005b321f62
allow open rpc port in gui normal mode ( #1795 )
...
* allow open rpc port for gui normal mode
* downgrade dev tool console
2026-01-16 11:12:32 +08:00
53264f67bf
fix peer establish direct conn with subnet proxy to one of local interface ( #1782 )
...
* fix peer establish direct conn with subnet proxy to one of local interface
* fix peer mgr ref loop
2026-01-15 01:00:32 +08:00
bd8f01fb26
Add Nushell completion script generation support ( #1756 )
...
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com >
2026-01-11 18:41:02 +08:00
39b056c87a
bump version to v2.5.0 ( #1715 )
2025-12-28 23:19:30 +08:00
ca9b4c58b1
fix windivert cause stack overflow ( #1711 )
2025-12-27 19:31:42 +08:00
28cd6da502
Add fake tcp tunnel (experimental) ( #1673 )
...
support faketcp to avoid tcp-over-tcp problem.
linux/macos/windows are supported.
better to be used in internet env, the maximum
performance is majorly limited by windivert/raw socket.
2025-12-25 00:10:32 +08:00
838b6101b9
Make ospf route more effiencient ( #1512 )
...
Avoid iterate all peer info and conn list when building sync request.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com >
2025-12-08 13:14:47 +08:00
2a656d6a0c
fix(core): Fix sleep-wake reconnect by resetting alive_conn_urls ( #1593 )
...
Co-authored-by: sijie.sun <sijie.sun@smartx.com >
2025-12-05 14:31:08 +08:00
53f279f5ff
feat(core): Support environment variable parsing in config files ( #1640 )
2025-12-02 17:54:31 +08:00
1f2517c731
feat(gui): add service and remote mode support ( #1578 )
...
This PR fundamentally restructures the EasyTier GUI, introducing support for service mode and remote mode, transforming it from a simple desktop application into a powerful network management terminal. This change allows users to persistently run the EasyTier core as a background service or remotely manage multiple EasyTier instances, greatly improving deployment flexibility and manageability.
2025-11-25 13:59:27 +08:00
b50744690e
easytier-web and uptime use mimalloc as allocator ( #1559 )
2025-11-08 11:07:33 +08:00
eba9504fc2
refactor(gui): refactor gui to use RemoteClient trait and RemoteManagement component ( #1489 )
...
* refactor(gui): refactor gui to use RemoteClient trait and RemoteManagement component
* feat(gui): Add network config saving and refactor RemoteManagement
2025-10-20 22:07:01 +08:00
3ffa6214ca
fix subnet proxy deadloop ( #1492 )
...
* use LPM to determine subnet proxy dst.
* never allow subnet proxy traffic sending to self.
2025-10-19 15:46:51 +08:00
f10b45a67c
[easytier-uptime] support tag in node list ( #1487 )
2025-10-18 23:19:53 +08:00
cc8f35787e
release dashmap memory ( #1485 )
2025-10-18 12:48:04 +08:00
70dddeace3
Fix support for Chinese domain names ( #1462 )
2025-10-15 21:00:05 +08:00
c0d2045e52
bump version to v2.4.5
2025-09-26 00:48:10 +08:00
1a1be8138a
bump version to v2.4.4 ( #1386 )
2025-09-18 19:49:10 +08:00
e06e8a9e8a
allow enable log with cli, limit log size ( #1384 )
...
* impl logger rpc
* use size based appender
* add log args
2025-09-18 16:35:12 +08:00
5c90431876
fix smoltcp attempt to subtract sequence numbers with underflow ( #1360 )
2025-09-13 15:03:04 +08:00
b750faa66f
add android jni ( #1340 )
2025-09-06 13:49:42 +08:00
719a1fe7cf
bump version to 2.4.3 ( #1296 )
2025-08-26 12:22:08 +08:00
5b7384fddd
disable nat4 hole punch ( #1277 )
2025-08-22 23:33:21 +08:00
08a92a53c3
feat(acl): add group-based ACL rules and related structures ( #1265 )
...
