package main
import (
"flag"
"fmt"
"log"
"os"
"github.com/azoic/wormhole-client/internal/client"
)
var (
version = "v1.0.0"
buildTime = "unknown"
)
func main() {
configPath := flag.String("config", "configs/client.yaml", "Configuration file path")
mode := flag.String("mode", "http", "Client mode: http, global, transparent")
showVersion := flag.Bool("version", false, "Show version information")
flag.Parse()
if *showVersion {
fmt.Printf("Wormhole SOCKS5 Client %s\n", version)
fmt.Printf("Build time: %s\n", buildTime)
os.Exit(0)
}
fmt.Printf("🚀 Starting Wormhole SOCKS5 Client %s\n", version)
fmt.Printf("📄 Config: %s\n", *configPath)
fmt.Printf("🔧 Mode: %s\n", *mode)
// TODO: 实现完整的客户端逻辑
cli := client.NewClient(*mode)
if err := cli.Start(*configPath); err != nil {
log.Fatalf("Client failed: %v", err)
}
}
package client
import (
"fmt"
"os"
"os/signal"
"syscall"
"github.com/azoic/wormhole-client/internal/config"
"github.com/azoic/wormhole-client/internal/proxy"
"github.com/azoic/wormhole-client/internal/system"
"github.com/azoic/wormhole-client/pkg/dns"
"github.com/azoic/wormhole-client/pkg/logger"
)
type Client struct {
mode string
config *config.Config
socks5Proxy *proxy.SOCKS5Proxy
dnsProxy *dns.DNSProxy
systemProxyMgr *system.SystemProxyManager
}
func NewClient(mode string) *Client {
return &Client{
mode: mode,
systemProxyMgr: system.NewSystemProxyManager(),
}
}
func (c *Client) Start(configPath string) error {
// 加载配置
cfg, err := config.LoadConfig(configPath)
if err != nil {
return fmt.Errorf("failed to load config: %v", err)
}
if err := cfg.Validate(); err != nil {
return fmt.Errorf("invalid config: %v", err)
}
c.config = cfg
// 设置日志级别
logger.SetLevel(cfg.LogLevel)
logger.Info("🚀 Starting Wormhole SOCKS5 Client")
logger.Info("📄 Config loaded from: %s", configPath)
logger.Info("🔧 Mode: %s", c.mode)
logger.Info("🎯 SOCKS5 Server: %s", cfg.GetServerAddr())
// 创建SOCKS5代理客户端
c.socks5Proxy = proxy.NewSOCKS5Proxy(
cfg.GetServerAddr(),
cfg.Server.Username,
cfg.Server.Password,
cfg.Timeout,
)
// 设置信号处理
c.setupSignalHandler()
switch c.mode {
case "http":
return c.startHTTPProxy()
case "global":
return c.startGlobalProxy()
case "transparent":
return c.startTransparentProxy()
default:
return fmt.Errorf("unsupported mode: %s", c.mode)
}
}
func (c *Client) startHTTPProxy() error {
logger.Info("🌐 Starting HTTP proxy mode...")
logger.Info("💡 Setting up HTTP proxy on port %d", c.config.Proxy.LocalPort)
server := c.socks5Proxy.CreateHTTPProxy(c.config.Proxy.LocalPort)
logger.Info("✅ HTTP proxy started on :%d", c.config.Proxy.LocalPort)
logger.Info("💡 Configure your browser to use HTTP proxy: 127.0.0.1:%d", c.config.Proxy.LocalPort)
return server.ListenAndServe()
}
func (c *Client) startGlobalProxy() error {
logger.Info("🌍 Starting global proxy mode...")
logger.Info("💡 This will configure system-wide proxy settings")
logger.Info("⚠️ Requires administrator privileges")
// 启动HTTP代理服务器
server := c.socks5Proxy.CreateHTTPProxy(c.config.Proxy.LocalPort)
go func() {
if err := server.ListenAndServe(); err != nil {
logger.Error("HTTP proxy server failed: %v", err)
}
}()
// 设置系统代理
httpProxy := fmt.Sprintf("127.0.0.1:%d", c.config.Proxy.LocalPort)
httpsProxy := httpProxy
if err := c.systemProxyMgr.SetGlobalProxy(httpProxy, httpsProxy, ""); err != nil {
logger.Error("Failed to set system proxy: %v", err)
logger.Warn("You may need to run with administrator privileges")
logger.Info("Manual setup: Set HTTP/HTTPS proxy to %s", httpProxy)
} else {
logger.Info("✅ System proxy configured successfully")
}
// 启动DNS代理(如果启用)
if c.config.GlobalProxy.DNSProxy {
logger.Info("🔍 Starting DNS proxy on port %d", c.config.GlobalProxy.DNSPort)
c.dnsProxy = dns.NewDNSProxy("8.8.8.8:53", c.config.GlobalProxy.DNSPort)
if err := c.dnsProxy.Start(); err != nil {
logger.Warn("Failed to start DNS proxy: %v", err)
} else {
logger.Info("✅ DNS proxy started")
}
}
logger.Info("🎉 Global proxy mode started successfully")
logger.Info("📍 HTTP/HTTPS Proxy: %s", httpProxy)
if c.dnsProxy != nil {
logger.Info("📍 DNS Proxy: 127.0.0.1:%d", c.config.GlobalProxy.DNSPort)
}
// 保持运行
select {}
}
func (c *Client) startTransparentProxy() error {
logger.Info("🔍 Starting transparent proxy mode...")
