* refactor: update global context STUN server initialization
Modified global context initialization to use a single StunInfoCollector
instance with properly configured IPv4 and IPv6 servers instead of
creating separate instances.
feat: add IPv6 STUN server configuration support
Added interface methods and config struct fields to support both IPv4
and IPv6 STUN server configuration. Modified getter and setter methods
to handle Option<Vec<String>> type for both server types.
feat: enhance StunInfoCollector with IPv6 support
Updated StunInfoCollector to support both IPv4 and IPv6 STUN servers.
Added new constructor that accepts both server types and methods to set
them independently.
feat: add CLI argument for IPv6 STUN servers
Added command line argument support for configuring IPv6 STUN servers.
Updated configuration setup to handle both IPv4 and IPv6 STUN server
settings.
docs: add localization for STUN server configuration
Added English and Chinese localization strings for the new STUN server
configuration options, including both IPv4 and IPv6 variants.
* feat(acl): add group-based ACL rules and related structures
* refactor(acl): optimize group handling with Arc and improve cache management
* refactor(acl): clippy
* feat(tests): add performance tests for generate_with_proof and verify methods
* feat: update group_trust_map to use HashMap for more secure group proofs
* refactor: refactor the logic of the trusted group getting and setting
* feat(acl): support kcp/quic use group acl
* feat(proxy): optimize group retrieval by IP in Kcp and Quic proxy handlers
* feat(tests): add group-based ACL tree node test
* always allow quic proxy traffic
---------
Co-authored-by: Sijie.Sun <sunsijie@buaa.edu.cn>
Co-authored-by: sijie.sun <sijie.sun@smartx.com>
QUIC proxy works like kcp proxy, it can proxy TCP streams and transfer data with QUIC.
QUIC has better congestion algorithm (BBR) for network with both high loss rate and high bandwidth.
QUIC proxy can be enabled by passing `--enable-quic-proxy` to easytier in the client side. The proxy status can be viewed by `easytier-cli proxy`.
Some devices have ipv6 but don't allow input connection, this patch add hole punching for these devices.
- **add v6 hole punch msg to udp tunnel**
- **send hole punch packet when do ipv6 direct connect**
1. dns resolver should be global unique so dns cache can work. avoid dns query influence hole punching.
2. when system dns failed, fallback to hickory dns.
This patch implements:
1. A dns server that handles .et.net. zone in local and forward all other queries to system dns server.
2. A dns server instance which is a singleton in one machine, using one specific tcp port to be exclusive with each other. this instance is responsible for config system dns and run the dns server to handle dns queries.
3. A dns client instance that all easytier instance will run one, this instance will try to connect to dns server instance, and update the dns record in the dns server instance.
this pr only implements the system config for windows. linux & mac will do later.
* optimize memory issues
1. introduce jemalloc support, which can dump current memory usage
2. reduce the GlobalEvent broadcaster memory usage.
3. reduce tcp & udp tunnel memory usage
TODO: if peer conn tunnel hangs, the unbounded channel of peer rpc
may consume lots of memory, which should be improved.
* select a port from 15888+ when port is 0
* support ipv6 stun
* show interface and public ip in cli node info
* direct conn should keep trying unless already direct connected
* peer should use conn with smallest latency
* deprecate ipv6_listener, use -l instead
Sijie.Sun