trojan-server 0.5.6

High-performance Trojan protocol server
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

# trojan-server

High-performance Trojan protocol server implementation.

## Overview

This crate contains the complete server runtime:

- **TLS termination** — rustls-based TLS with configurable versions, cipher suites, and mTLS
- **Protocol handling** — TCP proxy (CONNECT) and UDP relay (UDP ASSOCIATE)
- **WebSocket transport** — Optional WebSocket encapsulation for CDN traversal (mixed or split mode)
- **Fallback server** — Non-Trojan traffic is forwarded to a configurable backend, with optional connection warm pool
- **Rate limiting** — Per-IP connection throttling with automatic cleanup
- **TCP tuning** — TCP_NODELAY, Keep-Alive, SO_REUSEPORT, TCP Fast Open
- **Graceful shutdown** — Connection draining on SIGTERM/SIGINT, config reload on SIGHUP (Unix)

## Architecture

```text
Client ──TLS──▶ Acceptor ──▶ Protocol Parser
                    ┌───────────┼───────────┐
                    ▼           ▼           ▼
                TCP Handler  UDP Handler  Fallback
                    │           │           │
                    ▼           ▼           ▼
                 Target      UDP Relay   HTTP Backend
```

## Usage

### As a binary (via main crate)

```bash
trojan server -c config.toml
```

### As a library

```rust
use trojan_server::{run_with_shutdown, CancellationToken};
use trojan_config::Config;

let token = CancellationToken::new();
run_with_shutdown(config, token.clone()).await?;
```

## Features

| Feature | Description |
|---------|-------------|
| `websocket` | WebSocket transport support |
| `analytics` | Connection event tracking |

## License

GPL-3.0-only