gatekeeper/
lib.rs

1//! This crate provides a library for constructing [SOCKS5](ftp://ftp.rfc-editor.org/in-notes/rfc1928.txt) proxy server.
2//!
3//! # Feature
4//! ## Authentication
5//!
6//! Any authentication method is not supported.
7//!
8//! The client connects to the server is required for sending `X'00'` (`NO AUTHENTICATION REQUIRED`) as a method selection message.
9//!
10//! ## Command
11//!
12//! Only `CONNECT` command is supported.
13//! Then, some protocols connecting from server to client are not able to proxy.
14//! And also protocols using UDP is not supported.
15//!
16//! ## Filter Rule
17//!
18//! By default, `gatekeeper` accepts all connection requests.
19//! However, it is possible to filter out some requests along with filtering rules.
20//!
21//!
22//!
23//! # Usage
24//!
25//! This crate is on [crates.io](https://crates.io/crates/gatekeeper), and can be used by adding `gatekeeper` to your dependencies in your project's `Cargo.toml`.
26//!
27//! ```toml
28//! [dependencies]
29//! gatekeeper = "1.0.0"
30//! ```
31//!
32//! You can find an example server implementation [Example Server](#Server).
33//!
34//! ## Server
35//!
36//! Here is a minimum server example.
37//!
38//! ```rust
39//! use std::{time::Duration, thread};
40//! use gatekeeper::*;
41//! let (mut server, tx) = Server::new(ServerConfig::default());
42//! let th = thread::spawn(move || server.serve());
43//! thread::sleep(Duration::from_secs(1));
44//! tx.send(ServerCommand::Terminate).unwrap();
45//! th.join().unwrap();
46//! ```
47//!
48//! ## FilterRule
49//!
50//! It is possible to constructing proxy server with complex filter rules like below:
51//!
52//! ```rust
53//! use std::{time::Duration, thread};
54//! use gatekeeper::*;
55//! use AddressPattern as Pat;
56//! use RulePattern::*;
57//! use regex::Regex;
58//! let mut rule = ConnectRule::none();
59//! // allow local ipv4 network 192.168.0.1/16
60//! rule.allow(
61//!     Specif(Pat::IpAddr { addr: "192.168.0.1".parse().unwrap(), prefix: 16, }),
62//!     Specif(80),
63//!     Any,
64//! );
65//! // allow local ipv4 network 192.168.0.1/16 port 443
66//! rule.allow(
67//!     Specif(Pat::IpAddr { addr: "192.168.0.1".parse().unwrap(), prefix: 16, }),
68//!     Specif(443),
69//!     Any,
70//! );
71//! // allow connecting to actcast.io
72//! rule.allow(
73//!     Specif(Regex::new(r"\A(.+\.)?actcast\.io\z").unwrap().into()),
74//!     Any,
75//!     Specif(L4Protocol::Tcp),
76//! );
77//! // deny facebook.com
78//! rule.allow(
79//!     Specif(Regex::new(r"\A(www\.)?facebook\.com\z").unwrap().into()),
80//!     Any,
81//!     Specif(L4Protocol::Tcp),
82//! );
83//! let mut config = ServerConfig::default();
84//! config.server_port = 1081; // conflict to other example
85//! config.set_connect_rule(rule);
86//! let (mut server, tx) = Server::new(config);
87//! let th = thread::spawn(move || server.serve());
88//! thread::sleep(Duration::from_secs(1));
89//! tx.send(ServerCommand::Terminate).unwrap();
90//! th.join().unwrap();
91//! ```
92
93pub mod acceptor;
94mod auth_service;
95mod byte_stream;
96pub mod config;
97pub mod connector;
98pub mod error;
99pub mod model;
100mod pkt_stream;
101mod raw_message;
102mod relay;
103mod rw_socks_stream;
104pub mod server;
105pub mod server_command;
106mod session;
107mod tcp_listener_ext;
108#[cfg(test)]
109mod test;
110mod thread;
111
112pub use config::*;
113pub use model::model::*;
114pub use server::*;
115pub use server_command::*;