logger.Info("💡 This will intercept network traffic transparently")
logger.Info("⚠️ Requires root privileges and iptables support")
logger.Error("❌ Transparent proxy mode is not yet implemented")
return fmt.Errorf("transparent proxy mode not implemented")
}
func (c *Client) setupSignalHandler() {
sigChan := make(chan os.Signal, 1)
signal.Notify(sigChan, os.Interrupt, syscall.SIGTERM)
go func() {
<-sigChan
logger.Info("🛑 Shutting down...")
c.cleanup()
os.Exit(0)
}()
}
func (c *Client) cleanup() {
// 恢复系统代理设置
if c.systemProxyMgr != nil {
if err := c.systemProxyMgr.RestoreProxy(); err != nil {
logger.Error("Failed to restore system proxy: %v", err)
}
}
// 停止DNS代理
if c.dnsProxy != nil {
if err := c.dnsProxy.Stop(); err != nil {
logger.Error("Failed to stop DNS proxy: %v", err)
}
}
logger.Info("✅ Cleanup completed")
}
package config
import (
"fmt"
"io/ioutil"
"time"
"gopkg.in/yaml.v3"
)
// Config 客户端配置结构
type Config struct {
ServiceType string `yaml:"serviceType"`
Server Server `yaml:"server"`
Proxy Proxy `yaml:"proxy"`
GlobalProxy GlobalProxy `yaml:"globalProxy"`
TransparentProxy TransparentProxy `yaml:"transparentProxy"`
LogLevel string `yaml:"logLevel"`
Timeout time.Duration `yaml:"timeout"`
}
// Server SOCKS5服务器配置
type Server struct {
Address string `yaml:"address"`
Port int `yaml:"port"`
Username string `yaml:"username"`
Password string `yaml:"password"`
}
// Proxy 代理模式配置
type Proxy struct {
Mode string `yaml:"mode"`
LocalPort int `yaml:"localPort"`
}
// GlobalProxy 全局代理配置
type GlobalProxy struct {
Enabled bool `yaml:"enabled"`
DNSProxy bool `yaml:"dnsProxy"`
DNSPort int `yaml:"dnsPort"`
Routing Routing `yaml:"routing"`
}
// TransparentProxy 透明代理配置
type TransparentProxy struct {
Enabled bool `yaml:"enabled"`
Port int `yaml:"port"`
DNSPort int `yaml:"dnsPort"`
ModifyDNS bool `yaml:"modifyDNS"`
ModifyRoute bool `yaml:"modifyRoute"`
}
// Routing 路由规则配置
type Routing struct {
BypassLocal bool `yaml:"bypassLocal"`
BypassPrivate bool `yaml:"bypassPrivate"`
BypassDomains []string `yaml:"bypassDomains"`
ForceDomains []string `yaml:"forceDomains"`
}
// LoadConfig 从文件加载配置
func LoadConfig(configPath string) (*Config, error) {
data, err := ioutil.ReadFile(configPath)
if err != nil {
return nil, fmt.Errorf("failed to read config file: %v", err)
}
var config Config
if err := yaml.Unmarshal(data, &config); err != nil {
return nil, fmt.Errorf("failed to parse config file: %v", err)
}
// 设置默认值
if config.LogLevel == "" {
config.LogLevel = "info"
}
if config.Timeout == 0 {
config.Timeout = 30 * time.Second
}
if config.Proxy.LocalPort == 0 {
config.Proxy.LocalPort = 8080
}
return &config, nil
}
// GetServerAddr 获取服务器地址
func (c *Config) GetServerAddr() string {
return fmt.Sprintf("%s:%d", c.Server.Address, c.Server.Port)
}
// Validate 验证配置
func (c *Config) Validate() error {
if c.Server.Address == "" {
return fmt.Errorf("server address is required")
}
if c.Server.Port <= 0 || c.Server.Port > 65535 {
return fmt.Errorf("invalid server port: %d", c.Server.Port)
}
validModes := map[string]bool{"http": true, "global": true, "transparent": true}
if !validModes[c.Proxy.Mode] {
return fmt.Errorf("invalid proxy mode: %s", c.Proxy.Mode)
}
return nil
}
package proxy
import (
"context"
"encoding/json"
"fmt"
"io"
"net"
"net/http"
"strconv"
"sync"
"time"
"github.com/azoic/wormhole-client/pkg/logger"
)
// SOCKS5Proxy SOCKS5代理客户端
type SOCKS5Proxy struct {
serverAddr string
username string
password string
timeout time.Duration
connPool *connectionPool
stats *ProxyStats
}
// connectionPool 连接池
type connectionPool struct {
connections chan net.Conn
maxSize int
mutex sync.Mutex
}
// NewSOCKS5Proxy 创建SOCKS5代理客户端
func NewSOCKS5Proxy(serverAddr, username, password string, timeout time.Duration) *SOCKS5Proxy {
return &SOCKS5Proxy{
serverAddr: serverAddr,
username: username,
password: password,
timeout: timeout,
connPool: &connectionPool{
connections: make(chan net.Conn, 10),
maxSize: 10,
},
stats: NewProxyStats(),
}
}
// CreateHTTPProxy 创建HTTP代理服务器
func (p *SOCKS5Proxy) CreateHTTPProxy(localPort int) *http.Server {
proxyHandler := &httpProxyHandler{
socks5Proxy: p,
}
// 创建ServeMux来处理不同的路径
mux := http.NewServeMux()
mux.Handle("/", proxyHandler)
mux.HandleFunc("/stats", p.handleStats)
mux.HandleFunc("/health", p.handleHealth)
server := &http.Server{
