Tag 0.1.7

Critical bug fixes

Signed-off-by: Jacob Kiers <code@kiers.eu>

.drone.jsonnet

@@ -1,5 +1,5 @@
-local executableName = 'newsletter-to-web';
-local build_image = 'img.kie.rs/jjkiers/rust-cross:rust1.70-zig';
+local executableName = 'fourth';
+local build_image = 'img.kie.rs/jjkiers/rust-cross:rust1.71.1-zig';
 
 local archs = [
   { target: 'aarch64-unknown-linux-musl', short: 'arm64-musl' },

.gitignore

@@ -1 +1,2 @@
 /target
+config.yaml

Cargo.lock

@@ -136,7 +136,7 @@ dependencies = [
 
 [[package]]
 name = "fourth"
-version = "0.1.5"
+version = "0.1.7"
 dependencies = [
  "byte_string",
  "bytes",

Cargo.toml

@@ -1,6 +1,6 @@
 [package]
 name = "fourth"
-version = "0.1.5"
+version = "0.1.7"
 edition = "2021"
 authors = ["LI Rui <lr_cn@outlook.com>"]
 license = "Apache-2.0"

README-EN.md

@@ -1,70 +0,0 @@
-# Fourth
-
-> Hey, now we are on level 4!
-
-[![](https://img.shields.io/crates/v/fourth)](https://crates.io/crates/fourth) [![CI](https://img.shields.io/github/workflow/status/kernelerr/fourth/Rust)](https://github.com/KernelErr/fourth/actions/workflows/rust.yml)
-
-**Under heavy development, version 0.1 may update frequently**
-
-Fourth is a layer 4 proxy implemented by Rust to listen on specific ports and transfer TCP/KCP data to remote addresses(only TCP) according to configuration.
-
-## Features
-
-- Listen on specific port and proxy to local or remote port
-- SNI-based rule without terminating TLS connection
-- Allow KCP inbound(warning: untested)
-
-## Installation
-
-To gain best performance on your computer's architecture, please consider build the source code. First, you may need [Rust tool chain](https://rustup.rs/).
-
-```bash
-$ cd fourth
-$ cargo build --release
-```
-
-Binary file will be generated at `target/release/fourth`, or you can use `cargo install --path .` to install.
-
-Or you can use Cargo to install Fourth:
-
-```bash
-$ cargo install fourth
-```
-
-Or you can download binary file form the Release page.
-
-## Configuration
-
-Fourth will read yaml format configuration file from `/etc/fourth/config.yaml`, and you can set custom path to environment variable `FOURTH_CONFIG`, here is an minimal viable example:
-
-```yaml
-version: 1
-log: info
-
-servers:
-  proxy_server:
-    listen:
-      - "127.0.0.1:8081"
-    default: remote
-
-upstream:
-  remote: "tcp://www.remote.example.com:8082" # proxy to remote address
-```
-
-Built-in two upstreams: ban(terminate connection immediately), echo. For detailed configuration, check [this example](./example-config.yaml).
-
-## Performance Benchmark
-
-Tested on 4C2G server:
-
-Use fourth to proxy to Nginx(QPS of direct connection: ~120000): ~70000 req/s (Command: `wrk -t200 -c1000 -d120s --latency http://proxy-server:8081`)
-
-Use fourth to proxy to local iperf3: 8Gbps
-
-## Thanks
-
-- [tokio_kcp](https://github.com/Matrix-Zhang/tokio_kcp)
-
-## License
-
-Fourth is available under terms of Apache-2.0.