* feat(acl): add group-based ACL rules and related structures
* refactor(acl): optimize group handling with Arc and improve cache management
* refactor(acl): clippy
* feat(tests): add performance tests for generate_with_proof and verify methods
* feat: update group_trust_map to use HashMap for more secure group proofs
* refactor: refactor the logic of the trusted group getting and setting
* feat(acl): support kcp/quic use group acl
* feat(proxy): optimize group retrieval by IP in Kcp and Quic proxy handlers
* feat(tests): add group-based ACL tree node test
* always allow quic proxy traffic
---------
Co-authored-by: Sijie.Sun <sunsijie@buaa.edu.cn >
Co-authored-by: sijie.sun <sijie.sun@smartx.com >
2025-08-22 22:25:00 +08:00
df7eb47593
Support tokio-console ( #1259 )
2025-08-21 11:41:42 +08:00
e6ec7f405c
introduce uptime monitor for easytier public nodes ( #1250 )
2025-08-20 22:59:44 +08:00
1eec27b5ff
bump version to 2.4.2 ( #1218 )
2025-08-11 09:03:13 +08:00
0087ac3ffc
feat(encrypt): Add XOR and ChaCha20 encryption with low-end device optimization and openssl support. ( #1186 )
...
Add ChaCha20 XOR algorithm, extend AES-GCM-256 capabilities, and integrate OpenSSL support.
---------
Co-authored-by: Sijie.Sun <sunsijie@buaa.edu.cn >
2025-08-09 18:53:55 +08:00
d0a6c93c2c
fix ipv6 packet routing and avoid route looping
...
properly handle ipv6 link local address and exit node.
2025-08-03 18:10:27 +08:00
43b9e6e6e9
fix macos elevate ( #1177 )
2025-08-01 09:36:10 +08:00
b1b2421561
fix: compiling with socket2::Type::RAW not found on macOS #1168 ( #1169 )
2025-07-30 00:33:38 +08:00
1f6a715939
releases/v2.4.0 ( #1145 )
...
* bump version to v2.4.0
* update tauri.
* allow try direct connect to public server
2025-07-25 00:16:15 +08:00
8e7a8de5e5
Implement ACL ( #1140 )
...
1. get acl stats
```
./easytier-cli acl stats
AclStats:
Global:
CacheHits: 4
CacheMaxSize: 10000
CacheSize: 5
DefaultAllows: 3
InboundPacketsAllowed: 2
InboundPacketsTotal: 2
OutboundPacketsAllowed: 7
OutboundPacketsTotal: 7
PacketsAllowed: 9
PacketsTotal: 9
RuleMatches: 2
ConnTrack:
[src: 10.14.11.1:57444, dst: 10.14.11.2:1000, proto: Tcp, state: New, pkts: 1, bytes: 60, created: 2025-07-24 10:13:39 +08:00, last_seen: 2025-07-24 10:13:39 +08:00]
Rules:
[name: 'tcp_whitelist', prio: 1000, action: Allow, enabled: true, proto: Tcp, ports: ["1000"], src_ports: [], src_ips: [], dst_ips: [], stateful: true, rate: 0, burst: 0] [pkts: 2, bytes: 120]
```
2. use tcp/udp whitelist to block unexpected traffic.
`sudo ./easytier-core -d --tcp-whitelist 1000`
3. use complete acl ability with config file:
```
[[acl.acl_v1.chains]]
name = "inbound_whitelist"
chain_type = 1
description = "Auto-generated inbound whitelist from CLI"
enabled = true
default_action = 2
[[acl.acl_v1.chains.rules]]
name = "tcp_whitelist"
description = "Auto-generated TCP whitelist rule"
priority = 1000
enabled = true
protocol = 1
ports = ["1000"]
source_ips = []
destination_ips = []
source_ports = []
action = 1
rate_limit = 0
burst_limit = 0
stateful = true
```
2025-07-24 22:13:45 +08:00
4f53fccd25
fix bugs ( #1138 )
...