Addr: fmt.Sprintf(":%d", localPort),
Handler: mux,
ReadTimeout: 30 * time.Second,
WriteTimeout: 30 * time.Second,
IdleTimeout: 120 * time.Second,
MaxHeaderBytes: 1 << 20, // 1MB
}
return server
}
// httpProxyHandler HTTP代理处理器
type httpProxyHandler struct {
socks5Proxy *SOCKS5Proxy
}
func (h *httpProxyHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) {
// 统计连接
h.socks5Proxy.stats.IncrementConnections()
defer h.socks5Proxy.stats.DecrementActiveConnections()
logger.Debug("Processing request: %s %s from %s", r.Method, r.URL.String(), r.RemoteAddr)
if r.Method == http.MethodConnect {
h.handleHTTPSProxy(w, r)
} else {
h.handleHTTPProxy(w, r)
}
}
// handleHTTPSProxy 处理HTTPS代理请求 (CONNECT方法)
func (h *httpProxyHandler) handleHTTPSProxy(w http.ResponseWriter, r *http.Request) {
ctx, cancel := context.WithTimeout(r.Context(), h.socks5Proxy.timeout)
defer cancel()
destConn, err := h.socks5Proxy.DialTCPWithContext(ctx, r.Host)
if err != nil {
h.socks5Proxy.stats.IncrementFailedRequests()
h.socks5Proxy.stats.IncrementSOCKS5Error("connection_failed")
logger.Error("Failed to connect via SOCKS5 to %s: %v", r.Host, err)
http.Error(w, "Bad Gateway", http.StatusBadGateway)
return
}
defer destConn.Close()
// 发送200 Connection established响应
w.WriteHeader(http.StatusOK)
hijacker, ok := w.(http.Hijacker)
if !ok {
h.socks5Proxy.stats.IncrementFailedRequests()
logger.Error("Hijacking not supported")
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
return
}
clientConn, _, err := hijacker.Hijack()
if err != nil {
h.socks5Proxy.stats.IncrementFailedRequests()
logger.Error("Failed to hijack connection: %v", err)
return
}
defer clientConn.Close()
h.socks5Proxy.stats.IncrementSuccessfulRequests()
logger.Debug("Established HTTPS tunnel to %s", r.Host)
// 双向数据转发
var wg sync.WaitGroup
wg.Add(2)
go func() {
defer wg.Done()
written := h.copyData(clientConn, destConn, "client->server")
h.socks5Proxy.stats.AddBytesTransferred(written, 0)
}()
go func() {
defer wg.Done()
written := h.copyData(destConn, clientConn, "server->client")
h.socks5Proxy.stats.AddBytesTransferred(0, written)
}()
wg.Wait()
logger.Debug("HTTPS tunnel to %s closed", r.Host)
}
// handleHTTPProxy 处理HTTP代理请求
func (h *httpProxyHandler) handleHTTPProxy(w http.ResponseWriter, r *http.Request) {
ctx, cancel := context.WithTimeout(r.Context(), h.socks5Proxy.timeout)
defer cancel()
// 确保URL包含Host
if r.URL.Host == "" {
r.URL.Host = r.Host
}
if r.URL.Scheme == "" {
r.URL.Scheme = "http"
}
// 通过SOCKS5连接到目标服务器
destConn, err := h.socks5Proxy.DialTCPWithContext(ctx, r.Host)
if err != nil {
h.socks5Proxy.stats.IncrementFailedRequests()
h.socks5Proxy.stats.IncrementSOCKS5Error("connection_failed")
logger.Error("Failed to connect via SOCKS5 to %s: %v", r.Host, err)
http.Error(w, "Bad Gateway", http.StatusBadGateway)
return
}
defer destConn.Close()
// 发送HTTP请求
if err := r.Write(destConn); err != nil {
h.socks5Proxy.stats.IncrementFailedRequests()
logger.Error("Failed to write request to %s: %v", r.Host, err)
http.Error(w, "Bad Gateway", http.StatusBadGateway)
return
}
// 设置响应头
w.Header().Set("Via", "1.1 wormhole-proxy")
// 使用自定义ResponseWriter来统计字节数
statsWriter := &statsResponseWriter{
ResponseWriter: w,
stats: h.socks5Proxy.stats,
}
// 读取响应并返回给客户端
written, err := io.Copy(statsWriter, destConn)
if err != nil {
h.socks5Proxy.stats.IncrementFailedRequests()
logger.Error("Failed to copy response from %s: %v", r.Host, err)
return
}
h.socks5Proxy.stats.IncrementSuccessfulRequests()
h.socks5Proxy.stats.AddBytesTransferred(0, written)
logger.Debug("HTTP request to %s completed, %d bytes", r.Host, written)
}
// statsResponseWriter 带统计功能的ResponseWriter
type statsResponseWriter struct {
http.ResponseWriter
stats *ProxyStats
}
func (w *statsResponseWriter) Write(data []byte) (int, error) {
n, err := w.ResponseWriter.Write(data)
if n > 0 {
w.stats.AddBytesTransferred(int64(n), 0)
}
return n, err
}
// copyData 数据复制,带方向标识和字节统计
func (h *httpProxyHandler) copyData(dst, src net.Conn, direction string) int64 {
defer dst.Close()
defer src.Close()
written, err := io.Copy(dst, src)
if err != nil {
logger.Debug("Copy %s finished with error: %v, bytes: %d", direction, err, written)
} else {
logger.Debug("Copy %s finished successfully, bytes: %d", direction, written)
}
return written
}
// handleStats 处理统计信息请求
