBNEI7UUFDNUIsSUFBSSxJQUFJLENBQUMsUUFBUSxJQUFJLElBQUksQ0FBQyxRQUFRLENBQUMsUUFBUSxDQUFDLEdBQUcsQ0FBQyxFQUFFLENBQUM7WUFDakQsTUFBTSxPQUFPLEdBQUcsSUFBSSxDQUFDLFFBQVEsQ0FBQyxPQUFPLENBQUMsS0FBSyxFQUFFLE1BQU0sQ0FBQyxDQUFDO1lBQ3JELE1BQU0sS0FBSyxHQUFHLElBQUksTUFBTSxDQUFDLElBQUksT0FBTyxHQUFHLENBQUMsQ0FBQztZQUN6QyxNQUFNLE9BQU8sR0FBRyxZQUFZLENBQUMsS0FBSyxDQUFDLEtBQUssQ0FBQyxDQUFDO1lBRTFDLElBQUksT0FBTyxFQUFFLENBQUM7Z0JBQ1osS0FBSyxJQUFJLENBQUMsR0FBRyxDQUFDLEVBQUUsQ0FBQyxHQUFHLE9BQU8sQ0FBQyxNQUFNLEVBQUUsQ0FBQyxFQUFFLEVBQUUsQ0FBQztvQkFDeEMsVUFBVSxHQUFHLFVBQVUsQ0FBQyxPQUFPLENBQUMsSUFBSSxDQUFDLEVBQUUsRUFBRSxPQUFPLENBQUMsQ0FBQyxDQUFDLENBQUMsQ0FBQztnQkFDdkQsQ0FBQztZQUNILENBQUM7UUFDSCxDQUFDO1FBRUQsb0JBQW9CO1FBQ3BCLElBQUksVUFBVSxHQUFHLFlBQVksQ0FBQztRQUM5QixJQUFJLElBQUksQ0FBQyxNQUFNLEVBQUUsQ0FBQztZQUNoQixJQUFJLElBQUksQ0FBQyxNQUFNLENBQUMsUUFBUSxDQUFDLE9BQU8sQ0FBQyxFQUFFLENBQUM7Z0JBQ2xDLDRFQUE0RTtnQkFDNUUsTUFBTSxVQUFVLEdBQUcsSUFBSSxDQUFDLFFBQVEsQ0FBQyxDQUFDO29CQUNoQyxZQUFZLENBQUMsU0FBUyxDQUFDLElBQUksQ0FBQyxRQUFRLENBQUMsTUFBTSxDQUFDLENBQUMsQ0FBQztvQkFDOUMsWUFBWSxDQUFDO2dCQUVmLFVBQVUsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDLE9BQU8sQ0FBQyxPQUFPLEVBQUUsVUFBVSxDQUFDLENBQUM7WUFDeEQsQ0FBQztpQkFBTSxDQUFDO2dCQUNOLFVBQVUsR0FBRyxJQUFJLENBQUMsTUFBTSxDQUFDO1lBQzNCLENBQUM7UUFDSCxDQUFDO1FBRUQsT0FBTyxHQUFHLElBQUksQ0FBQyxVQUFVLE1BQU0sVUFBVSxHQUFHLFVBQVUsRUFBRSxDQUFDO0lBQzNELENBQUM7SUFFRDs7T0FFRztJQUNJLEtBQUssQ0FBQyxLQUFLO1FBQ2hCLE1BQU0sS0FBSyxHQUFHLEVBQUUsQ0FBQztRQUVqQixpREFBaUQ7UUFDakQsSUFBSSxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUM7WUFDbEIsSUFBSSxDQUFDLFVBQVUsR0FBRyxPQUFPLENBQUMsSUFBSSxDQUFDLFlBQVksQ0FBQyxDQUFDLEdBQUcsRUFBRSxHQUFHLEVBQUUsRUFBRSxDQUN2RCxJQUFJLENBQUMsYUFBYSxDQUFDLEdBQUcsRUFBRSxHQUFHLEVBQUUsTUFBTSxDQUFDLENBQ3JDLENBQUM7WUFFRixNQUFNLGdCQUFnQixHQUFHLElBQUksT0FBTyxDQUFPLENBQUMsT0FBTyxFQUFFLEVBQUU7Z0JBQ3JELElBQUksQ0FBQyxVQUFVLEVBQUUsTUFBTSxDQUFDLElBQUksQ0FBQyxRQUFRLEVBQUUsR0FBRyxFQUFFO29CQUMxQyxPQUFPLENBQUMsR0FBRyxDQUFDLHdDQUF3QyxJQUFJLENBQUMsUUFBUSxFQUFFLENBQUMsQ0FBQztvQkFDckUsT0FBTyxFQUFFLENBQUM7Z0JBQ1osQ0FBQyxDQUFDLENBQUM7WUFDTCxDQUFDLENBQUMsQ0FBQztZQUVILEtBQUssQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztRQUMvQixDQUFDO1FBRUQsa0VBQWtFO1FBQ2xFLElBQUksSUFBSSxDQUFDLFNBQVMsSUFBSSxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUM7WUFDdEMsSUFBSSxDQUFDLFdBQVcsR0FBRyxPQUFPLENBQUMsS0FBSyxDQUFDLFlBQVksQ0FBQyxJQUFJLENBQUMsVUFBVSxFQUFFLENBQUMsR0FBRyxFQUFFLEdBQUcsRUFBRSxFQUFFLENBQzFFLElBQUksQ0FBQyxhQUFhLENBQUMsR0FBRyxFQUFFLEdBQUcsRUFBRSxPQUFPLENBQUMsQ0FDdEMsQ0FBQztZQUVGLE1BQU0saUJBQWlCLEdBQUcsSUFBSSxPQUFPLENBQU8sQ0FBQyxPQUFPLEVBQUUsRUFBRTtnQkFDdEQsSUFBSSxDQUFDLFdBQVcsRUFBRSxNQUFNLENBQUMsSUFBSSxDQUFDLFNBQVMsRUFBRSxHQUFHLEVBQUU7b0JBQzVDLE9BQU8sQ0FBQyxHQUFHLENBQUMseUNBQXlDLElBQUksQ0FBQyxTQUFTLEVBQUUsQ0FBQyxDQUFDO29CQUN2RSxPQUFPLEVBQUUsQ0FBQztnQkFDWixDQUFDLENBQUMsQ0FBQztZQUNMLENBQUMsQ0FBQyxDQUFDO1lBRUgsS0FBSyxDQUFDLElBQUksQ0FBQyxpQkFBaUIsQ0FBQyxDQUFDO1FBQ2hDLENBQUM7UUFFRCxnQ0FBZ0M7UUFDaEMsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQzNCLENBQUM7SUFFRDs7T0FFRztJQUNJLEtBQUssQ0FBQyxJQUFJO1FBQ2YsTUFBTSxLQUFLLEdBQUcsRUFBRSxDQUFDO1FBRWpCLElBQUksSUFBSSxDQUFDLFVBQVUsRUFBRSxDQUFDO1lBQ3BCLE1BQU0sZUFBZSxHQUFHLElBQUksT0FBTyxDQUFPLENBQUMsT0FBTyxFQUFFLEVBQUU7Z0JBQ3BELElBQUksQ0FBQyxVQUFVLEVBQUUsS0FBSyxDQUFDLEdBQUcsRUFBRTtvQkFDMUIsT0FBTyxDQUFDLEdBQUcsQ0FBQyw4QkFBOEIsQ0FBQyxDQUFDO29CQUM1QyxPQUFPLEVBQUUsQ0FBQztnQkFDWixDQUFDLENBQUMsQ0FBQztZQUNMLENBQUMsQ0FBQyxDQUFDO1lBQ0gsS0FBSyxDQUFDLElBQUksQ0FBQyxlQUFlLENBQUMsQ0FBQztRQUM5QixDQUFDO1FBRUQsSUFBSSxJQUFJLENBQUMsV0FBVyxFQUFFLENBQUM7WUFDckIsTUFBTSxnQkFBZ0IsR0FBRyxJQUFJLE9BQU8sQ0FBTyxDQUFDLE9BQU8sRUFBRSxFQUFFO2dCQUNyRCxJQUFJLENBQUMsV0FBVyxFQUFFLEtBQUssQ0FBQyxHQUFHLEVBQUU7b0JBQzNCLE9BQU8sQ0FBQyxHQUFHLENBQUMsK0JBQStCLENBQUMsQ0FBQztvQkFDN0MsT0FBTyxFQUFFLENBQUM7Z0JBQ1osQ0FBQyxDQUFDLENBQUM7WUFDTCxDQUFDLENBQUMsQ0FBQztZQUNILEtBQUssQ0FBQyxJQUFJLENBQUMsZ0JBQWdCLENBQUMsQ0FBQztRQUMvQixDQUFDO1FBRUQsTUFBTSxPQUFPLENBQUMsR0FBRyxDQUFDLEtBQUssQ0FBQyxDQUFDO0lBQzNCLENBQUM7Q0FDRjtBQUVELDZCQUE2QjtBQUM3QixNQUFNLE9BQU8sV0FBVztJQUl0QixZQUFZLE9BQWU7UUFDekIsSUFBSSxDQUFDLElBQUksR0FBRyxPQUFPLENBQUM7UUFDcEIsSUFBSSxDQUFDLFFBQVEsR0FBRyxJQUFJLFFBQVEsQ0FBQztZQUMzQixRQUFRLEVBQUUsT0FBTztZQUNqQixLQUFLLEVBQUUsQ0FBQztvQkFDTixZQUFZLEVBQUUsTUFBTTtvQkFDcEIsVUFBVSxFQUFFLE9BQU87b0JBQ25CLE1BQU0sRUFBRSxJQUFJO29CQUNaLFVBQVUsRUFBRSxHQUFHO2lCQUNoQixDQUFDO1NBQ0gsQ0FBQyxDQUFDO0lBQ0wsQ0FBQztJQUVNLEtBQUssQ0FBQyxLQUFLO1FBQ2hCLE1BQU0sSUFBSSxDQUFDLFFBQVEsQ0FBQyxLQUFLLEVBQUUsQ0FBQztJQUM5QixDQUFDO0lBRU0sS0FBSyxDQUFDLElBQUk7UUFDZixNQUFNLElBQUksQ0FBQyxRQUFRLENBQUMsSUFBSSxFQUFFLENBQUM7SUFDN0IsQ0FBQztDQUNGIn0=

