suhoan/EasyTier
1
0
Fork 0
mirror of https://mirror.suhoan.cn/https://github.com/EasyTier/EasyTier.git synced 2025-12-13 05:07:23 +08:00
Code Issues Packages Projects Releases Wiki Activity
670 Commits 20 Branches 28 Tags
a452c34390e5fc7ddd2719b17b85e7de9e5f3e3b
Commit Graph

670 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Sijie.Sun
8e7a8de5e5 Implement ACL (#1140) 
1. get acl stats
```
./easytier-cli acl stats
AclStats:
  Global:
    CacheHits: 4
    CacheMaxSize: 10000
    CacheSize: 5
    DefaultAllows: 3
    InboundPacketsAllowed: 2
    InboundPacketsTotal: 2
    OutboundPacketsAllowed: 7
    OutboundPacketsTotal: 7
    PacketsAllowed: 9
    PacketsTotal: 9
    RuleMatches: 2
  ConnTrack:
    [src: 10.14.11.1:57444, dst: 10.14.11.2:1000, proto: Tcp, state: New, pkts: 1, bytes: 60, created: 2025-07-24 10:13:39 +08:00, last_seen: 2025-07-24 10:13:39 +08:00]
  Rules:
    [name: 'tcp_whitelist', prio: 1000, action: Allow, enabled: true, proto: Tcp, ports: ["1000"], src_ports: [], src_ips: [], dst_ips: [], stateful: true, rate: 0, burst: 0] [pkts: 2, bytes: 120]

  ```
2. use tcp/udp whitelist to block unexpected traffic.
   `sudo ./easytier-core -d --tcp-whitelist 1000`

3. use complete acl ability with config file:

```
[[acl.acl_v1.chains]]
name = "inbound_whitelist"
chain_type = 1
description = "Auto-generated inbound whitelist from CLI"
enabled = true
default_action = 2

[[acl.acl_v1.chains.rules]]
name = "tcp_whitelist"
description = "Auto-generated TCP whitelist rule"
priority = 1000
enabled = true
protocol = 1
ports = ["1000"]
source_ips = []
destination_ips = []
source_ports = []
action = 1
rate_limit = 0
burst_limit = 0
stateful = true

```
 2025-07-24 22:13:45 +08:00
Sijie.Sun
4f53fccd25 fix bugs (#1138) 
1. avoid dns query hangs the thread
2. avoid deadloop when stun query failed because of no ipv4 addr.
3. make quic input error non-fatal.
4. remove ring tunnel from connection map to avoid mem leak.
5. limit listener retry count.
 2025-07-21 23:18:38 +08:00
Sijie.Sun
876d550f68 reduce memory usage (#1133) 
Large memory usage comes from:

Mimalloc hold large thread cache, causing abort 13M+ usage.
QUIC endpoint occupy 3M when GRO is enabled.
Smoltcp 64 tcp listener use 2MB.
 2025-07-20 19:15:28 +08:00
Sijie.Sun
2660ed5fda try create tun device if not exist (#1131) 2025-07-19 22:56:19 +08:00
Sijie.Sun
50c6f5ae6c add windows firewall for tun interface (#1130) 
allow all icmp/tcp/udp on tun interface.
 2025-07-19 20:38:44 +08:00
Sijie.Sun
85f0091056 fix latency first route of public server (#1129) 2025-07-19 18:16:53 +08:00
Sijie.Sun
e25cd9be37 add disable ipv6 option to gui/web (#1127) 2025-07-19 11:07:57 +08:00
Sijie.Sun
1fb5ca9475 update issue template (#1126) 2025-07-18 23:50:02 +08:00
Sijie.Sun
7f3a9c021c close peer conn if remote addr is from virtual network (#1123) 2025-07-18 03:29:48 +08:00
liusen373
0427b48d75 Allows to modify Easytier's mapped listener at runtime via RPC (#1107) 
* Add proto definition
* Implement and register the corresponding rpc service
* Parse command line parameters and call remote rpc service

---------

Co-authored-by: Sijie.Sun <sunsijie@buaa.edu.cn>
 2025-07-17 20:37:05 +08:00
Jiangqiu Shen
0b729b99e7 add options to generate completions (#1103) 
* add options to generate completions

use clap-complete crate to generate completions scripts: easytier-core --generate fish > ~/.config/fish/completions/easytier-core.fish

---------

Co-authored-by: Sijie.Sun <sunsijie@buaa.edu.cn>
 2025-07-17 20:35:49 +08:00
Sijie.Sun
940238f158 socks5 and port forwarding (#1118) 2025-07-17 10:09:25 +08:00
Sijie.Sun
3f6c7ba1d2 update readme (#1102) 2025-07-10 00:34:34 +08:00
lazebird
0025973453 fix: cannot start gui on linux (#1090) 2025-07-07 22:59:11 +08:00
Rene Leonhardt
c3a217c9d2 chore(ci): update GitHub Actions (#1088) 
* chore(ci): update GitHub Actions
* update gradle-wrapper and revert UPX
* exclude cargo from dependabot and remove empty .gitmodules
 2025-07-07 22:55:30 +08:00
Sijie.Sun
13c2e72871 fix incorrect config check (#1086) 2025-07-06 14:20:49 +08:00
Sijie.Sun
3c65594030 smoltcp use larger tx/rx buf size (#1085) 
* smoltcp use larger tx/rx buf size
* fix direct conn check
 2025-07-06 10:53:01 +08:00
Sijie.Sun
f85b031402 handle close peer conn correctly (#1082) 2025-07-06 09:16:13 +08:00
Sijie.Sun
ac3e994682 contributing.md (#1084) 2025-07-06 00:08:21 +08:00
Sijie.Sun
139f6b3c4c exclude ohos from workspace (#1080) 2025-07-05 18:44:37 +08:00
Sijie.Sun
a4bb555fac use winapi to config ip and route (remove dep on netsh) (#1079) 
On some windows machines can not execut netsh.
Also this avoid black cmd window when using gui.
 2025-07-05 16:50:09 +08:00
DavHau
d0cfc49806 Add support for IPv6 within VPN (#1061) 
* add flake.nix with nix based dev shell
* add support for IPv6
* update thunk