func (p *SOCKS5Proxy) handleStats(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
stats := p.stats.GetStats()
w.Header().Set("Content-Type", "application/json")
w.Header().Set("Access-Control-Allow-Origin", "*")
if err := json.NewEncoder(w).Encode(stats); err != nil {
logger.Error("Failed to encode stats: %v", err)
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
return
}
}
// handleHealth 处理健康检查请求
func (p *SOCKS5Proxy) handleHealth(w http.ResponseWriter, r *http.Request) {
if r.Method != http.MethodGet {
http.Error(w, "Method not allowed", http.StatusMethodNotAllowed)
return
}
stats := p.stats.GetStats()
health := map[string]interface{}{
"status": "healthy",
"uptime": stats.Uptime.String(),
"active_connections": stats.ActiveConnections,
"success_rate": stats.GetSuccessRate(),
}
w.Header().Set("Content-Type", "application/json")
if err := json.NewEncoder(w).Encode(health); err != nil {
logger.Error("Failed to encode health: %v", err)
http.Error(w, "Internal Server Error", http.StatusInternalServerError)
return
}
}
// GetStats 获取代理统计信息
func (p *SOCKS5Proxy) GetStats() ProxyStatsSnapshot {
return p.stats.GetStats()
}
// DialTCP 通过SOCKS5连接到目标地址
func (p *SOCKS5Proxy) DialTCP(address string) (net.Conn, error) {
return p.DialTCPWithContext(context.Background(), address)
}
// DialTCPWithContext 通过SOCKS5连接到目标地址(带上下文)
func (p *SOCKS5Proxy) DialTCPWithContext(ctx context.Context, address string) (net.Conn, error) {
// 连接到SOCKS5代理服务器
dialer := &net.Dialer{
Timeout: p.timeout,
}
conn, err := dialer.DialContext(ctx, "tcp", p.serverAddr)
if err != nil {
return nil, fmt.Errorf("failed to connect to SOCKS5 server: %v", err)
}
// 设置连接超时
deadline, ok := ctx.Deadline()
if ok {
conn.SetDeadline(deadline)
}
// 执行SOCKS5握手
if err := p.performSOCKS5Handshake(conn, address); err != nil {
conn.Close()
return nil, fmt.Errorf("SOCKS5 handshake failed: %v", err)
}
// 清除deadline,让连接正常使用
conn.SetDeadline(time.Time{})
logger.Debug("Successfully connected to %s via SOCKS5 proxy", address)
return conn, nil
}
// performSOCKS5Handshake 执行SOCKS5握手协议
func (p *SOCKS5Proxy) performSOCKS5Handshake(conn net.Conn, targetAddr string) error {
// 设置握手超时
deadline := time.Now().Add(p.timeout)
conn.SetDeadline(deadline)
// 第一步:发送认证方法选择
authMethods := []byte{0x05, 0x02, 0x00, 0x02} // 版本5,2个方法,无认证+用户名密码认证
if _, err := conn.Write(authMethods); err != nil {
return fmt.Errorf("failed to send auth methods: %v", err)
}
// 读取服务器响应
response := make([]byte, 2)
if _, err := io.ReadFull(conn, response); err != nil {
return fmt.Errorf("failed to read auth response: %v", err)
}
if response[0] != 0x05 {
return fmt.Errorf("invalid SOCKS version: %d", response[0])
}
// 第二步:处理认证
switch response[1] {
case 0x00: // 无认证
logger.Debug("SOCKS5 server requires no authentication")
case 0x02: // 用户名密码认证
if err := p.performUserPassAuth(conn); err != nil {
return fmt.Errorf("user/pass authentication failed: %v", err)
}
case 0xFF: // 无可接受的认证方法
return fmt.Errorf("no acceptable authentication methods")
default:
return fmt.Errorf("unsupported authentication method: %d", response[1])
}
// 第三步:发送连接请求
connectReq, err := p.buildConnectRequest(targetAddr)
if err != nil {
return fmt.Errorf("failed to build connect request: %v", err)
}
if _, err := conn.Write(connectReq); err != nil {
return fmt.Errorf("failed to send connect request: %v", err)
}
// 第四步:读取连接响应
return p.readConnectResponse(conn)
}
// buildConnectRequest 构建连接请求
func (p *SOCKS5Proxy) buildConnectRequest(targetAddr string) ([]byte, error) {
host, portStr, err := net.SplitHostPort(targetAddr)
if err != nil {
return nil, fmt.Errorf("invalid target address: %v", err)
}
// 解析端口号
portNum, err := parsePort(portStr)
if err != nil {
return nil, fmt.Errorf("invalid port: %v", err)
}
var connectReq []byte
// 检测地址类型并构建请求
if ip := net.ParseIP(host); ip != nil {
if ip4 := ip.To4(); ip4 != nil {
// IPv4地址
connectReq = []byte{0x05, 0x01, 0x00, 0x01}
connectReq = append(connectReq, ip4...)
} else if ip6 := ip.To16(); ip6 != nil {
// IPv6地址
connectReq = []byte{0x05, 0x01, 0x00, 0x04}
connectReq = append(connectReq, ip6...)
}
} else {
// 域名
if len(host) > 255 {
return nil, fmt.Errorf("domain name too long: %d", len(host))
}
connectReq = []byte{0x05, 0x01, 0x00, 0x03}
connectReq = append(connectReq, byte(len(host)))
connectReq = append(connectReq, []byte(host)...)