package/package.json

@@ -1,6 +1,6 @@
 {
   "name": "@push.rocks/smartproxy",
-  "version": "6.0.0",
+  "version": "7.0.1",
   "private": false,
   "description": "A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, dynamic routing with authentication options, and automatic ACME certificate management.",
   "main": "dist_ts/index.js",

package/readme.md

@@ -15,7 +15,7 @@ flowchart TB
         direction TB
         HTTP80[HTTP Port 80\nSslRedirect]
         HTTPS443[HTTPS Port 443\nNetworkProxy]
-        PortProxy[TCP Port Proxy\nwith SNI routing]
+        SmartProxy[SmartProxy\nwith SNI routing]
         NfTables[NfTablesProxy]
         Router[ProxyRouter]
         ACME[Port80Handler\nACME/Let's Encrypt]
@@ -31,16 +31,16 @@ flowchart TB
     Client -->|HTTP Request| HTTP80
     HTTP80 -->|Redirect| Client
     Client -->|HTTPS Request| HTTPS443
-    Client -->|TLS/TCP| PortProxy
+    Client -->|TLS/TCP| SmartProxy
     
     HTTPS443 -->|Route Request| Router
     Router -->|Proxy Request| Service1
     Router -->|Proxy Request| Service2
     
-    PortProxy -->|Direct TCP| Service2
-    PortProxy -->|Direct TCP| Service3
+    SmartProxy -->|Direct TCP| Service2
+    SmartProxy -->|Direct TCP| Service3
     
-    NfTables -.->|Low-level forwarding| PortProxy
+    NfTables -.->|Low-level forwarding| SmartProxy
     
     HTTP80 -.->|Challenge Response| ACME
     ACME -.->|Generate/Manage| Certs
@@ -51,7 +51,7 @@ flowchart TB
     classDef client fill:#dfd,stroke:#333,stroke-width:2px;
     
     class Client client;
-    class HTTP80,HTTPS443,PortProxy,IPTables,Router,ACME component;
+    class HTTP80,HTTPS443,SmartProxy,NfTables,Router,ACME component;
     class Service1,Service2,Service3 backend;
 ```
 
@@ -98,49 +98,49 @@ sequenceDiagram
     end
 ```
 