README-ZH.md

@@ -0,0 +1,80 @@
+# Fourth
+
+> 这一波在第四层。
+
+[![](https://img.shields.io/crates/v/fourth)](https://crates.io/crates/fourth) [![CI](https://img.shields.io/github/workflow/status/kernelerr/fourth/Rust)](https://github.com/KernelErr/fourth/actions/workflows/rust.yml)
+
+[English](/README-EN.md)
+
+**积极开发中，0.1版本迭代可能较快**
+
+Fourth是一个Rust实现的Layer 4代理，用于监听指定端口TCP/KCP流量，并根据规则转发到指定目标（目前只支持TCP）。
+
+## 功能
+
+- 监听指定端口代理到本地或远端指定端口
+- 监听指定端口，通过TLS ClientHello消息中的SNI进行分流
+- 支持KCP入站（警告：未测试）
+
+## 安装方法
+
+为了确保获得您架构下的最佳性能，请考虑自行编译，首选需要确保您拥有[Rust工具链](https://rustup.rs/)。
+
+```bash
+$ cd fourth
+$ cargo build --release
+```
+
+将在`target/release/fourth`生成二进制文件，您也可以使用`cargo install --path . `来安装二进制文件。
+
+或者您也可以使用Cargo直接安装：
+
+```bash
+$ cargo install fourth
+```
+
+或者您也可以直接从Release中下载二进制文件。
+
+## 配置
+
+Fourth使用yaml格式的配置文件，默认情况下会读取`/etc/fourth/config.yaml`，您也可以设置自定义路径到环境变量`FOURTH_CONFIG`，如下是一个最小有效配置：
+
+```yaml
+version: 1
+log: info
+
+servers:
+  proxy_server:
+    listen:
+      - "127.0.0.1:8081"
+    default: remote
+
+upstream:
+  remote: "tcp://www.remote.example.com:8082" # proxy to remote address
+```
+
+内置两个的upstream：ban（立即中断连接）、echo（返回读到的数据）。更详细的配置可以参考[示例配置](./example-config.yaml)。
+
+注意：[::]会默认同时绑定IPv4和IPv6。
+
+## 性能测试
+
+在4C2G的服务器上测试：
+
+使用Fourth代理到Nginx（直连QPS 120000）: ~70000req/s （测试命令：`wrk -t200 -c1000 -d120s --latency http://proxy-server:8081 `）
+
+使用Fourth代理到本地iperf3：8Gbps
+
+## io_uring?
+
+尽管经过了很多尝试，我们发现目前一些Rust下面的io_uring实现存在问题，我们使用的io_uring库实现尽管在吞吐量上可以做到单线程20Gbps（相比之下Tokio仅有8Gbps），但在QPS上存在性能损失较大的问题。因此在有成熟的io_uring实现之前，我们仍然选择epoll。之后我们会持续关注相关进展。
+
+可能以后会为Linux高内核版本的用户提供可选的io_uring加速。
+
+## 感谢
+
+- [tokio_kcp](https://github.com/Matrix-Zhang/tokio_kcp)
+
+## 协议
+
+Fourth以Apache-2.0协议开源。

README.md

@@ -1,43 +1,41 @@
 # Fourth
 
-> 这一波在第四层。
+> Hey, now we are on level 4!
 
 [![](https://img.shields.io/crates/v/fourth)](https://crates.io/crates/fourth) [![CI](https://img.shields.io/github/workflow/status/kernelerr/fourth/Rust)](https://github.com/KernelErr/fourth/actions/workflows/rust.yml)
 
-[English](/README-EN.md)
+**Under heavy development, version 0.1 may update frequently**
 
-**积极开发中，0.1版本迭代可能较快**
+Fourth is a layer 4 proxy implemented by Rust to listen on specific ports and transfer TCP/KCP data to remote addresses(only TCP) according to configuration.
 
-Fourth是一个Rust实现的Layer 4代理，用于监听指定端口TCP/KCP流量，并根据规则转发到指定目标（目前只支持TCP）。
+## Features
 
-## 功能
+- Listen on specific port and proxy to local or remote port
+- SNI-based rule without terminating TLS connection
+- Allow KCP inbound(warning: untested)
 
-- 监听指定端口代理到本地或远端指定端口
-- 监听指定端口，通过TLS ClientHello消息中的SNI进行分流
-- 支持KCP入站（警告：未测试）
+## Installation
 
-## 安装方法
-
-为了确保获得您架构下的最佳性能，请考虑自行编译，首选需要确保您拥有[Rust工具链](https://rustup.rs/)。
+To gain best performance on your computer's architecture, please consider build the source code. First, you may need [Rust tool chain](https://rustup.rs/).
 
 ```bash
 $ cd fourth
 $ cargo build --release
 ```
 
-将在`target/release/fourth`生成二进制文件，您也可以使用`cargo install --path . `来安装二进制文件。
+Binary file will be generated at `target/release/fourth`, or you can use `cargo install --path .` to install.
 