}
// 添加端口
connectReq = append(connectReq, byte(portNum>>8), byte(portNum&0xFF))
return connectReq, nil
}
// readConnectResponse 读取连接响应
func (p *SOCKS5Proxy) readConnectResponse(conn net.Conn) error {
// 读取响应头部
header := make([]byte, 4)
if _, err := io.ReadFull(conn, header); err != nil {
return fmt.Errorf("failed to read connect response header: %v", err)
}
if header[0] != 0x05 {
return fmt.Errorf("invalid SOCKS version in response: %d", header[0])
}
if header[1] != 0x00 {
return fmt.Errorf("connection failed, status: %d (%s)", header[1], getSOCKS5ErrorMessage(header[1]))
}
// 读取绑定地址和端口
addrType := header[3]
switch addrType {
case 0x01: // IPv4
skipBytes := make([]byte, 6) // 4字节IP + 2字节端口
_, err := io.ReadFull(conn, skipBytes)
return err
case 0x03: // 域名
lenByte := make([]byte, 1)
if _, err := io.ReadFull(conn, lenByte); err != nil {
return err
}
skipBytes := make([]byte, int(lenByte[0])+2) // 域名长度 + 2字节端口
_, err := io.ReadFull(conn, skipBytes)
return err
case 0x04: // IPv6
skipBytes := make([]byte, 18) // 16字节IP + 2字节端口
_, err := io.ReadFull(conn, skipBytes)
return err
default:
return fmt.Errorf("unsupported address type: %d", addrType)
}
}
// performUserPassAuth 执行用户名密码认证
func (p *SOCKS5Proxy) performUserPassAuth(conn net.Conn) error {
// 发送用户名密码
authData := []byte{0x01} // 子协议版本
authData = append(authData, byte(len(p.username)))
authData = append(authData, []byte(p.username)...)
authData = append(authData, byte(len(p.password)))
authData = append(authData, []byte(p.password)...)
if _, err := conn.Write(authData); err != nil {
return fmt.Errorf("failed to send credentials: %v", err)
}
// 读取认证结果
authResult := make([]byte, 2)
if _, err := io.ReadFull(conn, authResult); err != nil {
return fmt.Errorf("failed to read auth result: %v", err)
}
if authResult[0] != 0x01 {
return fmt.Errorf("invalid auth response version: %d", authResult[0])
}
if authResult[1] != 0x00 {
return fmt.Errorf("authentication failed")
}
logger.Debug("SOCKS5 authentication successful")
return nil
}
// getSOCKS5ErrorMessage 获取SOCKS5错误消息
func getSOCKS5ErrorMessage(code byte) string {
switch code {
case 0x01:
return "general SOCKS server failure"
case 0x02:
return "connection not allowed by ruleset"
case 0x03:
return "network unreachable"
case 0x04:
return "host unreachable"
case 0x05:
return "connection refused"
case 0x06:
return "TTL expired"
case 0x07:
return "command not supported"
case 0x08:
return "address type not supported"
default:
return "unknown error"
}
}
// parsePort 解析端口号
func parsePort(portStr string) (int, error) {
if portStr == "" {
return 80, nil // 默认HTTP端口
}
port, err := strconv.Atoi(portStr)
if err != nil {
return 0, fmt.Errorf("invalid port format: %s", portStr)
}
if port < 1 || port > 65535 {
return 0, fmt.Errorf("port out of range: %d", port)
}
return port, nil
}
package proxy
import (
"sync"
"sync/atomic"
"time"
)
// ProxyStats 代理统计信息
type ProxyStats struct {
StartTime time.Time
TotalConnections int64
ActiveConnections int64
SuccessfulRequests int64
FailedRequests int64
BytesSent int64
BytesReceived int64
SOCKS5Errors map[string]int64
mutex sync.RWMutex
}
// NewProxyStats 创建新的统计实例
func NewProxyStats() *ProxyStats {
return &ProxyStats{
StartTime: time.Now(),
SOCKS5Errors: make(map[string]int64),
}
}
// IncrementConnections 增加连接计数
func (s *ProxyStats) IncrementConnections() {
atomic.AddInt64(&s.TotalConnections, 1)
atomic.AddInt64(&s.ActiveConnections, 1)
}
// DecrementActiveConnections 减少活跃连接计数
func (s *ProxyStats) DecrementActiveConnections() {
atomic.AddInt64(&s.ActiveConnections, -1)
}
// IncrementSuccessfulRequests 增加成功请求计数
func (s *ProxyStats) IncrementSuccessfulRequests() {
atomic.AddInt64(&s.SuccessfulRequests, 1)
}
// IncrementFailedRequests 增加失败请求计数
func (s *ProxyStats) IncrementFailedRequests() {
atomic.AddInt64(&s.FailedRequests, 1)
}
// AddBytesTransferred 添加传输字节数
func (s *ProxyStats) AddBytesTransferred(sent, received int64) {
atomic.AddInt64(&s.BytesSent, sent)
atomic.AddInt64(&s.BytesReceived, received)
}
// IncrementSOCKS5Error 增加SOCKS5错误计数
func (s *ProxyStats) IncrementSOCKS5Error(errorType string) {
s.mutex.Lock()
defer s.mutex.Unlock()
s.SOCKS5Errors[errorType]++
}
// GetStats 获取统计快照
func (s *ProxyStats) GetStats() ProxyStatsSnapshot {
s.mutex.RLock()
defer s.mutex.RUnlock()
errors := make(map[string]int64)
for k, v := range s.SOCKS5Errors {
errors[k] = v
}
return ProxyStatsSnapshot{
StartTime: s.StartTime,
Uptime: time.Since(s.StartTime),
TotalConnections: atomic.LoadInt64(&s.TotalConnections),
ActiveConnections: atomic.LoadInt64(&s.ActiveConnections),
SuccessfulRequests: atomic.LoadInt64(&s.SuccessfulRequests),
FailedRequests: atomic.LoadInt64(&s.FailedRequests),
BytesSent: atomic.LoadInt64(&s.BytesSent),
BytesReceived: atomic.LoadInt64(&s.BytesReceived),
SOCKS5Errors: errors,
}
}
// ProxyStatsSnapshot 统计快照
type ProxyStatsSnapshot struct {
StartTime time.Time `json:"start_time"`
Uptime time.Duration `json:"uptime"`
TotalConnections int64 `json:"total_connections"`
ActiveConnections int64 `json:"active_connections"`
SuccessfulRequests int64 `json:"successful_requests"`
FailedRequests int64 `json:"failed_requests"`
BytesSent int64 `json:"bytes_sent"`
BytesReceived int64 `json:"bytes_received"`