---------

Co-authored-by: sijie.sun <sijie.sun@smartx.com>
 2025-07-04 23:43:30 +08:00
韩嘉乐
01e491ec07 support ohos (#974) 
* support ohos

---------

Co-authored-by: FrankHan <2777926911@qq.com>
 2025-07-02 09:44:45 +08:00
Sijie.Sun
bf021a9ead update gui placeholder text (#1062) 2025-06-27 08:29:44 +08:00
Sijie.Sun
70e69a382e allow set multithread count (#1056) 2025-06-26 02:19:33 +08:00
Sijie.Sun
cd26d9f669 fix mem leak of token bucket (#1055) 2025-06-26 02:19:26 +08:00
Sijie.Sun
4fd0253e99 fix cargo install failure (#1054) 2025-06-25 21:55:44 +08:00
Sijie.Sun
ebab70ca3b add geo info for in web device list (#1052) 2025-06-25 09:03:47 +08:00
Sijie.Sun
ae4a158e36 web improve (#1047) 2025-06-24 09:09:52 +08:00
Mg Pig
760a1e6306 fix rpc_portal_whitelist from config file not working (#1042) 2025-06-23 00:50:41 +08:00
Sijie.Sun
fded8b1de0 limit max conn count in foreign network manager (#1041) 2025-06-22 19:11:27 +08:00
Sijie.Sun
762d5cd392 blacklist the peers which disable p2p in hole-punching client (#1038) 2025-06-22 14:39:24 +08:00
dawn-lc
09ac79b9f3 fix uninstall.cmd (#1036) 2025-06-22 12:06:16 +08:00
dawn-lc
16f6fb0c59 add Windows Service install script 2025-06-21 15:57:55 +08:00
xzzpig
385e790600 simplify Textarea class in ConfigGenerator.vue 2025-06-21 14:56:40 +08:00
liusen373
95e4e5a931 Implement custom fmt::Debug for some prost_build generated structs 
Currently implemented for:
1. common.Ipv4Addr
2. common.Ipv6Addr
3. common.UUID
 2025-06-21 14:56:28 +08:00
sijie.sun
e1bfec6fe2 add api_meta.js to frontend public 2025-06-19 23:40:57 +08:00
sijie.sun
dde7a4dff1 bps limit should throttle kcp packet v2.3.2 2025-06-19 22:53:41 +08:00
Sijie.Sun
40601bd05b add bps limiter (#1015) 
* add token bucket
* remove quinn-proto
 2025-06-19 21:15:04 +08:00
chenxudong2020
72d5ed908e quic uses the bbr congestion control algorithm (#1010) 2025-06-18 23:17:52 +08:00
liusen373
72673a9d52 Add is_hole_punched flag to PeerConn (#1001) 2025-06-18 12:14:57 +08:00
tianxiayu007
327ccdcf38 installing by homebrew should use easytier-gui (#1004) 2025-06-18 11:06:26 +08:00
Sijie.Sun
8c2f96d1aa allow set machine uid with command line (#1009) 2025-06-18 11:02:29 +08:00
Sijie.Sun
34ba0bc95b add keepalive option for quic proxy (#1008) 
avoid connection loss when idle
 2025-06-17 23:39:56 +08:00
Mg Pig
ed162c2e66 Add conversion method from TomlConfigLoader to NetworkConfig to enhance configuration experience (#990) 
* add method to create NetworkConfig from TomlConfigLoader
* allow web export/import toml config file and gui edit toml config
* Extract the configuration file dialog into a separate component and allow direct editing of the configuration file on the web
 2025-06-15 23:41:42 +08:00
Sijie.Sun
40b5fe9a54 support quic proxy (#993) 
QUIC proxy works like kcp proxy, it can proxy TCP streams and transfer data with QUIC.
QUIC has better congestion algorithm (BBR) for network with both high loss rate and high bandwidth. 
QUIC proxy can be enabled by passing `--enable-quic-proxy` to easytier in the client side. The proxy status can be viewed by `easytier-cli proxy`.
 2025-06-15 19:43:45 +08:00
Sijie.Sun
5a98fac395 Update core.yml,use upx4.2.4 (#991) 2025-06-14 23:04:55 +08:00
Sijie.Sun
0bab14cd72 use bulk compress instead of streaming to reduce mem usage (#985) 2025-06-14 14:55:48 +08:00
Mg Pig
b407cfd9d4 Fixed the issue where the GUI would panic after using InstanceManager (#982) 
Co-authored-by: Sijie.Sun <sunsijie@buaa.edu.cn>
 2025-06-14 13:06:53 +08:00
Sijie.Sun
25dcdc652a support mapping subnet proxy (#978) 
- **support mapping subproxy network cidr**
- **add command line option for proxy network mapping**
- **fix Instance leak in tests.
 2025-06-14 11:42:45 +08:00