-### Port Proxy with SNI-based Routing
+### SNI-based Connection Handling
 This diagram illustrates how TCP connections with SNI (Server Name Indication) are processed and forwarded:
 
 ```mermaid
 sequenceDiagram
     participant Client
-    participant PortProxy
+    participant SmartProxy
     participant Backend
     
-    Client->>PortProxy: TLS Connection
+    Client->>SmartProxy: TLS Connection
     
     alt SNI Enabled
-        PortProxy->>Client: Accept Connection
-        Client->>PortProxy: TLS ClientHello with SNI
-        PortProxy->>PortProxy: Extract SNI Hostname
-        PortProxy->>PortProxy: Match Domain Config
-        PortProxy->>PortProxy: Validate Client IP
+        SmartProxy->>Client: Accept Connection
+        Client->>SmartProxy: TLS ClientHello with SNI
+        SmartProxy->>SmartProxy: Extract SNI Hostname
+        SmartProxy->>SmartProxy: Match Domain Config
+        SmartProxy->>SmartProxy: Validate Client IP
         
         alt IP Allowed
-            PortProxy->>Backend: Forward Connection
-            Note over PortProxy,Backend: Bidirectional Data Flow
+            SmartProxy->>Backend: Forward Connection
+            Note over SmartProxy,Backend: Bidirectional Data Flow
         else IP Rejected
-            PortProxy->>Client: Close Connection
+            SmartProxy->>Client: Close Connection
         end
     else Port-based Routing
-        PortProxy->>PortProxy: Match Port Range
-        PortProxy->>PortProxy: Find Domain Config
-        PortProxy->>PortProxy: Validate Client IP
+        SmartProxy->>SmartProxy: Match Port Range
+        SmartProxy->>SmartProxy: Find Domain Config
+        SmartProxy->>SmartProxy: Validate Client IP
         
         alt IP Allowed
-            PortProxy->>Backend: Forward Connection
-            Note over PortProxy,Backend: Bidirectional Data Flow
+            SmartProxy->>Backend: Forward Connection
+            Note over SmartProxy,Backend: Bidirectional Data Flow
         else IP Rejected
-            PortProxy->>Client: Close Connection
+            SmartProxy->>Client: Close Connection
         end
     end
     
     loop Connection Active
-        PortProxy-->>PortProxy: Monitor Activity
-        PortProxy-->>PortProxy: Check Max Lifetime
+        SmartProxy-->>SmartProxy: Monitor Activity
+        SmartProxy-->>SmartProxy: Check Max Lifetime
         alt Inactivity or Max Lifetime Exceeded
-            PortProxy->>Client: Close Connection
-            PortProxy->>Backend: Close Connection
+            SmartProxy->>Client: Close Connection
+            SmartProxy->>Backend: Close Connection
         end
     end
 ```
@@ -192,7 +192,7 @@ sequenceDiagram
 
 - **HTTPS Reverse Proxy** - Route traffic to backend services based on hostname with TLS termination
 - **WebSocket Support** - Full WebSocket proxying with heartbeat monitoring
-- **TCP Port Forwarding** - Advanced port forwarding with SNI inspection and domain-based routing
+- **TCP Connection Handling** - Advanced connection handling with SNI inspection and domain-based routing
 - **Enhanced TLS Handling** - Robust TLS handshake processing with improved certificate error handling
 - **HTTP to HTTPS Redirection** - Automatically redirect HTTP requests to HTTPS
 - **Let's Encrypt Integration** - Automatic certificate management using ACME protocol
@@ -224,15 +224,16 @@ const proxy = new NetworkProxy({
 const proxyConfigs = [
   {
     hostName: 'example.com',
-    destinationIp: '127.0.0.1',
-    destinationPort: 3000,
+    destinationIps: ['127.0.0.1'],
+    destinationPorts: [3000],
     publicKey: 'your-cert-content',
-    privateKey: 'your-key-content'
+    privateKey: 'your-key-content',
+    rewriteHostHeader: true
   },
   {
     hostName: 'api.example.com',
-    destinationIp: '127.0.0.1',
-    destinationPort: 4000,
+    destinationIps: ['127.0.0.1'],
+    destinationPorts: [4000],
     publicKey: 'your-cert-content',
     privateKey: 'your-key-content',
     // Optional basic auth
@@ -266,13 +267,13 @@ const redirector = new SslRedirect(80);
 redirector.start();
 ```
 
-### TCP Port Forwarding with Domain-based Routing
+### TCP Connection Handling with Domain-based Routing
 
 ```typescript
-import { PortProxy } from '@push.rocks/smartproxy';
+import { SmartProxy } from '@push.rocks/smartproxy';
 
