0.3.0 • Published 1 year ago
tcpfwd-maxconc-pmb v0.3.0
tcpfwd-maxconc-pmb
Transparently proxy TCP connections ('forward' their data), with a limit on the total number of concurrent connections (maxconn, maxsockets). Might help guard your proxy from overly aggressive programs.
Usage
$ echo $https_proxy
http://hostname.currently.ignored:3128/
$ nodejs -r tcpfwd-maxconc-pmb -e 0 -- max_conc=5
17:12:16 Gonna listen on TCP localhost:3129 --{maxConc=5}--> localhost:3128
17:12:16 Listening. 127.0.0.1:3129 --{maxConc=5}--> localhost:3128Options
Options can be given via
- CLI with dashes, e.g.
--max-conc=5 - CLI with underscores, e.g.
max_conc=5 - all-uppercase environment variables, e.g.
MAX_CONC=5 - additional undocumented methods that you shouldn't rely on.
Available options:
max_conc(typo fallback:max_conn): Up to how many connections the target shall be bothered with at the same time.tgt_hostortgt_addr: Where to connect (target).- Currently defaults to
localhost, but might change to an attempt at guessing your HTTP(S) proxy hostname. - Can also be a unix domain socket path.
- Currently defaults to
tgt_port: In case the target looks like TCP, this is the port. If empty or zero, tries to guess your HTTP(S) proxy's port and use that.lsn_addr: Liketgt_addrbut for where the proxy itself shall listen.- Can be anything supported by net-smartlisten-pmb,
e.g. a unix domain socket path or
systemd:.
- Can be anything supported by net-smartlisten-pmb,
e.g. a unix domain socket path or
lsn_port: In caselsn_addrlooks like TCP, this is the port. If empty or zero, a port is chosen based ontgt_portand some offset to ensure its above 1024.debuglevelorloglv: Verbosity level as a number. Default: 0. You'll need negative numbers to make the proxy quiet.idle_quit: Close the server after this many minutes(!) without activity.- BUG: Not yet reliable at time of this writing,
but I hope newer versions of
autoquitwill support it.
- BUG: Not yet reliable at time of this writing,
but I hope newer versions of
tgt_idle: If set to a positive number, target connections are reclaimed aftertgt_idleseconds without data transfer. Default: 0 = Target is allowed to idle forever.peek_data: Once a connection is forwarded, dump up to this many bytes from each participant's initial message chunk. This can be useful to debug what's being requested from an upstream proxy. Default: 0 = Don't dump traffic.
Recommended options
- To guard your proxy from
npm bug 18903:
max_conc=25 tgt_idle=5 - If you're going to use
xinetd socket activation
you'll need
lsn_addr=fd:0
Known issues
- Needs more/better tests and docs.
License
ISC