SOCKS5Errors map[string]int64 `json:"socks5_errors"`
}
// GetSuccessRate 获取成功率
func (s *ProxyStatsSnapshot) GetSuccessRate() float64 {
total := s.SuccessfulRequests + s.FailedRequests
if total == 0 {
return 0
}
return float64(s.SuccessfulRequests) / float64(total) * 100
}
// GetTotalBytes 获取总传输字节数
func (s *ProxyStatsSnapshot) GetTotalBytes() int64 {
return s.BytesSent + s.BytesReceived
}
// GetAverageConnectionsPerHour 获取每小时平均连接数
func (s *ProxyStatsSnapshot) GetAverageConnectionsPerHour() float64 {
hours := s.Uptime.Hours()
if hours == 0 {
return 0
}
return float64(s.TotalConnections) / hours
}
package system
import (
"fmt"
"os/exec"
"runtime"
"strings"
"github.com/azoic/wormhole-client/pkg/logger"
)
// SystemProxyManager 系统代理管理器
type SystemProxyManager struct {
originalSettings map[string]string
}
// NewSystemProxyManager 创建系统代理管理器
func NewSystemProxyManager() *SystemProxyManager {
return &SystemProxyManager{
originalSettings: make(map[string]string),
}
}
// SetGlobalProxy 设置全局代理
func (s *SystemProxyManager) SetGlobalProxy(httpProxy, httpsProxy, socksProxy string) error {
switch runtime.GOOS {
case "darwin":
return s.setMacOSProxy(httpProxy, httpsProxy, socksProxy)
case "windows":
return s.setWindowsProxy(httpProxy, httpsProxy, socksProxy)
case "linux":
return s.setLinuxProxy(httpProxy, httpsProxy, socksProxy)
default:
return fmt.Errorf("unsupported operating system: %s", runtime.GOOS)
}
}
// RestoreProxy 恢复原始代理设置
func (s *SystemProxyManager) RestoreProxy() error {
switch runtime.GOOS {
case "darwin":
return s.restoreMacOSProxy()
case "windows":
return s.restoreWindowsProxy()
case "linux":
return s.restoreLinuxProxy()
default:
return fmt.Errorf("unsupported operating system: %s", runtime.GOOS)
}
}
// macOS 代理设置
func (s *SystemProxyManager) setMacOSProxy(httpProxy, httpsProxy, socksProxy string) error {
logger.Info("Setting macOS system proxy...")
// 获取网络服务名称
networkService, err := s.getMacOSNetworkService()
if err != nil {
return fmt.Errorf("failed to get network service: %v", err)
}
// 保存原始设置
if err := s.saveMacOSOriginalSettings(networkService); err != nil {
logger.Warn("Failed to save original proxy settings: %v", err)
}
// 设置HTTP代理
if httpProxy != "" {
if err := s.runCommand("networksetup", "-setwebproxy", networkService,
s.parseProxyHost(httpProxy), s.parseProxyPort(httpProxy)); err != nil {
return fmt.Errorf("failed to set HTTP proxy: %v", err)
}
if err := s.runCommand("networksetup", "-setwebproxystate", networkService, "on"); err != nil {
return fmt.Errorf("failed to enable HTTP proxy: %v", err)
}
}
// 设置HTTPS代理
if httpsProxy != "" {
if err := s.runCommand("networksetup", "-setsecurewebproxy", networkService,
s.parseProxyHost(httpsProxy), s.parseProxyPort(httpsProxy)); err != nil {
return fmt.Errorf("failed to set HTTPS proxy: %v", err)
}
if err := s.runCommand("networksetup", "-setsecurewebproxystate", networkService, "on"); err != nil {
return fmt.Errorf("failed to enable HTTPS proxy: %v", err)
}
}
// 设置SOCKS代理
if socksProxy != "" {
if err := s.runCommand("networksetup", "-setsocksfirewallproxy", networkService,
s.parseProxyHost(socksProxy), s.parseProxyPort(socksProxy)); err != nil {
return fmt.Errorf("failed to set SOCKS proxy: %v", err)
}
if err := s.runCommand("networksetup", "-setsocksfirewallproxystate", networkService, "on"); err != nil {
return fmt.Errorf("failed to enable SOCKS proxy: %v", err)
}
}
logger.Info("macOS system proxy configured successfully")
return nil
}
// 获取macOS网络服务名称
func (s *SystemProxyManager) getMacOSNetworkService() (string, error) {
output, err := exec.Command("networksetup", "-listallnetworkservices").Output()
if err != nil {
return "", err
}
lines := strings.Split(string(output), "\n")
for _, line := range lines {
line = strings.TrimSpace(line)
if line != "" && !strings.HasPrefix(line, "*") && !strings.Contains(line, "An asterisk") {
// 优先选择Wi-Fi,否则选择第一个可用的服务
if strings.Contains(strings.ToLower(line), "wi-fi") || strings.Contains(strings.ToLower(line), "wifi") {
return line, nil
}
}
}
// 如果没找到Wi-Fi,返回第一个可用的服务
for _, line := range lines {
line = strings.TrimSpace(line)
if line != "" && !strings.HasPrefix(line, "*") && !strings.Contains(line, "An asterisk") {
return line, nil
}
}
return "", fmt.Errorf("no network service found")
}
// 保存macOS原始代理设置
func (s *SystemProxyManager) saveMacOSOriginalSettings(networkService string) error {
// 保存HTTP代理状态
if output, err := exec.Command("networksetup", "-getwebproxy", networkService).Output(); err == nil {
s.originalSettings["http_proxy"] = string(output)
}
// 保存HTTPS代理状态
if output, err := exec.Command("networksetup", "-getsecurewebproxy", networkService).Output(); err == nil {
s.originalSettings["https_proxy"] = string(output)
}
// 保存SOCKS代理状态
if output, err := exec.Command("networksetup", "-getsocksfirewallproxy", networkService).Output(); err == nil {
s.originalSettings["socks_proxy"] = string(output)
}
s.originalSettings["network_service"] = networkService
return nil
}
// 恢复macOS代理设置
func (s *SystemProxyManager) restoreMacOSProxy() error {
networkService, exists := s.originalSettings["network_service"]
if !exists {
return fmt.Errorf("no network service information saved")
}
logger.Info("Restoring macOS system proxy...")
