mirror/Easytier
1
0
Fork 0
mirror of https://github.com/EasyTier/EasyTier.git synced 2026-05-07 10:14:35 +00:00
Code Issues Packages Projects Releases Wiki Activity
619 Commits 15 Branches 33 Tags
ea76114d509f4c43f3847cfb670385caa7ec5c3b
Commit Graph

97 Commits

Author SHA1 Message Date
Sijie.Sun 5b7384fddd disable nat4 hole punch (#1277) 2025-08-22 23:33:21 +08:00
fanyang 35ff9b82fc Support custom STUN servers configuration (#1212) 
* Support custom STUN servers

Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-08-13 10:35:59 +08:00
Sijie.Sun e43537939a clippy all codes (#1214) 
1. clippy code
2. add fmt and clippy check in ci
 2025-08-10 22:56:41 +08:00
CyiceK 0087ac3ffc feat(encrypt): Add XOR and ChaCha20 encryption with low-end device optimization and openssl support. (#1186) 
Add ChaCha20 XOR algorithm, extend AES-GCM-256 capabilities, and integrate OpenSSL support.

---------

Co-authored-by: Sijie.Sun <sunsijie@buaa.edu.cn>
 2025-08-09 18:53:55 +08:00
Sijie.Sun 8ffc2f12e4 optimize the condition of enabling kcp (#1210) 2025-08-09 16:16:09 +08:00
Sijie.Sun 6d14e9e441 fix jemalloc prof feature (#1201) 2025-08-08 17:54:39 +08:00
sijie.sun d0a6c93c2c fix ipv6 packet routing and avoid route looping 
properly handle ipv6 link local address and exit node.
 2025-08-03 18:10:27 +08:00
Sijie.Sun 583c768f40 fix exit code when error occcurs (#1173) 2025-07-30 23:05:22 +08:00
Sijie.Sun 2ec88da823 cli for port forward and tcp whitelist (#1165) 2025-07-29 09:30:47 +08:00
Sijie.Sun 5409c5bbe7 port range should not be converted to single port (#1154) 2025-07-26 14:13:13 +08:00
Sijie.Sun 8e7a8de5e5 Implement ACL (#1140) 
1. get acl stats
```
./easytier-cli acl stats
AclStats:
  Global:
    CacheHits: 4
    CacheMaxSize: 10000
    CacheSize: 5
    DefaultAllows: 3
    InboundPacketsAllowed: 2
    InboundPacketsTotal: 2
    OutboundPacketsAllowed: 7
    OutboundPacketsTotal: 7
    PacketsAllowed: 9
    PacketsTotal: 9
    RuleMatches: 2
  ConnTrack:
    [src: 10.14.11.1:57444, dst: 10.14.11.2:1000, proto: Tcp, state: New, pkts: 1, bytes: 60, created: 2025-07-24 10:13:39 +08:00, last_seen: 2025-07-24 10:13:39 +08:00]
  Rules:
    [name: 'tcp_whitelist', prio: 1000, action: Allow, enabled: true, proto: Tcp, ports: ["1000"], src_ports: [], src_ips: [], dst_ips: [], stateful: true, rate: 0, burst: 0] [pkts: 2, bytes: 120]

  ```
2. use tcp/udp whitelist to block unexpected traffic.
   `sudo ./easytier-core -d --tcp-whitelist 1000`

3. use complete acl ability with config file:

```
[[acl.acl_v1.chains]]
name = "inbound_whitelist"
chain_type = 1
description = "Auto-generated inbound whitelist from CLI"
enabled = true
default_action = 2

[[acl.acl_v1.chains.rules]]
name = "tcp_whitelist"
description = "Auto-generated TCP whitelist rule"
priority = 1000
enabled = true
protocol = 1
ports = ["1000"]
source_ips = []
destination_ips = []
source_ports = []
action = 1
rate_limit = 0
burst_limit = 0
stateful = true

