论野生技术&二次元

lua-resty-multiplexer: 端口服务复用

实现了一个端口服务复用的透明代理,可以在同一个端口上运行多个协议。根据每次连接中客户端发起的首个请求检测协议,根据协议或各种条件选择代理的上游。

需要打一个补丁。由@fcicq这个讨论中贡献。这个补丁实现了BSD的socket recv()语义。目前官方也有这个feature的PR

示例配置:

示例中服务监听在80端口,并定义规则:

说明

This module consists of two parts: protocol identifiers and matchers.

Protocol

The protocol part analyzes the first request that is sent from client and try to match it using known protocol signatures.

Currently supported: dnshttpsshtlsxmpp. Based on the bytes of signature, each protocol may have different possibilities to be falsely identified.

Protocol Length of signature False rate
dns 9 1/4 5.29e-23
http 4 2.33e-10
ssh 4 2.33e-10
tls 6 3.55e-15
xmpp 6 in 8 1/4 ?

Add new protocol

Create a new protocol_name.lua file under resty/multiplexer/protocol in the format of:

required_bytes is the length of bytes we need to read before identifying the protocol.

Matcher

client-host

Match if $remote_addr equals to expected value.

protocol

Match if protocol equals to expected value.

time

Match if current time is in configured range in mul.matcher_config.time. If no range is defined, the matcher will always return false.

For example, to match year 2018January and March and hour 6 to 24 except for hour 12:

default

Always matches.

Add new matcher

Create a new matcher_name.lua file under resty/multiplexer/matchers in the format of:

Where protocol is the identified protocol in lowercase string, and expected is the expected value for this matcher defined in set_rules.

退出移动版