客户端服务端分离

server/file.go

@@ -0,0 +1,263 @@
+package server
+
+import (
+	"encoding/csv"
+	"errors"
+	"github.com/astaxie/beego"
+	"github.com/cnlh/easyProxy/utils"
+	"log"
+	"os"
+	"strconv"
+)
+
+type ServerConfig struct {
+	TcpPort        int    //服务端与客户端通信端口
+	Mode           string //启动方式
+	Target         string //目标
+	VerifyKey      string //flag
+	U              string //socks5验证用户名
+	P              string //socks5验证密码
+	Compress       string //压缩方式
+	Start          int    //是否开启
+	IsRun          int    //是否在运行
+	ClientStatus   int    //客s户端状态
+	Crypt          bool   //是否加密
+	Mux            bool   //是否加密
+	CompressEncode int
+	CompressDecode int
+}
+
+type HostList struct {
+	Vkey   string //服务端与客户端通信端口
+	Host   string //启动方式
+	Target string //目标
+}
+
+func NewCsv(runList map[string]interface{}) *Csv {
+	c := new(Csv)
+	c.RunList = runList
+	return c
+}
+
+type Csv struct {
+	Tasks   []*ServerConfig
+	Path    string
+	RunList map[string]interface{}
+	Hosts   []*HostList //域名列表
+}
+
+func (s *Csv) Init() {
+	s.LoadTaskFromCsv()
+	s.LoadHostFromCsv()
+}
+
+func (s *Csv) StoreTasksToCsv() {
+	// 创建文件
+	csvFile, err := os.Create(beego.AppPath + "/conf/tasks.csv")
+	if err != nil {
+		log.Fatalf(err.Error())
+	}
+	defer csvFile.Close()
+	writer := csv.NewWriter(csvFile)
+	for _, task := range s.Tasks {
+		record := []string{
+			strconv.Itoa(task.TcpPort),
+			task.Mode,
+			task.Target,
+			task.VerifyKey,
+			task.U,
+			task.P,
+			task.Compress,
+			strconv.Itoa(task.Start),
+			utils.GetStrByBool(task.Crypt),
+			utils.GetStrByBool(task.Mux),
+			strconv.Itoa(task.CompressEncode),
+			strconv.Itoa(task.CompressDecode),
+		}
+		err := writer.Write(record)
+		if err != nil {
+			log.Fatalf(err.Error())
+		}
+	}
+	writer.Flush()
+}
+
+func (s *Csv) LoadTaskFromCsv() {
+	// 打开文件
+	file, err := os.Open(beego.AppPath + "/conf/tasks.csv")
+	if err != nil {
+		panic(err)
+	}
+	defer file.Close()
+
+	// 获取csv的reader
+	reader := csv.NewReader(file)
+
+	// 设置FieldsPerRecord为-1
+	reader.FieldsPerRecord = -1
+
+	// 读取文件中所有行保存到slice中
+	records, err := reader.ReadAll()
+	if err != nil {
+		panic(err)
+	}
+	var tasks []*ServerConfig
+	// 将每一行数据保存到内存slice中
+	for _, item := range records {
+		tcpPort, _ := strconv.Atoi(item[0])
+		Start, _ := strconv.Atoi(item[7])
+		post := &ServerConfig{
+			TcpPort:        tcpPort,
+			Mode:           item[1],
+			Target:         item[2],
+			VerifyKey:      item[3],
+			U:              item[4],
+			P:              item[5],
+			Compress:       item[6],