-或者您也可以使用Cargo直接安装：
+Or you can use Cargo to install Fourth:
 
 ```bash
 $ cargo install fourth
 ```
 
-或者您也可以直接从Release中下载二进制文件。
+Or you can download binary file form the Release page.
 
-## 配置
+## Configuration
 
-Fourth使用yaml格式的配置文件，默认情况下会读取`/etc/fourth/config.yaml`，您也可以设置自定义路径到环境变量`FOURTH_CONFIG`，如下是一个最小有效配置：
+Fourth will read yaml format configuration file from `/etc/fourth/config.yaml`, and you can set custom path to environment variable `FOURTH_CONFIG`, here is an minimal viable example:
 
 ```yaml
 version: 1
@@ -53,28 +51,20 @@ upstream:
   remote: "tcp://www.remote.example.com:8082" # proxy to remote address
 ```
 
-内置两个的upstream：ban（立即中断连接）、echo（返回读到的数据）。更详细的配置可以参考[示例配置](./example-config.yaml)。
+Built-in two upstreams: ban(terminate connection immediately), echo. For detailed configuration, check [this example](./example-config.yaml).
 
-注意：[::]会默认同时绑定IPv4和IPv6。
+## Performance Benchmark
 
-## 性能测试
+Tested on 4C2G server:
 
-在4C2G的服务器上测试：
+Use fourth to proxy to Nginx(QPS of direct connection: ~120000): ~70000 req/s (Command: `wrk -t200 -c1000 -d120s --latency http://proxy-server:8081`)
 
-使用Fourth代理到Nginx（直连QPS 120000）: ~70000req/s （测试命令：`wrk -t200 -c1000 -d120s --latency http://proxy-server:8081 `）
+Use fourth to proxy to local iperf3: 8Gbps
 
-使用Fourth代理到本地iperf3：8Gbps
-
-## io_uring?
-
-尽管经过了很多尝试，我们发现目前一些Rust下面的io_uring实现存在问题，我们使用的io_uring库实现尽管在吞吐量上可以做到单线程20Gbps（相比之下Tokio仅有8Gbps），但在QPS上存在性能损失较大的问题。因此在有成熟的io_uring实现之前，我们仍然选择epoll。之后我们会持续关注相关进展。
-
-可能以后会为Linux高内核版本的用户提供可选的io_uring加速。
-
-## 感谢
+## Thanks
 
 - [tokio_kcp](https://github.com/Matrix-Zhang/tokio_kcp)
 
-## 协议
+## License
 
-Fourth以Apache-2.0协议开源。
+Fourth is available under terms of Apache-2.0.

src/config.rs

@@ -173,6 +173,10 @@ fn load_config(path: &str) -> Result<ParsedConfig, ConfigError> {
                 name: name.to_string(),
                 addr: format!("{}:{}", upstream_host, upsteam_port),
                 protocol: upstream_url.scheme().to_string(),
+                addresses: Addr(Mutex::new(UpstreamAddress::new(format!(
+                    "{}:{}",
+                    upstream_host, upsteam_port
+                )))),
                 ..Default::default()
             }),
         );

src/main.rs

@@ -7,10 +7,10 @@ use crate::servers::Server;
 
 use log::{debug, error};
 use std::env;
+use std::path::Path;
 
 fn main() {
-    let config_path =
-        env::var("FOURTH_CONFIG").unwrap_or_else(|_| "/etc/fourth/config.yaml".to_string());
+    let config_path = find_config();
 
     let config = match Config::new(&config_path) {
         Ok(config) => config,
@@ -27,3 +27,18 @@ fn main() {
     let _ = server.run();
     error!("Server ended with errors");
 }
+
+fn find_config() -> String {
+    let config_path =
+        env::var("FOURTH_CONFIG").unwrap_or_else(|_| "/etc/fourth/config.yaml".to_string());
+
+    if Path::new(&config_path).exists() {
+        return config_path;
+    }
+
+    if Path::new("config.yaml").exists() {
+        return String::from("config.yaml");
+    }
+
+    String::from("")
+}

src/servers/mod.rs

@@ -13,7 +13,6 @@ use protocol::tcp;
 #[derive(Debug)]
 pub(crate) struct Server {
     pub proxies: Vec<Arc<Proxy>>,
-    pub config: ParsedConfig,
 }
 
