vrr/g3
2
0
Fork 0
mirror of https://github.com/bytedance/g3.git synced 2026-05-01 21:20:40 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
g3/g3proxy
History
Zhang Jingqiang 570d58dadd g3proxy: rename .conf example conf to .yml
2023-08-21 14:43:26 +08:00
..
ci initial commit 2023-03-09 17:55:45 +08:00
debian g3proxy version 1.7.21 2023-08-04 15:15:41 +08:00
doc g3proxy: support json egress path in route_select escaper 2023-08-21 11:14:38 +08:00
examples g3proxy: rename .conf example conf to .yml 2023-08-21 14:43:26 +08:00
proto g3proxy: allow to publish dynamic users 2023-08-18 15:02:26 +08:00
service initial commit 2023-03-09 17:55:45 +08:00
src g3proxy: add detailed error msg to EscaperNotUsable 2023-08-21 11:57:48 +08:00
utils g3proxy-ctl: add subcommand alias 2023-08-18 15:43:16 +08:00
build.rs g3proxy: remove the use of curl 2023-04-04 10:56:01 +08:00
Cargo.toml g3proxy: allow to use json value to control user egress path 2023-08-17 19:30:33 +08:00
CHANGELOG g3proxy version 1.7.21 2023-08-04 15:15:41 +08:00
g3proxy.spec g3proxy version 1.7.21 2023-08-04 15:15:41 +08:00
README.md support json egress path selection in *float escaper 2023-08-18 11:55:03 +08:00
UserGuide.zh_CN.md update doc 2023-08-18 18:50:11 +08:00

README.md

g3proxy

The g3proxy is an enterprise level forward proxy, but still with basic support for tcp streaming / tls streaming / transparent proxy / reverse proxy.

User Guide

中文版

Features

Server

  • General

    • Ingress network filter / Target Host filter / Target Port filter
    • Socket Speed Limit / Request Rate Limit / IDLE Check
    • Protocol Inspection / TLS Interception / ICAP Adaptation (experimental)
    • Various TCP / UDP socket config options
    • 国密《GB/T 38636-2020》TLCP client (require branch feat/tlcp-tongsuo)

  • Forward Proxy

    • Http(s) Proxy

      • TLS / mTLS
      • Http Forward / Https Forward / Http CONNECT / Ftp over HTTP
      • Basic User Authentication
      • Port Hiding

    • Socks Proxy

      • Socks4 Tcp Connect / Socks5 Tcp Connect / Socks5 UDP Associate
      • User Authentication
      • Client side UDP IP Binding / IP Map / Ranged Port

  • Transparent Proxy

    • SNI Proxy

      • Multiple Protocol: TLS SNI extension / HTTP Host Header
      • Host Redirection / Host ACL

  • Reverse Proxy

    • Http(s) Reverse Proxy

      • TLS / mTLS
      • Basic User Authentication
      • Port Hiding
      • Host based Routing

  • Streaming

    • TCP Stream

      • Upstream TLS / mTLS
      • Load Balance: RR / Random / Rendezvous / Jump Hash

    • TLS Stream

      • mTLS
      • Upstream TLS / mTLS
      • Load Balance: RR / Random / Rendezvous / Jump Hash

  • Alias Port

    • TCP Port
      • PROXY Protocol v2
    • TLS Port
      • PROXY Protocol v2
      • mTLS
    • Intelli Proxy
      • Multiple protocol: Http Proxy / Socks Proxy

Escaper

  • General

    • Happy Eyeballs
    • Socket Speed Limit
    • Various TCP / UDP socket config options
    • IP Bind

  • Direct Connect

    • Fixed

      • TCP Connect / TLS Connect / HTTP(s) Forward / UDP Associate
      • Egress network filter
      • Resolve redirection
      • Index based Egress Path Selection

    • Float

      • TCP Connect / TLS Connect / HTTP(s) Forward / UDP Associate
      • Egress network filter
      • Resolve redirection
      • Dynamic IP Bind
      • Json based Egress Path Selection

  • Proxy Chaining

    • Http Proxy

      • TCP Connect / TLS Connect / HTTP(s) Forward
      • PROXY Protocol
      • Load Balance: RR / Random / Rendezvous / Jump Hash
      • Basic User Authentication

    • Https Proxy

      • TCP Connect / TLS Connect / HTTP(s) Forward
      • PROXY Protocol
      • Load Balance: RR / Random / Rendezvous / Jump Hash
      • Basic User Authentication
      • mTLS

    • Socks5 Proxy

      • TCP Connect / TLS Connect / HTTP(s) Forward / UDP Associate
      • Load Balance: RR / Random / Rendezvous / Jump Hash
      • Basic User Authentication

    • Float

      • Dynamic Proxy: Http Proxy / Https Proxy / Socks5 Proxy
      • Json based Egress Path Selection

Router

  • route-client - based on client addresses
    • exact ip match
    • subnet match
  • route-mapping - based on user supplied rules in requests
    • Index based Egress Path Selection
  • route-query - based on queries to external agent
  • route-resolved - based on resolved IP of target host
  • route-select - simple load balancer
    • RR / Random / Rendezvous / Jump Hash
  • route-upstream - based on original target host
    • exact ip match
    • exact domain match
    • wildcard domain match
    • subnet match
    • regex domain match
  • route-failover - failover between primary and standby escaper

Resolver

  • c-ares
    • UDP
    • TCP
  • trust-dns
    • UDP / TCP
    • DNS over TLS
    • DNS over HTTPS
    • DNS over QUIC
  • fail-over

Auth

  • User Authentication and Authorization

    • ACL: Proxy Request / Target Host / Target Port / User Agent
    • Socket Speed Limit / Request Rate Limit / Request Alive Limit / IDLE Check
    • Auto Expire / Block
    • Anonymous user
    • Json based Egress Path Selection
    • Explicit Site Config
      • match by exact ip / exact domain / wildcard domain / subnet

Audit

  • TCP Protocol Inspection
  • TLS Interception
  • Http / H2 Interception
  • ICAP Adaptation & Sampling

Logging

  • Log Types
    • Server: task log
    • Escaper: escape error log
    • Resolver: resolve error log
    • Audit: inspect & intercept log
  • Backend: journald / syslog / fluentd

Metrics

  • Metrics Types
    • Server level metrics
    • Escaper level metrics
    • User level metrics
    • User-Site level metrics
  • Protocol: StatsD

Documents

The detailed docs are resided in the doc directory.

Examples

You can find example config in the examples directory.