+			Start:          Start,
+			Crypt:          utils.GetBoolByStr(item[8]),
+			Mux:            utils.GetBoolByStr(item[9]),
+			CompressEncode: utils.GetIntNoerrByStr(item[10]),
+			CompressDecode: utils.GetIntNoerrByStr(item[11]),
+		}
+		tasks = append(tasks, post)
+	}
+	s.Tasks = tasks
+}
+
+func (s *Csv) StoreHostToCsv() {
+	// 创建文件
+	csvFile, err := os.Create(beego.AppPath + "/conf/hosts.csv")
+	if err != nil {
+		panic(err)
+	}
+	defer csvFile.Close()
+	// 获取csv的Writer
+	writer := csv.NewWriter(csvFile)
+	// 将map中的Post转换成slice，因为csv的Write需要slice参数
+	// 并写入csv文件
+	for _, host := range s.Hosts {
+		record := []string{
+			host.Host,
+			host.Target,
+			host.Vkey,
+		}
+		err1 := writer.Write(record)
+		if err1 != nil {
+			panic(err1)
+		}
+	}
+	// 确保所有内存数据刷到csv文件
+	writer.Flush()
+}
+
+func (s *Csv) LoadHostFromCsv() {
+	// 打开文件
+	file, err := os.Open(beego.AppPath + "/conf/hosts.csv")
+	if err != nil {
+		panic(err)
+	}
+	defer file.Close()
+
+	// 获取csv的reader
+	reader := csv.NewReader(file)
+
+	// 设置FieldsPerRecord为-1
+	reader.FieldsPerRecord = -1
+
+	// 读取文件中所有行保存到slice中
+	records, err := reader.ReadAll()
+	if err != nil {
+		panic(err)
+	}
+	var hosts []*HostList
+	// 将每一行数据保存到内存slice中
+	for _, item := range records {
+		post := &HostList{
+			Vkey:   item[2],
+			Host:   item[0],
+			Target: item[1],
+		}
+		hosts = append(hosts, post)
+	}
+	s.Hosts = hosts
+}
+
+func (s *Csv) NewTask(t *ServerConfig) {
+	s.Tasks = append(s.Tasks, t)
+	s.StoreTasksToCsv()
+}
+
+func (s *Csv) UpdateTask(t *ServerConfig) error {
+	for k, v := range s.Tasks {
+		if v.VerifyKey == t.VerifyKey {
+			s.Tasks = append(s.Tasks[:k], s.Tasks[k+1:]...)
+			s.Tasks = append(s.Tasks, t)
+			s.StoreTasksToCsv()
+			return nil
+		}
+	}
+	return errors.New("不存在")
+}
+
+func (s *Csv) AddRunList(vKey string, svr interface{}) {
+	s.RunList[vKey] = svr
+}
+
+func (s *Csv) DelRunList(vKey string) {
+	delete(s.RunList, vKey)
+}
+
+func (s *Csv) DelTask(vKey string) error {
+	for k, v := range s.Tasks {
+		if v.VerifyKey == vKey {
+			s.Tasks = append(s.Tasks[:k], s.Tasks[k+1:]...)
+			s.StoreTasksToCsv()
+			return nil
+		}
+	}
+	return errors.New("不存在")
+}
+
+func (s *Csv) GetTask(vKey string) (v *ServerConfig, err error) {
+	for _, v = range s.Tasks {
+		if v.VerifyKey == vKey {
+			return
+		}
+	}
+	err = errors.New("未找到")
+	return
+}
+
+func (s *Csv) DelHost(host string) error {
+	for k, v := range s.Hosts {
+		if v.Host == host {
+			s.Hosts = append(s.Hosts[:k], s.Hosts[k+1:]...)