// 关闭所有代理
s.runCommand("networksetup", "-setwebproxystate", networkService, "off")
s.runCommand("networksetup", "-setsecurewebproxystate", networkService, "off")
s.runCommand("networksetup", "-setsocksfirewallproxystate", networkService, "off")
logger.Info("macOS system proxy restored")
return nil
}
// Windows 代理设置(简化实现)
func (s *SystemProxyManager) setWindowsProxy(httpProxy, httpsProxy, socksProxy string) error {
logger.Warn("Windows proxy setting not fully implemented")
return fmt.Errorf("Windows proxy setting not implemented yet")
}
func (s *SystemProxyManager) restoreWindowsProxy() error {
logger.Warn("Windows proxy restoration not fully implemented")
return nil
}
// Linux 代理设置(简化实现)
func (s *SystemProxyManager) setLinuxProxy(httpProxy, httpsProxy, socksProxy string) error {
logger.Warn("Linux proxy setting not fully implemented")
return fmt.Errorf("Linux proxy setting not implemented yet")
}
func (s *SystemProxyManager) restoreLinuxProxy() error {
logger.Warn("Linux proxy restoration not fully implemented")
return nil
}
// 辅助函数
func (s *SystemProxyManager) runCommand(name string, args ...string) error {
cmd := exec.Command(name, args...)
output, err := cmd.CombinedOutput()
if err != nil {
logger.Error("Command failed: %s %v, output: %s", name, args, string(output))
return err
}
return nil
}
func (s *SystemProxyManager) parseProxyHost(proxy string) string {
// 简单解析,格式: host:port
parts := strings.Split(proxy, ":")
if len(parts) >= 1 {
return parts[0]
}
return proxy
}
func (s *SystemProxyManager) parseProxyPort(proxy string) string {
// 简单解析,格式: host:port
parts := strings.Split(proxy, ":")
if len(parts) >= 2 {
return parts[1]
}
return "8080" // 默认端口
}
package dns
import (
"fmt"
"net"
"strings"
"sync"
"time"
"github.com/azoic/wormhole-client/pkg/logger"
)
// DNSProxy DNS代理服务器
type DNSProxy struct {
upstreamDNS string
localPort int
server *net.UDPConn
cache *dnsCache
running bool
mutex sync.RWMutex
}
// dnsCache DNS缓存
type dnsCache struct {
entries map[string]*cacheEntry
mutex sync.RWMutex
}
type cacheEntry struct {
response []byte
expiry time.Time
}
// NewDNSProxy 创建DNS代理
func NewDNSProxy(upstreamDNS string, localPort int) *DNSProxy {
return &DNSProxy{
upstreamDNS: upstreamDNS,
localPort: localPort,
cache: &dnsCache{
entries: make(map[string]*cacheEntry),
},
}
}
// Start 启动DNS代理服务器
func (d *DNSProxy) Start() error {
d.mutex.Lock()
defer d.mutex.Unlock()
if d.running {
return fmt.Errorf("DNS proxy is already running")
}
addr, err := net.ResolveUDPAddr("udp", fmt.Sprintf(":%d", d.localPort))
if err != nil {
return fmt.Errorf("failed to resolve UDP address: %v", err)
}
d.server, err = net.ListenUDP("udp", addr)
if err != nil {
return fmt.Errorf("failed to start DNS proxy server: %v", err)
}
d.running = true
logger.Info("DNS proxy started on port %d", d.localPort)
// 启动清理缓存的goroutine
go d.cleanupCache()
// 处理DNS请求
go d.handleRequests()
return nil
}
// Stop 停止DNS代理服务器
func (d *DNSProxy) Stop() error {
d.mutex.Lock()
defer d.mutex.Unlock()
if !d.running {
return nil
}
d.running = false
if d.server != nil {
d.server.Close()
}
logger.Info("DNS proxy stopped")
return nil
}
// handleRequests 处理DNS请求
func (d *DNSProxy) handleRequests() {
buffer := make([]byte, 512) // DNS消息最大512字节(UDP)
for d.isRunning() {
n, clientAddr, err := d.server.ReadFromUDP(buffer)
if err != nil {
if d.isRunning() {
logger.Error("Failed to read DNS request: %v", err)
}
continue
}
go d.processRequest(buffer[:n], clientAddr)
}
}
// processRequest 处理单个DNS请求
func (d *DNSProxy) processRequest(request []byte, clientAddr *net.UDPAddr) {
// 简单的DNS请求解析
domain := d.extractDomain(request)
logger.Debug("DNS request for domain: %s", domain)
// 检查缓存
if cachedResponse := d.getFromCache(domain); cachedResponse != nil {
logger.Debug("Serving %s from cache", domain)
d.server.WriteToUDP(cachedResponse, clientAddr)
return
}
// 转发到上游DNS服务器
response, err := d.forwardToUpstream(request)
if err != nil {
logger.Error("Failed to forward DNS request: %v", err)
return
}
// 缓存响应
d.addToCache(domain, response)
// 返回响应给客户端
d.server.WriteToUDP(response, clientAddr)
}
// extractDomain 从DNS请求中提取域名(简化实现)
func (d *DNSProxy) extractDomain(request []byte) string {
if len(request) < 12 {
return ""
}
// 跳过DNS头部(12字节)
offset := 12
var domain strings.Builder
for offset < len(request) {
length := int(request[offset])
if length == 0 {
break
}
offset++
if offset+length > len(request) {
break
}
if domain.Len() > 0 {
domain.WriteByte('.')
