mirrors/redsocks
0
0
Fork 0
mirror of https://github.com/darkk/redsocks.git synced 2025-08-26 11:45:30 +00:00
Code
206 Commits 1 Branch 5 Tags 2.1 MiB
268c00eb29
Commit Graph

31 Commits

Author SHA1 Message Date
Leonid Evdokimov
a1be0807ef Implement redsocks_conn_max option, simplify accept-backoff 
Sophisticated accept-backoff is not required, it's ONLY purpose is to
protect against busy-loop when `redsocks_conn_max` does not match
RLIMIT_NOFILE.
 2016-04-14 22:53:50 +03:00
Leonid Evdokimov
7963de73d4 Add on_proxy_fail to inform user's browser about sort of failure 
Use the feature with care, enable it only for HTTP port to avoid
confusion, no client protocol detection is done at the moment.
 2016-04-13 02:30:08 +03:00
Leonid Evdokimov
4521797847 Add disclose_src option to tell client src IP to http-connect proxy 2016-04-05 02:42:34 +03:00
Leonid Evdokimov
3c7f635bf3 Warn about http-relay usage 
http-relay should be avoided due to CVE-2009-0801. It was implemented to
support ancient HTTP/1.0 clients that did not set `Host` header, so
upstream proxy had at least some way to determine request destination.

In modern post-SPDY world this method should not be used, you should
rather configure upstream proxy to accept CONNECT requests to any port
and use `http-connect` instead.

Great CVE-2009-0801 description can be found in squid-users on 2015-12-18
http://lists.squid-cache.org/pipermail/squid-users/2015-December/008392.html
 2016-04-03 23:45:54 +03:00
Leonid Evdokimov
af46180272 Add naive zero-copy implementation using splice 
It gives ~33% increase of throughput on CPU-bound box.  E.g. following
machine single-connection throughput goes from ~30 Mbit/s to ~40 Mbit/s

system type: xRX200 rev 1.2
machine: TDW8980 - TP-LINK TD-W8980
cpu model: MIPS 34Kc V5.6
BogoMIPS: 332.54
 2016-04-03 23:18:45 +03:00
Leonid Evdokimov
4e222f3f27 Avoid EBADF warnings from epoll using bufferevent_free more accurately 2016-03-17 18:48:33 +03:00
Leonid Evdokimov
4d2e10df17 Implement better exponential backoff in case of accept() failure. 
This commit implements two more features:
 * min_accept_backoff configuration option
 * retry accept() after some close() calls

See also https://github.com/darkk/redsocks/issues/19
 2012-03-25 23:58:40 +04:00
Leonid Evdokimov
128d730583 Implement exponential backoff in case of accept() failure. 
Busy-loop strikes the daemon without backoff and log flood fills disks.

See also https://github.com/darkk/redsocks/issues/19
 2012-01-28 00:00:09 +04:00
Leonid Evdokimov
6f8312b21f Refactor: replace struct event with tracked_event to track EVLIST_INSERTED state. 2012-01-28 00:00:09 +04:00
Leonid Evdokimov
8156e442c2 Add option to specify listen() queue length. 2012-01-28 00:00:09 +04:00
Leonid Evdokimov
9bcb4dcc7e Fix compilation at OpenBSD 4.9. 2011-02-10 00:02:05 +02:00
Bin Jin
9d876181b3 merge commits from upstream 2010-12-03 22:02:40 +08:00
Leonid Evdokimov
2e35ae49c7 Cleanup: make socks5 structures reusable. 2010-12-02 23:39:03 +02:00
Leonid Evdokimov
94c96a60ef Cleanup client session logging. 2010-12-02 23:16:23 +02:00
Leonid Evdokimov
45cab3de31 This cleanup commit introduces ex-plain function! 2010-11-29 00:09:48 +02:00
Bin Jin
04662c4226 fix several fatal issues; send request body on fly, rather than depend on content-length 2010-11-28 13:47:49 +08:00
Bin Jin
3d5d22a59b fix typo 2010-11-25 17:48:11 +08:00
Bin Jin
651754834f fix memory leak issues 2010-11-23 14:19:57 +08:00
Bin Jin
a1e65e4ccb fix issue: EOF from client in http relay 2010-11-23 13:21:09 +08:00
Bin Jin
c12924022a add proxy auth for http-connect, working but buggy 2010-11-18 22:57:20 +08:00
Leonid Evdokimov
7c714b750f Added ability to create many redsocks config sections to have many redirectors. 2008-08-18 17:46:27 +07:00
Leonid Evdokimov
66d9d1cf83 Whitespace fixes. 2008-07-13 21:36:51 +07:00
Leonid Evdokimov
10f87b1d4e Added comments. 2008-07-13 04:24:20 +07:00
Leonid Evdokimov
23a62f69c8 debug util: dumping list of connections on SIGUSR1. 2008-07-13 04:22:52 +07:00
Leonid Evdokimov
8456d20883 Added logging priorities. 
LOG_DEBUG - connection progress
LOG_INFO - all connections
LOG_NOTICE - network problems & startup banner
LOG_WARNING - unexpected behaviour, lack of client-related resources
LOG_ERR - startup errors & lack of memory
 2008-02-10 00:57:22 +06:00
Leonid Evdokimov
48ff78adf9 Client is not dropped until both parts of duplex connection are shut down. 2008-02-02 15:12:52 +06:00
Leonid Evdokimov
5dda936cf9 Better logging. 2008-02-02 04:18:04 +06:00
darkk
477b8f5b7d Added http-relay subsystem to add transparent-proxy support to any http proxy. 2008-02-02 00:34:53 +06:00
darkk
bd455a6cba Added relay_subsys.fini() callback 2008-02-02 00:32:53 +06:00
darkk
48616f615f Added hook to call instead of redsocks_connect_relay 2008-02-01 17:03:26 +06:00
darkk
20d7930ecf Initial revision. 
git-svn-id: file:///home/darkk/svnroot/redsocks@1 f324f89c-ff31-0410-8eac-c7e7ec545cec
 2007-06-03 12:30:38 +00:00