-// Configure port proxy with domain-based routing
-const portProxy = new PortProxy({
+// Configure SmartProxy with domain-based routing
+const smartProxy = new SmartProxy({
   fromPort: 443,
   toPort: 8443,
   targetIP: 'localhost', // Default target host
@@ -312,7 +313,7 @@ const portProxy = new PortProxy({
   preserveSourceIP: true
 });
 
-portProxy.start();
+smartProxy.start();
 ```
 
 ### NfTables Port Forwarding
@@ -376,7 +377,13 @@ await basicProxy.start();
 import { Port80Handler } from '@push.rocks/smartproxy';
 
 // Create an ACME handler for Let's Encrypt
-const acmeHandler = new Port80Handler();
+const acmeHandler = new Port80Handler({
+  port: 80,
+  contactEmail: 'admin@example.com',
+  useProduction: true,  // Use Let's Encrypt production servers (default is staging)
+  renewThresholdDays: 30, // Renew certificates 30 days before expiry
+  httpsRedirectPort: 443 // Redirect HTTP to HTTPS on this port
+});
 
 // Add domains to manage certificates for
 acmeHandler.addDomain({
@@ -407,8 +414,14 @@ acmeHandler.addDomain({
 | Option         | Description                                       | Default |
 |----------------|---------------------------------------------------|---------|
 | `port`         | Port to listen on for HTTPS connections           | -       |
+| `maxConnections` | Maximum concurrent connections                   | 10000    |
+| `keepAliveTimeout` | Keep-alive timeout in milliseconds             | 60000    |
+| `headersTimeout` | Headers timeout in milliseconds                  | 60000    |
+| `logLevel`     | Logging level ('error', 'warn', 'info', 'debug')   | 'info'   |
+| `cors`         | CORS configuration object                         | -        |
+| `rewriteHostHeader` | Whether to rewrite the Host header           | false     |
 
-### PortProxy Settings
+### SmartProxy Settings
 
 | Option                    | Description                                            | Default     |
 |---------------------------|--------------------------------------------------------|-------------|
@@ -460,28 +473,11 @@ acmeHandler.addDomain({
 | `qos`                 | Quality of Service options (object)               | -           |
 | `netProxyIntegration` | NetworkProxy integration options (object)         | -           |
 
-#### NfTablesProxy QoS Options
-
-| Option               | Description                                       | Default |
-|----------------------|---------------------------------------------------|---------|
-| `enabled`            | Enable Quality of Service features                | false   |
-| `maxRate`            | Maximum bandwidth rate (e.g. "10mbps")           | -       |
-| `priority`           | Traffic priority (1-10, 1 is highest)            | -       |
-| `markConnections`    | Mark connections for easier management            | false   |
-
-#### NfTablesProxy NetworkProxy Integration Options
-
-| Option               | Description                                       | Default |
-|----------------------|---------------------------------------------------|---------|
-| `enabled`            | Enable NetworkProxy integration                   | false   |
-| `redirectLocalhost`  | Redirect localhost traffic to NetworkProxy        | false   |
-| `sslTerminationPort` | Port where NetworkProxy handles SSL termination   | -       |
-
 ## Advanced Features
 
 ### TLS Handshake Optimization
 
-The enhanced `PortProxy` implementation includes significant improvements for TLS handshake handling:
+The enhanced `SmartProxy` implementation includes significant improvements for TLS handshake handling:
 
 - Robust SNI extraction with improved error handling
 - Increased buffer size for complex TLS handshakes (10MB)
@@ -492,7 +488,7 @@ The enhanced `PortProxy` implementation includes significant improvements for TL
 
 ```typescript
 // Example configuration to solve Chrome certificate errors
-const portProxy = new PortProxy({
+const portProxy = new SmartProxy({
   // ... other settings
   initialDataTimeout: 60000,            // Give browser more time for handshake
   maxPendingDataSize: 10 * 1024 * 1024, // Larger buffer for complex handshakes
@@ -502,7 +498,7 @@ const portProxy = new PortProxy({
 
 ### Connection Management and Monitoring
 
-The `PortProxy` class includes built-in connection tracking and monitoring:
+The `SmartProxy` class includes built-in connection tracking and monitoring:
 
 - Automatic cleanup of idle connections with configurable timeouts
 - Timeouts for connections that exceed maximum lifetime
@@ -521,7 +517,7 @@ The `NetworkProxy` class provides WebSocket support with:
 
