Easytier_lkddi

Author	SHA1	Message	Date
Sijie.Sun	8ffc2f12e4	optimize the condition of enabling kcp (#1210 )	2025-08-09 16:16:09 +08:00
Sijie.Sun	354a4e1d7b	fix acl not work with kcp&quic (#1152 )	2025-07-26 14:38:10 +08:00
Sijie.Sun	8e7a8de5e5	Implement ACL (#1140 ) 1. get acl stats ``` ./easytier-cli acl stats AclStats: Global: CacheHits: 4 CacheMaxSize: 10000 CacheSize: 5 DefaultAllows: 3 InboundPacketsAllowed: 2 InboundPacketsTotal: 2 OutboundPacketsAllowed: 7 OutboundPacketsTotal: 7 PacketsAllowed: 9 PacketsTotal: 9 RuleMatches: 2 ConnTrack: [src: 10.14.11.1:57444, dst: 10.14.11.2:1000, proto: Tcp, state: New, pkts: 1, bytes: 60, created: 2025-07-24 10:13:39 +08:00, last_seen: 2025-07-24 10:13:39 +08:00] Rules: [name: 'tcp_whitelist', prio: 1000, action: Allow, enabled: true, proto: Tcp, ports: ["1000"], src_ports: [], src_ips: [], dst_ips: [], stateful: true, rate: 0, burst: 0] [pkts: 2, bytes: 120] ``` 2. use tcp/udp whitelist to block unexpected traffic. `sudo ./easytier-core -d --tcp-whitelist 1000` 3. use complete acl ability with config file: ``` [[acl.acl_v1.chains]] name = "inbound_whitelist" chain_type = 1 description = "Auto-generated inbound whitelist from CLI" enabled = true default_action = 2 [[acl.acl_v1.chains.rules]] name = "tcp_whitelist" description = "Auto-generated TCP whitelist rule" priority = 1000 enabled = true protocol = 1 ports = ["1000"] source_ips = [] destination_ips = [] source_ports = [] action = 1 rate_limit = 0 burst_limit = 0 stateful = true ```	2025-07-24 22:13:45 +08:00
Sijie.Sun	7f3a9c021c	close peer conn if remote addr is from virtual network (#1123 )	2025-07-18 03:29:48 +08:00
Sijie.Sun	13c2e72871	fix incorrect config check (#1086 )	2025-07-06 14:20:49 +08:00
DavHau	d0cfc49806	Add support for IPv6 within VPN (#1061 ) * add flake.nix with nix based dev shell * add support for IPv6 * update thunk --------- Co-authored-by: sijie.sun <sijie.sun@smartx.com>	2025-07-04 23:43:30 +08:00
Sijie.Sun	40601bd05b	add bps limiter (#1015 ) * add token bucket * remove quinn-proto	2025-06-19 21:15:04 +08:00
Sijie.Sun	40b5fe9a54	support quic proxy (#993 ) QUIC proxy works like kcp proxy, it can proxy TCP streams and transfer data with QUIC. QUIC has better congestion algorithm (BBR) for network with both high loss rate and high bandwidth. QUIC proxy can be enabled by passing `--enable-quic-proxy` to easytier in the client side. The proxy status can be viewed by `easytier-cli proxy`.	2025-06-15 19:43:45 +08:00
Sijie.Sun	25dcdc652a	support mapping subnet proxy (#978 ) - support mapping subproxy network cidr - add command line option for proxy network mapping - **fix Instance leak in tests.	2025-06-14 11:42:45 +08:00
Sijie.Sun	c07d1286ef	internal stun server should use xor mapped addr (#975 )	2025-06-12 08:09:59 +08:00
Sijie.Sun	870353c499	fix ospf route (#970 ) - fix deadlock in ospf route introducd by #958 - use random peer id for foreign network entry, because ospf route algo need peer id change after peer info version reset. this may interfere route propagation and cause node residual - allow multiple nodes broadcast same network ranges for subnet proxy - bump version to v2.3.2	2025-06-11 09:44:03 +08:00
Sijie.Sun	72be46e8fa	allow tcp port forward use kcp (#838 )	2025-05-11 00:48:34 +08:00
Sijie.Sun	01e3ad99ca	optimize memory issues (#767 ) * optimize memory issues 1. introduce jemalloc support, which can dump current memory usage 2. reduce the GlobalEvent broadcaster memory usage. 3. reduce tcp & udp tunnel memory usage TODO: if peer conn tunnel hangs, the unbounded channel of peer rpc may consume lots of memory, which should be improved. * select a port from 15888+ when port is 0	2025-04-09 23:05:49 +08:00
Sijie.Sun	c142db301a	port forward (#736 ) * support tcp port forward * support udp port forward * command line option for port forward	2025-04-01 09:59:53 +08:00
sijie.sun	bb17ffa9fc	fix wireguard not respond after idle for 120s	2025-03-15 00:16:12 +08:00
sijie.sun	dd5b00faf4	bump version to v2.2.2	2025-02-10 08:47:18 +08:00