1. avoid dns query hangs the thread
2. avoid deadloop when stun query failed because of no ipv4 addr.
3. make quic input error non-fatal.
4. remove ring tunnel from connection map to avoid mem leak.
5. limit listener retry count.
2025-07-21 23:18:38 +08:00
876d550f68
reduce memory usage ( #1133 )
...
Large memory usage comes from:
Mimalloc hold large thread cache, causing abort 13M+ usage.
QUIC endpoint occupy 3M when GRO is enabled.
Smoltcp 64 tcp listener use 2MB.
2025-07-20 19:15:28 +08:00
0b729b99e7
add options to generate completions ( #1103 )
...
* add options to generate completions
use clap-complete crate to generate completions scripts: easytier-core --generate fish > ~/.config/fish/completions/easytier-core.fish
---------
Co-authored-by: Sijie.Sun <sunsijie@buaa.edu.cn >
2025-07-17 20:35:49 +08:00
0025973453
fix: cannot start gui on linux ( #1090 )
2025-07-07 22:59:11 +08:00
139f6b3c4c
exclude ohos from workspace ( #1080 )
2025-07-05 18:44:37 +08:00
a4bb555fac
use winapi to config ip and route (remove dep on netsh) ( #1079 )
...
On some windows machines can not execut netsh.
Also this avoid black cmd window when using gui.
2025-07-05 16:50:09 +08:00
d0cfc49806
Add support for IPv6 within VPN ( #1061 )
...
* add flake.nix with nix based dev shell
* add support for IPv6
* update thunk
---------
Co-authored-by: sijie.sun <sijie.sun@smartx.com >
2025-07-04 23:43:30 +08:00
01e491ec07
support ohos ( #974 )
...
* support ohos
---------
Co-authored-by: FrankHan <2777926911@qq.com >
2025-07-02 09:44:45 +08:00
4fd0253e99
fix cargo install failure ( #1054 )
2025-06-25 21:55:44 +08:00
ebab70ca3b
add geo info for in web device list ( #1052 )
2025-06-25 09:03:47 +08:00
40601bd05b
add bps limiter ( #1015 )
...
* add token bucket
* remove quinn-proto
2025-06-19 21:15:04 +08:00
72d5ed908e
quic uses the bbr congestion control algorithm ( #1010 )
2025-06-18 23:17:52 +08:00
40b5fe9a54
support quic proxy ( #993 )
...
QUIC proxy works like kcp proxy, it can proxy TCP streams and transfer data with QUIC.
QUIC has better congestion algorithm (BBR) for network with both high loss rate and high bandwidth.
QUIC proxy can be enabled by passing `--enable-quic-proxy` to easytier in the client side. The proxy status can be viewed by `easytier-cli proxy`.
2025-06-15 19:43:45 +08:00
25dcdc652a
support mapping subnet proxy ( #978 )
...
- **support mapping subproxy network cidr**
- **add command line option for proxy network mapping**
- **fix Instance leak in tests.
2025-06-14 11:42:45 +08:00
8ddd153022
easytier-core支持多配置文件 ( #964 )
...
* 将web和gui允许多网络实例逻辑抽离到NetworkInstanceManager中
* easytier-core支持多配置文件
* FFI复用instance manager
* 添加instance manager 单元测试
2025-06-11 23:17:09 +08:00
870353c499
fix ospf route ( #970 )
...
- **fix deadlock in ospf route introducd by #958 **
- **use random peer id for foreign network entry, because ospf route algo need peer id change after peer info version reset. this may interfere route propagation and cause node residual**
- **allow multiple nodes broadcast same network ranges for subnet proxy**
- **bump version to v2.3.2**
2025-06-11 09:44:03 +08:00
a6773aa549
zstd should reuse ctx to avoid huge mmap cost ( #941 )
2025-06-06 08:59:06 +08:00
KKRainbow