 ### SNI-based Routing
 
-The `PortProxy` class can inspect the SNI (Server Name Indication) field in TLS handshakes to route connections based on the requested domain:
+The `SmartProxy` class can inspect the SNI (Server Name Indication) field in TLS handshakes to route connections based on the requested domain:
 
 - Multiple backend targets per domain
 - Round-robin load balancing
@@ -530,7 +526,7 @@ The `PortProxy` class can inspect the SNI (Server Name Indication) field in TLS
 
 ### Enhanced NfTables Management
 
-The `NfTablesProxy` class offers advanced capabilities compared to the previous IPTablesProxy:
+The `NfTablesProxy` class offers advanced capabilities:
 
 - Support for multiple port ranges and individual ports
 - More efficient IP filtering using nftables sets
@@ -544,7 +540,7 @@ The `NfTablesProxy` class offers advanced capabilities compared to the previous
 
 ### Port80Handler with Glob Pattern Support
 
-The `Port80Handler` class now includes support for glob pattern domain matching:
+The `Port80Handler` class includes support for glob pattern domain matching:
 
 - Supports wildcard domains like `*.example.com` for HTTP request routing
 - Detects glob patterns and skips certificate issuance for them
@@ -566,7 +562,7 @@ If you experience certificate errors in browsers, especially in Chrome, try thes
 
 ```typescript
 // Configuration to fix Chrome certificate errors
-const portProxy = new PortProxy({
+const smartProxy = new SmartProxy({
   // ... other settings
   initialDataTimeout: 60000,
   maxPendingDataSize: 10 * 1024 * 1024,
@@ -585,14 +581,14 @@ For improved connection stability in high-traffic environments:
 4. **Monitor Connection Statistics**: Enable detailed logging to track termination reasons
 5. **Fine-tune Inactivity Checks**: Adjust `inactivityCheckInterval` based on your traffic patterns
 
-### IPTables Troubleshooting
+### NfTables Troubleshooting
 
-If you're experiencing issues with IPTablesProxy:
+If you're experiencing issues with NfTablesProxy:
 
 1. **Enable Detailed Logging**: Set `enableLogging: true` to see all rule operations
 2. **Force Clean Slate**: Use `forceCleanSlate: true` to remove any lingering rules
-3. **Use Custom Chains**: Enable `addJumpRule: true` for cleaner rule management
-4. **Check Permissions**: Ensure your process has sufficient permissions to modify iptables
+3. **Use IP Sets**: Enable `useIPSets: true` for cleaner rule management
+4. **Check Permissions**: Ensure your process has sufficient permissions to modify nftables
 5. **Verify IPv6 Support**: If using `ipv6Support: true`, ensure ip6tables is available
 
 ## License and Legal Information

package/ts/00_commitinfo_data.ts

@@ -3,6 +3,6 @@
  */
 export const commitinfo = {
   name: '@push.rocks/smartproxy',
-  version: '5.1.0',
+  version: '7.0.1',
   description: 'A powerful proxy package that effectively handles high traffic, with features such as SSL/TLS support, port proxying, WebSocket handling, dynamic routing with authentication options, and automatic ACME certificate management.'
 }

package/ts/index.ts

@@ -1,7 +1,7 @@
 export * from './nfttablesproxy/classes.nftablesproxy.js';
 export * from './networkproxy/classes.np.networkproxy.js';
 export * from './port80handler/classes.port80handler.js';
-export * from './classes.sslredirect.js';
+export * from './redirect/classes.redirect.js';
 export * from './smartproxy/classes.smartproxy.js';
 export * from './smartproxy/classes.pp.snihandler.js';
 export * from './smartproxy/classes.pp.interfaces.js';

package/ts/redirect/classes.redirect.ts

@@ -0,0 +1,295 @@
+import * as plugins from '../plugins.js';
+
+export interface RedirectRule {
+  /**
+   * Optional protocol to match (http or https). If not specified, matches both.
+   */
+  fromProtocol?: 'http' | 'https';
+  
+  /**
+   * Optional hostname pattern to match. Can use * as wildcard.
+   * If not specified, matches all hosts.
+   */
+  fromHost?: string;
+  
+  /**
+   * Optional path prefix to match. If not specified, matches all paths.
+   */
+  fromPath?: string;
+  
+  /**
+   * Target protocol for the redirect (http or https)
+   */