```
 2025-07-24 22:13:45 +08:00
Sijie.Sun 876d550f68 reduce memory usage (#1133) 
Large memory usage comes from:

Mimalloc hold large thread cache, causing abort 13M+ usage.
QUIC endpoint occupy 3M when GRO is enabled.
Smoltcp 64 tcp listener use 2MB.
 2025-07-20 19:15:28 +08:00
Jiangqiu Shen 0b729b99e7 add options to generate completions (#1103) 
* add options to generate completions

use clap-complete crate to generate completions scripts: easytier-core --generate fish > ~/.config/fish/completions/easytier-core.fish

---------

Co-authored-by: Sijie.Sun <sunsijie@buaa.edu.cn>
 2025-07-17 20:35:49 +08:00
Sijie.Sun 13c2e72871 fix incorrect config check (#1086) 2025-07-06 14:20:49 +08:00
Sijie.Sun a4bb555fac use winapi to config ip and route (remove dep on netsh) (#1079) 
On some windows machines can not execut netsh.
Also this avoid black cmd window when using gui.
 2025-07-05 16:50:09 +08:00
DavHau d0cfc49806 Add support for IPv6 within VPN (#1061) 
* add flake.nix with nix based dev shell
* add support for IPv6
* update thunk

---------

Co-authored-by: sijie.sun <sijie.sun@smartx.com>
 2025-07-04 23:43:30 +08:00
Sijie.Sun 70e69a382e allow set multithread count (#1056) 2025-06-26 02:19:33 +08:00
Mg Pig 760a1e6306 fix rpc_portal_whitelist from config file not working (#1042) 2025-06-23 00:50:41 +08:00
Sijie.Sun 40601bd05b add bps limiter (#1015) 
* add token bucket
* remove quinn-proto
 2025-06-19 21:15:04 +08:00
Sijie.Sun 8c2f96d1aa allow set machine uid with command line (#1009) 2025-06-18 11:02:29 +08:00
Sijie.Sun 40b5fe9a54 support quic proxy (#993) 
QUIC proxy works like kcp proxy, it can proxy TCP streams and transfer data with QUIC.
QUIC has better congestion algorithm (BBR) for network with both high loss rate and high bandwidth. 
QUIC proxy can be enabled by passing `--enable-quic-proxy` to easytier in the client side. The proxy status can be viewed by `easytier-cli proxy`.
 2025-06-15 19:43:45 +08:00
Sijie.Sun 25dcdc652a support mapping subnet proxy (#978) 
- **support mapping subproxy network cidr**
- **add command line option for proxy network mapping**
- **fix Instance leak in tests.
 2025-06-14 11:42:45 +08:00
Mg Pig 8ddd153022 easytier-core支持多配置文件 (#964) 
* 将web和gui允许多网络实例逻辑抽离到NetworkInstanceManager中

* easytier-core支持多配置文件

* FFI复用instance manager

* 添加instance manager 单元测试
 2025-06-11 23:17:09 +08:00
Mg Pig 20a6025075 Added RPC portal whitelist function, allowing only local access by default to enhance security (#929) 2025-06-07 22:05:47 +08:00
Sijie.Sun 0314c66635 some improvements (#939) 
1. ospf route conn map should also use version
2. treat nopat as cone
 2025-06-05 22:49:57 +08:00
Sijie.Sun 96fc19b803 fix minor bugs (#936) 
1. update upx to v5.0.1 to avoid mips bug.
2. use latest mimalloc.
3. fix panic in ospf route
4. potential residual conn.
 2025-06-05 11:55:44 +08:00
FuturePrayer b5dfc7374c add private mode (#897) 
---------

Co-authored-by: Sijie.Sun <sunsijie@buaa.edu.cn>
 2025-06-02 06:47:17 +08:00
Sijie.Sun 28fe6257be magic dns (#813) 
This patch implements:

1. A dns server that handles .et.net. zone in local and forward all other queries to system dns server.

2. A dns server instance which is a singleton in one machine, using one specific tcp port to be exclusive with each other. this instance is responsible for config system dns and run the dns server to handle dns queries.