 #[derive(Debug, Clone)]
@@ -31,7 +30,6 @@ impl Server {
     pub fn new(config: ParsedConfig) -> Self {
         let mut new_server = Server {
             proxies: Vec::new(),
-            config: config.clone(),
         };
 
         for (name, proxy) in config.servers.iter() {

src/servers/protocol/tcp.rs

@@ -72,21 +72,17 @@ async fn accept(inbound: TcpStream, proxy: Arc<Proxy>) -> Result<(), Box<dyn std
                 "No upstream named {:?} on server {:?}",
                 proxy.default_action, proxy.name
             );
-            return process(
-                inbound,
-                proxy.upstream.get(&proxy.default_action).unwrap().clone(),
-            )
-            .await;
+            return process(inbound, proxy.upstream.get(&proxy.default_action).unwrap()).await;
             // ToDo: Remove unwrap and check default option
         }
     };
 
-    return process(inbound, upstream.clone()).await;
+    return process(inbound, &upstream).await;
 }
 
 async fn process(
     mut inbound: TcpStream,
-    upstream: Upstream,
+    upstream: &Upstream,
 ) -> Result<(), Box<dyn std::error::Error>> {
     match upstream {
         Upstream::Ban => {

src/servers/upstream_address.rs

@@ -19,6 +19,13 @@ impl Display for UpstreamAddress {
 }
 
 impl UpstreamAddress {
+    pub fn new(address: String) -> Self {
+        UpstreamAddress {
+            address,
+            ..Default::default()
+        }
+    }
+
     pub fn is_valid(&self) -> bool {
         if let Some(resolved) = self.resolved_time {
             if let Some(ttl) = self.ttl {
@@ -44,20 +51,24 @@ impl UpstreamAddress {
     pub async fn resolve(&mut self, mode: ResolutionMode) -> Result<Vec<SocketAddr>> {
         if self.is_resolved() && self.is_valid() {
             debug!(
-                "Already got address {:?}, still valid for {}",
+                "Already got address {:?}, still valid for {:.3}s",
                 &self.resolved_addresses,
-                self.time_remaining()
+                self.time_remaining().as_seconds_f64()
             );
             return Ok(self.resolved_addresses.clone());
         }
 
-        debug!("Resolving addresses for {}", &self.address);
+        debug!(
+            "Resolving addresses for {} with mode {:?}",
+            &self.address, &mode
+        );
 
         let lookup_result = tokio::net::lookup_host(&self.address).await;
 
-        let resolved_addresses = match lookup_result {
-            Ok(resolved_addresses) => resolved_addresses,
+        let resolved_addresses: Vec<SocketAddr> = match lookup_result {
+            Ok(resolved_addresses) => resolved_addresses.into_iter().collect(),
             Err(e) => {
+                debug!("Failed looking up {}: {}", &self.address, &e);
                 // Protect against DNS flooding. Cache the result for 1 second.
                 self.resolved_time = Some(Instant::now());
                 self.ttl = Some(Duration::seconds(3));
@@ -65,6 +76,8 @@ impl UpstreamAddress {
             }
         };
 
+        debug!("Resolved addresses: {:?}", &resolved_addresses);
+
         let addresses: Vec<SocketAddr> = match mode {
             ResolutionMode::Ipv4 => resolved_addresses
                 .into_iter()
@@ -76,10 +89,13 @@ impl UpstreamAddress {
                 .filter(|a| a.is_ipv6())
                 .collect(),
 
-            _ => resolved_addresses.collect(),
+            _ => resolved_addresses,
         };
 
-        debug!("Got addresses for {}: {:?}", &self.address, &addresses);
+        debug!(
+            "Got {} addresses for {}: {:?}",
+            &mode, &self.address, &addresses
+        );
         debug!(
             "Resolved at {}",
             OffsetDateTime::now_utc()
@@ -113,3 +129,13 @@ impl From<&str> for ResolutionMode {
         }
     }
 }
+
+impl Display for ResolutionMode {
+    fn fmt(&self, f: &mut Formatter<'_>) -> std::fmt::Result {
+        match self {
+            ResolutionMode::Ipv4 => write!(f, "IPv4Only"),
+            ResolutionMode::Ipv6 => write!(f, "IPv6Only"),
+            ResolutionMode::Ipv4AndIpv6 => write!(f, "IPv4 and IPv6"),
+        }
+    }
+}