}
domain.Write(request[offset : offset+length])
offset += length
}
return domain.String()
}
// forwardToUpstream 转发DNS请求到上游服务器
func (d *DNSProxy) forwardToUpstream(request []byte) ([]byte, error) {
conn, err := net.Dial("udp", d.upstreamDNS)
if err != nil {
return nil, fmt.Errorf("failed to connect to upstream DNS: %v", err)
}
defer conn.Close()
// 设置超时
conn.SetDeadline(time.Now().Add(5 * time.Second))
// 发送请求
if _, err := conn.Write(request); err != nil {
return nil, fmt.Errorf("failed to send DNS request: %v", err)
}
// 读取响应
response := make([]byte, 512)
n, err := conn.Read(response)
if err != nil {
return nil, fmt.Errorf("failed to read DNS response: %v", err)
}
return response[:n], nil
}
// getFromCache 从缓存获取DNS响应
func (d *DNSProxy) getFromCache(domain string) []byte {
d.cache.mutex.RLock()
defer d.cache.mutex.RUnlock()
entry, exists := d.cache.entries[domain]
if !exists || time.Now().After(entry.expiry) {
return nil
}
return entry.response
}
// addToCache 添加DNS响应到缓存
func (d *DNSProxy) addToCache(domain string, response []byte) {
d.cache.mutex.Lock()
defer d.cache.mutex.Unlock()
// 设置缓存过期时间(5分钟)
expiry := time.Now().Add(5 * time.Minute)
d.cache.entries[domain] = &cacheEntry{
response: make([]byte, len(response)),
expiry: expiry,
}
copy(d.cache.entries[domain].response, response)
}
// cleanupCache 清理过期的缓存条目
func (d *DNSProxy) cleanupCache() {
ticker := time.NewTicker(1 * time.Minute)
defer ticker.Stop()
for {
select {
case <-ticker.C:
if !d.isRunning() {
return
}
d.cache.mutex.Lock()
now := time.Now()
for domain, entry := range d.cache.entries {
if now.After(entry.expiry) {
delete(d.cache.entries, domain)
}
}
d.cache.mutex.Unlock()
}
}
}
// isRunning 检查DNS代理是否在运行
func (d *DNSProxy) isRunning() bool {
d.mutex.RLock()
defer d.mutex.RUnlock()
return d.running
}
package logger
import (
"fmt"
"log"
"os"
"strings"
"time"
)
type LogLevel int
const (
DEBUG LogLevel = iota
INFO
WARN
ERROR
)
type Logger struct {
level LogLevel
logger *log.Logger
}
var defaultLogger *Logger
func init() {
defaultLogger = New("INFO")
}
// New 创建新的日志记录器
func New(levelStr string) *Logger {
level := parseLogLevel(levelStr)
logger := log.New(os.Stdout, "", 0)
return &Logger{
level: level,
logger: logger,
}
}
// SetLevel 设置日志级别
func SetLevel(levelStr string) {
defaultLogger.level = parseLogLevel(levelStr)
}
func parseLogLevel(levelStr string) LogLevel {
switch strings.ToUpper(levelStr) {
case "DEBUG":
return DEBUG
case "INFO":
return INFO
case "WARN", "WARNING":
return WARN
case "ERROR":
return ERROR
default:
return INFO
}
}
func (l *Logger) log(level LogLevel, format string, args ...interface{}) {
if level < l.level {
return
}
levelStr := ""
switch level {
case DEBUG:
levelStr = "DEBUG"
case INFO:
levelStr = "INFO"
case WARN:
levelStr = "WARN"
case ERROR:
levelStr = "ERROR"
}
timestamp := time.Now().Format("2006-01-02 15:04:05")
message := fmt.Sprintf(format, args...)
logLine := fmt.Sprintf("[%s] [%s] %s", timestamp, levelStr, message)
l.logger.Println(logLine)
}
// Debug 调试日志
func (l *Logger) Debug(format string, args ...interface{}) {
l.log(DEBUG, format, args...)
}
// Info 信息日志
func (l *Logger) Info(format string, args ...interface{}) {
l.log(INFO, format, args...)
}
// Warn 警告日志
func (l *Logger) Warn(format string, args ...interface{}) {
l.log(WARN, format, args...)
}
// Error 错误日志
func (l *Logger) Error(format string, args ...interface{}) {
l.log(ERROR, format, args...)
}
// 全局日志函数
func Debug(format string, args ...interface{}) {
defaultLogger.Debug(format, args...)
}
func Info(format string, args ...interface{}) {
defaultLogger.Info(format, args...)
}
func Warn(format string, args ...interface{}) {
defaultLogger.Warn(format, args...)
}
func Error(format string, args ...interface{}) {
defaultLogger.Error(format, args...)
}