server

type Authenticator ¶

type Authenticator interface {
	Authenticate(addr net.Addr, auth string, tx uint64) (ok bool, id string)
}

Authenticator is an interface that provides authentication logic.

type BandwidthConfig ¶

type BandwidthConfig struct {
	MaxTx uint64
	MaxRx uint64
}

BandwidthConfig describes the maximum bandwidth that the server can use, in bytes per second.

type Config ¶

type Config struct {
	TLSConfig             TLSConfig
	QUICConfig            QUICConfig
	Conn                  net.PacketConn
	RequestHook           RequestHook
	Outbound              Outbound
	BandwidthConfig       BandwidthConfig
	IgnoreClientBandwidth bool
	DisableUDP            bool
	UDPIdleTimeout        time.Duration
	Authenticator         Authenticator
	EventLogger           EventLogger
	TrafficLogger         TrafficLogger
	MasqHandler           http.Handler
	DecoyURL              string
	Protocol              ProtocolType
	ProtocolParam         string
	EnableUQUIC           bool
	UQUICSpecID           quic.QUICID // 类型必须是 quic.QUICID

	// Add this new field to enable FakeTCP
	XLESSUseFakeTCP bool `json:"xless_use_faketcp,omitempty"`
}

type DecoyProxy ¶ added in v0.1.0

type DecoyProxy struct {
	// contains filtered or unexported fields
}

DecoyProxy provides a simple reverse proxy to the configured decoy site.

func NewDecoyProxy(target string) *DecoyProxy

func (dp *DecoyProxy) ServeHTTP(w http.ResponseWriter, r *http.Request)

type EventLogger ¶

type EventLogger interface {
	Connect(addr net.Addr, id string, tx uint64)
	Disconnect(addr net.Addr, id string, err error)
	TCPRequest(addr net.Addr, id, reqAddr string)
	TCPError(addr net.Addr, id, reqAddr string, err error)
	UDPRequest(addr net.Addr, id string, sessionID uint32, reqAddr string)
	UDPError(addr net.Addr, id string, sessionID uint32, err error)
}

EventLogger is an interface that provides logging logic.

type Outbound ¶

type Outbound interface {
	TCP(reqAddr string) (net.Conn, error)
	UDP(reqAddr string) (UDPConn, error)
}

Outbound provides the implementation of how the server should connect to remote servers. Although UDP includes a reqAddr, the implementation does not necessarily have to use it to make a "connected" UDP connection that does not accept packets from other addresses. In fact, the default implementation simply uses net.ListenUDP for a "full-cone" behavior.

type ProtocolType ¶ added in v0.3.2

type ProtocolType string

ProtocolType 定义了客户端支持的协议类型

const (
	ProtocolTypeDefault ProtocolType = "default" // 默认协议类型
	ProtocolTypeAuthA   ProtocolType = "auth_a"
)

type QUICConfig ¶

type QUICConfig struct {
	InitialStreamReceiveWindow     uint64
	MaxStreamReceiveWindow         uint64
	InitialConnectionReceiveWindow uint64
	MaxConnectionReceiveWindow     uint64
	MaxIdleTimeout                 time.Duration
	MaxIncomingStreams             int64
	DisablePathMTUDiscovery        bool
}

type RequestHook ¶

type RequestHook interface {
	Check(isUDP bool, reqAddr string) bool
	TCP(stream quic.Stream, reqAddr *string) ([]byte, error)
	UDP(data []byte, reqAddr *string) error
}

RequestHook allows filtering and modifying requests before the server connects to the remote. A request will only be hooked if Check returns true. The returned byte slice, if not empty, will be sent to the remote before proxying - this is mainly for "putting back" the content read from the client for sniffing, etc. Return a non-nil error to abort the connection. Note that due to the current architectural limitations, it can only inspect the first packet of a UDP connection. It also cannot put back any data as the first packet is always sent as-is.

type Server ¶

type Server interface {
	Serve() error
	Close() error
}

Server defines the interface for the XLESS server.

func NewServer(config *Config) (Server, error)

type StreamState ¶

type StreamState int

const (
	// StreamStateInitial indicates the initial state of a stream.
	// Client has opened the stream, but we have not received the proxy request yet.
	StreamStateInitial StreamState = iota

	// StreamStateHooking indicates that the hook (usually sniff) is processing.
	// Client has sent the proxy request, but sniff requires more data to complete.
	StreamStateHooking

	// StreamStateConnecting indicates that we are connecting to the proxy target.
	StreamStateConnecting

	// StreamStateEstablished indicates the proxy is established.
	StreamStateEstablished

	// StreamStateClosed indicates the stream is closed.
	StreamStateClosed
)

func (s StreamState) String() string

type StreamStats ¶

type StreamStats struct {
	State utils.Atomic[StreamState]

	AuthID      string
	ConnID      uint32
	InitialTime time.Time

	ReqAddr       utils.Atomic[string]
	HookedReqAddr utils.Atomic[string]

	Tx atomic.Uint64
	Rx atomic.Uint64

	LastActiveTime utils.Atomic[time.Time]
}

type TLSConfig ¶

type TLSConfig struct {
	Certificates   []utls.Certificate
	GetCertificate func(info *utls.ClientHelloInfo) (*utls.Certificate, error)
}

type TrafficLogger ¶

type TrafficLogger interface {
	LogTraffic(id string, tx, rx uint64) (ok bool)
	LogOnlineState(id string, online bool)
	TraceStream(stream quic.Stream, stats *StreamStats)
	UntraceStream(stream quic.Stream)
}

TrafficLogger is an interface that provides traffic logging logic. Tx/Rx in this context refers to the server-remote (proxy target) perspective. Tx is the bytes sent from the server to the remote. Rx is the bytes received by the server from the remote. Apart from logging, the Log function can also return false to signal that the client should be disconnected. This can be used to implement bandwidth limits or post-connection authentication, for example. The implementation of this interface must be thread-safe.

type UDPConn ¶

type UDPConn interface {
	ReadFrom(b []byte) (int, string, error)
	WriteTo(b []byte, addr string) (int, error)
	Close() error
}

UDPConn is like net.PacketConn, but uses string for addresses.

type XListener ¶ added in v0.5.0

type XListener interface {
	Accept(ctx context.Context) (net.Conn, error)
	Addr() net.Addr
	Close() error
}

XListener defines an extended listener interface.