+  toProtocol: 'http' | 'https';
+  
+  /**
+   * Target hostname for the redirect. Can use $1, $2, etc. to reference
+   * captured groups from wildcard matches in fromHost.
+   */
+  toHost: string;
+  
+  /**
+   * Optional target path prefix. If not specified, keeps original path.
+   * Can use $path to reference the original path.
+   */
+  toPath?: string;
+  
+  /**
+   * HTTP status code for the redirect (301 for permanent, 302 for temporary)
+   */
+  statusCode?: 301 | 302 | 307 | 308;
+}
+
+export class Redirect {
+  private httpServer?: plugins.http.Server;
+  private httpsServer?: plugins.https.Server;
+  private rules: RedirectRule[] = [];
+  private httpPort: number = 80;
+  private httpsPort: number = 443;
+  private sslOptions?: {
+    key: Buffer;
+    cert: Buffer;
+  };
+
+  /**
+   * Create a new Redirect instance
+   * @param options Configuration options
+   */
+  constructor(options: {
+    httpPort?: number;
+    httpsPort?: number;
+    sslOptions?: {
+      key: Buffer;
+      cert: Buffer;
+    };
+    rules?: RedirectRule[];
+  } = {}) {
+    if (options.httpPort) this.httpPort = options.httpPort;
+    if (options.httpsPort) this.httpsPort = options.httpsPort;
+    if (options.sslOptions) this.sslOptions = options.sslOptions;
+    if (options.rules) this.rules = options.rules;
+  }
+
+  /**
+   * Add a redirect rule
+   */
+  public addRule(rule: RedirectRule): void {
+    this.rules.push(rule);
+  }
+
+  /**
+   * Remove all redirect rules
+   */
+  public clearRules(): void {
+    this.rules = [];
+  }
+
+  /**
+   * Set SSL options for HTTPS redirects
+   */
+  public setSslOptions(options: { key: Buffer; cert: Buffer }): void {
+    this.sslOptions = options;
+  }
+
+  /**
+   * Process a request according to the configured rules
+   */
+  private handleRequest(
+    request: plugins.http.IncomingMessage,
+    response: plugins.http.ServerResponse,
+    protocol: 'http' | 'https'
+  ): void {
+    const requestUrl = new URL(
+      request.url || '/',
+      `${protocol}://${request.headers.host || 'localhost'}`
+    );
+    
+    const host = requestUrl.hostname;
+    const path = requestUrl.pathname + requestUrl.search;
+    
+    // Find matching rule
+    const matchedRule = this.findMatchingRule(protocol, host, path);
+    
+    if (matchedRule) {
+      const targetUrl = this.buildTargetUrl(matchedRule, host, path);
+      
+      console.log(`Redirecting ${protocol}://${host}${path} to ${targetUrl}`);
+      
+      response.writeHead(matchedRule.statusCode || 302, {
+        Location: targetUrl,
+      });
+      response.end();
+    } else {
+      // No matching rule, send 404
+      response.writeHead(404, { 'Content-Type': 'text/plain' });
+      response.end('Not Found');
+    }
+  }
+
+  /**
+   * Find a matching redirect rule for the given request
+   */
+  private findMatchingRule(
+    protocol: 'http' | 'https',
+    host: string,
+    path: string
+  ): RedirectRule | undefined {
+    return this.rules.find((rule) => {
+      // Check protocol match
+      if (rule.fromProtocol && rule.fromProtocol !== protocol) {
+        return false;
+      }
+
+      // Check host match
+      if (rule.fromHost) {
+        const pattern = rule.fromHost.replace(/\*/g, '(.*)');
+        const regex = new RegExp(`^${pattern}$`);
+        if (!regex.test(host)) {
+          return false;
+        }
+      }
+
+      // Check path match
+      if (rule.fromPath && !path.startsWith(rule.fromPath)) {
+        return false;
+      }
+
+      return true;
+    });
+  }
+
+  /**
+   * Build the target URL for a redirect
+   */
+  private buildTargetUrl(rule: RedirectRule, originalHost: string, originalPath: string): string {
+    let targetHost = rule.toHost;
+    
+    // Replace wildcards in host
+    if (rule.fromHost && rule.fromHost.includes('*')) {
+      const pattern = rule.fromHost.replace(/\*/g, '(.*)');
+      const regex = new RegExp(`^${pattern}$`);
+      const matches = originalHost.match(regex);
+      
+      if (matches) {
+        for (let i = 1; i < matches.length; i++) {
+          targetHost = targetHost.replace(`$${i}`, matches[i]);
+        }