Sijie.Sun	8b89a037e8	fix tcp incoming failure when kcp proxy is enabled (#601 )	2025-02-06 09:08:34 +08:00
Sijie.Sun	66051967fe	fix self peer route info not exist when starting (#595 )	2025-02-04 21:35:14 +08:00
Sijie.Sun	a63778854f	use netlink instead of shell cmd to config ip (#593 )	2025-02-03 15:13:50 +08:00
Sijie.Sun	08546925cc	fix tests (#588 ) fix proxy_three_node_disconnect_test and hole_punching_symmetric_only_random	2025-01-27 15:17:47 +08:00
Sijie.Sun	2a5d5ea4df	make kcp proxy compitible with old version (#585 ) * fix kcp not work with smoltcp * check if dst kcp input is enabled	2025-01-26 16:22:10 +08:00
Sijie.Sun	b69b122c8d	add options to gui to enable kcp (#583 ) * add test to kcp * add options to gui to enable kcp	2025-01-26 13:31:20 +08:00
Sijie.Sun	6cdea38284	support compress for rpc and tun data (#473 ) * support compress for rpc and tun data * add compression layer to easytier-web	2024-11-16 11:23:18 +08:00
Sijie.Sun	0bf42c53cc	Feat/web (PatchSet 1) (#436 ) * move rpc-build out of easytier dir and make it a independant project * easytier core use launcher * fix flags not print on launch * allow launcher not fetch node info * abstract out peer rpc impl * fix arm gui ci. see https://github.com/actions/runner-images/pull/10807 * add easytier-web crate * fix manual_connector test case	2024-10-19 18:10:02 +08:00
Sijie.Sun	2134bc9139	fix icmp/udp subnet proxy not work with public server relay (#431 )	2024-10-17 00:22:42 +08:00
Sijie.Sun	7ab8cad1af	allow use ipv4 address in any cidr (#404 )	2024-10-10 10:28:48 +08:00
sijie.sun	aca9a0e35b	use ospf route to propogate foreign network info	2024-09-22 22:12:18 +08:00
sijie.sun	06afd221d5	make ping more smart	2024-09-21 18:00:52 +08:00
Sijie.Sun	1b03223537	use customized rpc implementation, remove Tarpc & Tonic (#348 ) This patch removes Tarpc & Tonic GRPC and implements a customized rpc framework, which can be used by peer rpc and cli interface. web config server can also use this rpc framework. moreover, rewrite the public server logic, use ospf route to implement public server based networking. this make public server mesh possible.	2024-09-18 21:55:28 +08:00
Sijie.Sun	54c6418f97	only add necessary conn to alive urls (#277 ) too many alive conns may cause high cpu usage and lagged broadcast recv.	2024-08-25 11:12:01 +08:00
sijie.sun	ad4cbbea6d	fix socks5 access local virtual ip	2024-08-17 23:52:05 +08:00
sijie.sun	db660ee3b1	add test for socks5 server	2024-08-17 21:39:19 +08:00
Sijie.Sun	34f832bbad	make tun dependency optional (#142 ) * remove log crates * remove udp/raw of smoltcp * make tun as optional dependancy, compile for freebsd works	2024-06-11 09:09:32 +08:00
Sijie.Sun	8aa57ebc22	support no tun mode (#141 )	2024-06-10 10:27:24 +08:00
Sijie.Sun	fede35cca4	correctly handle ip fragment for udp/icmp proxy (#137 ) icmp/udp proxy do not rely on kernel net stack, but currently not handle ip fragmentation correctly. this patch add ip resembler to merge fragmented ip packet for udp/icmp proxy	2024-06-09 22:59:50 +08:00
Sijie.Sun	f9e6264f31	fix upx and udp conn counter (#131 ) * fix upx in workflow * fix udp conn counter	2024-06-04 18:50:30 +08:00
m1m1sha	0ead308392	Feat/pseudo dhcp (#109 ) * ✨ feat: pseudo dhcp	2024-05-17 23:16:56 +08:00
sijie.sun	fc4e3782bd	tune command line args	2024-05-13 22:13:31 +08:00
sijie.sun	1b1d76de99	introduce websocket tunnel	2024-05-11 23:29:55 +08:00
sijie.sun	873851e6d0	mips	2024-05-03 17:09:46 +08:00
sijie.sun	d8033a77b9	support use ipv6	2024-04-28 22:24:24 +08:00
Sijie.Sun	fcc73159b3	support encryption (#60 )	2024-04-27 13:44:59 +08:00
Sijie.Sun	57c9f11371	adapt tun device to zerocopy (#57 )	2024-04-25 23:25:37 +08:00
Sijie.Sun	3467890270	zero copy tunnel (#55 ) make tunnel zero copy, for better performance. remove most of the locks in io path. introduce quic tunnel prepare for encryption	2024-04-24 23:12:46 +08:00
Sijie.Sun	4eb7efe5fc	use workspace, prepare for config server and gui (#48 )	2024-04-04 10:33:53 +08:00

45 Commits