3. A dns client instance that all easytier instance will run one, this instance will try to connect to dns server instance, and update the dns record in the dns server instance.

this pr only implements the system config for windows. linux & mac will do later.
 2025-05-16 09:24:24 +08:00
L-Trump 6a038e8a88 fix default listeners for config file (#777) 2025-04-13 09:38:45 +08:00
L-Trump 44d93648ee config from environment variables; CLI args override config file (#755) 
* feat: configure through os environment variables
* feat: support CLI args overriding config file options
 2025-04-10 18:14:10 +08:00
Sijie.Sun 01e3ad99ca optimize memory issues (#767) 
* optimize memory issues

1. introduce jemalloc support, which can dump current memory usage
2. reduce the GlobalEvent broadcaster memory usage.
3. reduce tcp & udp tunnel memory usage

TODO: if peer conn tunnel hangs, the unbounded channel of peer rpc
may consume lots of memory, which should be improved.

* select a port from 15888+ when port is 0
 2025-04-09 23:05:49 +08:00
m1m1sha f103fc13d9 perf: update default rpc_port value to 15888 in network configuration 2025-04-05 10:17:16 +08:00
Sijie.Sun c142db301a port forward (#736) 
* support tcp port forward
* support udp port forward
* command line option for port forward
 2025-04-01 09:59:53 +08:00
kevin 8dc8c7d9e2 set hostname when connecting to config-server (#712) 2025-03-23 19:53:49 +08:00
Sijie.Sun b46a200f8d connector should set bind addrs correctly (#696) 2025-03-19 10:47:43 +08:00
Sijie.Sun 23f69ce6a4 improve direct connector (#685) 
* support ipv6 stun
* show interface and public ip in cli node info
* direct conn should keep trying unless already direct connected
* peer should use conn with smallest latency
* deprecate ipv6_listener, use -l instead
 2025-03-17 10:46:14 +08:00
sijie.sun 7397abcb94 txt connector should not rely on A record 2025-03-09 21:31:43 +08:00
L-Trump 00d61333d3 allow proxy packets to be forwarded by system kernel 2025-03-08 12:56:49 +08:00
sijie.sun 03b55b61e7 support txt/srv record 2025-03-08 12:56:23 +08:00
sijie.sun 745e44cc87 allow using http connector for config server 2025-03-07 22:17:23 +08:00
sijie.sun eca1231831 fix help msg of kcp 2025-02-06 16:54:49 +08:00
Sijie.Sun 66051967fe fix self peer route info not exist when starting (#595) 2025-02-04 21:35:14 +08:00
Sijie.Sun 55a39491cb feat/kcp (#580) 
* support proxy tcp stream with kcp to improve experience of tcp over udp
* update rust version
* make subnet proxy route metrics lower in windows.
 2025-01-26 00:41:15 +08:00
Sijie.Sun bb0ccca3e5 allow manually specify public address of listeners (#556) 2025-01-10 09:25:14 +08:00
Sijie.Sun d2ec60e108 batch recv for udp proxy (#552) 2025-01-07 23:52:18 +08:00
Sijie.Sun 2f4a097787 fix android (#531) 2024-12-23 19:38:32 -05:00
Sijie.Sun 25ed41caf5 use correct config server url (#519) 2024-12-20 00:21:22 +08:00
Sijie.Sun 4bb72b5606 fix rpc packet route before first route info exchange (#516) 
* fix rpc packet route before first route info exchange
* fix install script
* update config server help
 2024-12-19 09:25:25 +08:00
Sijie.Sun 15ad92aef2 fix no relay not work in local network (#476) 2024-11-16 14:36:17 +08:00
Sijie.Sun 6cdea38284 support compress for rpc and tun data (#473) 
* support compress for rpc and tun data
* add compression layer to easytier-web
 2024-11-16 11:23:18 +08:00