+      }
+    }
+    
+    // Build target path
+    let targetPath = originalPath;
+    if (rule.toPath) {
+      if (rule.toPath.includes('$path')) {
+        // Replace $path with original path, optionally removing the fromPath prefix
+        const pathSuffix = rule.fromPath ? 
+          originalPath.substring(rule.fromPath.length) : 
+          originalPath;
+        
+        targetPath = rule.toPath.replace('$path', pathSuffix);
+      } else {
+        targetPath = rule.toPath;
+      }
+    }
+    
+    return `${rule.toProtocol}://${targetHost}${targetPath}`;
+  }
+
+  /**
+   * Start the redirect server(s)
+   */
+  public async start(): Promise<void> {
+    const tasks = [];
+
+    // Create and start HTTP server if we have a port
+    if (this.httpPort) {
+      this.httpServer = plugins.http.createServer((req, res) => 
+        this.handleRequest(req, res, 'http')
+      );
+      
+      const httpStartPromise = new Promise<void>((resolve) => {
+        this.httpServer?.listen(this.httpPort, () => {
+          console.log(`HTTP redirect server started on port ${this.httpPort}`);
+          resolve();
+        });
+      });
+      
+      tasks.push(httpStartPromise);
+    }
+
+    // Create and start HTTPS server if we have SSL options and a port
+    if (this.httpsPort && this.sslOptions) {
+      this.httpsServer = plugins.https.createServer(this.sslOptions, (req, res) => 
+        this.handleRequest(req, res, 'https')
+      );
+      
+      const httpsStartPromise = new Promise<void>((resolve) => {
+        this.httpsServer?.listen(this.httpsPort, () => {
+          console.log(`HTTPS redirect server started on port ${this.httpsPort}`);
+          resolve();
+        });
+      });
+      
+      tasks.push(httpsStartPromise);
+    }
+
+    // Wait for all servers to start
+    await Promise.all(tasks);
+  }
+
+  /**
+   * Stop the redirect server(s)
+   */
+  public async stop(): Promise<void> {
+    const tasks = [];
+
+    if (this.httpServer) {
+      const httpStopPromise = new Promise<void>((resolve) => {
+        this.httpServer?.close(() => {
+          console.log('HTTP redirect server stopped');
+          resolve();
+        });
+      });
+      tasks.push(httpStopPromise);
+    }
+
+    if (this.httpsServer) {
+      const httpsStopPromise = new Promise<void>((resolve) => {
+        this.httpsServer?.close(() => {
+          console.log('HTTPS redirect server stopped');
+          resolve();
+        });
+      });
+      tasks.push(httpsStopPromise);
+    }
+
+    await Promise.all(tasks);
+  }
+}
+
+// For backward compatibility
+export class SslRedirect {
+  private redirect: Redirect;
+  port: number;
+
+  constructor(portArg: number) {
+    this.port = portArg;
+    this.redirect = new Redirect({
+      httpPort: portArg,
+      rules: [{
+        fromProtocol: 'http',
+        toProtocol: 'https',
+        toHost: '$1',
+        statusCode: 302
+      }]
+    });
+  }
+
+  public async start() {
+    await this.redirect.start();
+  }
+
+  public async stop() {
+    await this.redirect.stop();
+  }
+}

package/ts/classes.sslredirect.ts

@@ -1,32 +0,0 @@
-import * as plugins from './plugins.js';
-
-export class SslRedirect {
-  httpServer: plugins.http.Server;
-  port: number;
-  constructor(portArg: number) {
-    this.port = portArg;
-  }
-
-  public async start() {
-    this.httpServer = plugins.http.createServer((request, response) => {
-      const requestUrl = new URL(request.url, `http://${request.headers.host}`);
-      const completeUrlWithoutProtocol = `${requestUrl.host}${requestUrl.pathname}${requestUrl.search}`;
-      const redirectUrl = `https://${completeUrlWithoutProtocol}`;
-      console.log(`Got http request for http://${completeUrlWithoutProtocol}`);
-      console.log(`Redirecting to ${redirectUrl}`);
-      response.writeHead(302, {
-        Location: redirectUrl,
-      });
-      response.end();
-    });
-    this.httpServer.listen(this.port);
-  }
-
-  public async stop() {
-    const done = plugins.smartpromise.defer();
-    this.httpServer.close(() => {
-      done.resolve();
-    });
-    await done.promise;
-  }
-}