jjkiers/layer4-proxy
1
0
Fork 0
Code Issues 3 Pull Requests Packages Projects Releases 5 Activity
68 Commits 1 Branch 11 Tags 314 KiB
Rust 100%
b7ec67ed07
Go to file
Jacob Kiers b7ec67ed07 Fix SNI header parsing 
When a listener is configured to deal with TLS upstreams, we use the SNI
field of the TLS ClientHello message to decide where to send the traffic.

Therefore, a buffer of 1024 bytes was used to temporarily store this
message. However, a TLS ClientHello message can be larger than that, up
to 16K bytes.

So now the first few bytes are read and manually parsed to find out how
long the message is. And then the entire ClientHello message is
retrieved.

So hopefully that will fix the issue causing the ClientHello
determination to fail.

Closes #10

Signed-off-by: Jacob Kiers <code@kiers.eu>
2025-01-09 20:56:51 +01:00
.cargo Add build instructions 2023-08-23 19:29:29 +02:00
src Fix SNI header parsing 2025-01-09 20:56:51 +01:00
tests Remove kcp support 2024-02-23 22:49:43 +01:00
.drone.jsonnet Upgrade toolchain to rust 1.79.0 2024-06-22 15:44:13 +02:00
.gitignore Update .gitignore 2024-06-22 11:49:12 +02:00
Cargo.lock Update dependencies to latest version 2025-01-09 20:21:34 +01:00
Cargo.toml Update dependencies to latest version 2025-01-09 20:21:34 +01:00
CHANGELOG.md Fix SNI header parsing 2025-01-09 20:56:51 +01:00
config.yaml.example Rename to l4p, update references and README.md 2024-02-23 22:03:25 +01:00
example-config.yaml Remove kcp support 2024-02-23 22:49:43 +01:00
l4p.service Rename to l4p, update references and README.md 2024-02-23 22:03:25 +01:00
LICENSE First commit 2021-10-21 16:43:59 +08:00
README.md Correct attribution to fourth 2024-06-19 21:59:19 +02:00

README.md

l4p

Hey, now we are on level 4!

CI

l4p is a layer 4 proxy implemented by Rust to listen on specific ports and transfer TCP data to remote addresses (only TCP) according to the configuration.

Features

  • Listen on specific port and proxy to local or remote port
  • SNI-based rule without terminating TLS connection
  • DNS-based backend with periodic resolution

Installation

To gain best performance on your computer's architecture, please consider build the source code. First, you may need Rust tool chain.

$ cd l4p
$ cargo build --release

Binary file will be generated at target/release/l4p, or you can use cargo install --path . to install.

Or you can use Cargo to install l4p:

$ cargo install l4p

Or you can download binary file form the Release page.

Configuration

l4p will read yaml format configuration file from /etc/l4p/l4p.yaml, and you can set custom path to environment variable L4P_CONFIG, here is an minimal viable example:

version: 1
log: info

servers:
  proxy_server:
    listen:
      - "127.0.0.1:8081"
    default: remote

upstream:
  remote: "tcp://www.remote.example.com:8082" # proxy to remote address

There are two upstreams built in:

  • Ban, which terminates the connection immediately
  • Echo, which reflects back with the input

For detailed configuration, check this example.

Thanks

  • fourth, of which this is a heavily modified fork.

License

l4p is available under terms of Apache-2.0.