+			s.StoreHostToCsv()
+			return nil
+		}
+	}
+	return errors.New("不存在")
+}
+
+func (s *Csv) NewHost(t *HostList) {
+	s.Hosts = append(s.Hosts, t)
+	s.StoreHostToCsv()
+
+}
+
+func (s *Csv) GetHostList(start, length int, vKey string) ([]*HostList, int) {
+	list := make([]*HostList, 0)
+	var cnt int
+	for _, v := range s.Hosts {
+		if v.Vkey == vKey {
+			cnt++
+			if start--; start < 0 {
+				if length--; length > 0 {
+					list = append(list, v)
+				}
+			}
+		}
+	}
+	return list, cnt
+}

server/server.go

@@ -0,0 +1,209 @@
+package server
+
+import (
+	"errors"
+	"github.com/cnlh/easyProxy/bridge"
+	"github.com/cnlh/easyProxy/utils"
+	"log"
+	"reflect"
+	"strings"
+	"sync"
+)
+
+var (
+	Bridge    *bridge.Tunnel
+	RunList   map[string]interface{} //运行中的任务
+	CsvDb     *Csv
+	VerifyKey string
+)
+
+func init() {
+	RunList = make(map[string]interface{})
+}
+
+//从csv文件中恢复任务
+func InitFromCsv() {
+	for _, v := range CsvDb.Tasks {
+		if v.Start == 1 {
+			log.Println("启动模式：", v.Mode, "监听端口：", v.TcpPort, "客户端令牌：", v.VerifyKey)
+			AddTask(v)
+		}
+	}
+}
+
+//start a new server
+func StartNewServer(bridgePort int, cnf *ServerConfig) {
+	Bridge = bridge.NewTunnel(bridgePort, RunList)
+	if err := Bridge.StartTunnel(); err != nil {
+		log.Fatalln("服务端开启失败", err)
+	}
+	if svr := NewMode(Bridge, cnf); svr != nil {
+		RunList[cnf.VerifyKey] = svr
+		err := reflect.ValueOf(svr).MethodByName("Start").Call(nil)[0]
+		if err.Interface() != nil {
+			log.Println(err)
+		}
+	} else {
+		log.Fatalln("启动模式不正确")
+	}
+}
+
+//new a server by mode name
+func NewMode(Bridge *bridge.Tunnel, config *ServerConfig) interface{} {
+	switch config.Mode {
+	case "tunnelServer":
+		return NewTunnelModeServer(ProcessTunnel, Bridge, config)
+	case "socks5Server":
+		return NewSock5ModeServer(Bridge, config)
+	case "httpProxyServer":
+		return NewTunnelModeServer(ProcessHttp, Bridge, config)
+	case "udpServer":
+		return NewUdpModeServer(Bridge, config)
+	case "webServer":
+		InitCsvDb()
+		InitFromCsv()
+		//p, _ := beego.AppConfig.Int("hostPort")
+		t := &ServerConfig{
+			TcpPort:      8088,
+			Mode:         "httpHostServer",
+			Target:       "",
+			VerifyKey:    "",
+			U:            "",
+			P:            "",
+			Compress:     "",
+			Start:        1,
+			IsRun:        0,
+			ClientStatus: 0,
+		}
+		AddTask(t)
+		return NewWebServer(Bridge)
+	case "hostServer":
+		return NewHostServer(config)
+	case "httpHostServer":
+		return NewTunnelModeServer(ProcessHost, Bridge, config)
+	}
+	return nil
+}
+
+//stop server
+func StopServer(cFlag string) error {
+	if v, ok := RunList[cFlag]; ok {
+		reflect.ValueOf(v).MethodByName("Close").Call(nil)
+		delete(RunList, cFlag)
+		if VerifyKey == "" { //多客户端模式关闭相关隧道
+			Bridge.DelClientSignal(cFlag)
+			Bridge.DelClientTunnel(cFlag)
+		}
+		if t, err := CsvDb.GetTask(cFlag); err != nil {
+			return err
+		} else {
+			t.Start = 0
+			CsvDb.UpdateTask(t)
+		}
+		return nil
+	}
+	return errors.New("未在运行中")
+}
+
+//add task
+func AddTask(t *ServerConfig) error {
+	t.CompressDecode, t.CompressEncode = utils.GetCompressType(t.Compress)
+	if svr := NewMode(Bridge, t); svr != nil {
+		RunList[t.VerifyKey] = svr
+		go func() {
+			err := reflect.ValueOf(svr).MethodByName("Start").Call(nil)[0]
+			if err.Interface() != nil {
+				log.Println("客户端", t.VerifyKey, "启动失败，错误：", err)
+				delete(RunList, t.VerifyKey)
+			}
+		}()
+	} else {
+		return errors.New("启动模式不正确")
+	}
+	return nil
+}
+
+//start task
+func StartTask(vKey string) error {
+	if t, err := CsvDb.GetTask(vKey); err != nil {
+		return err
+	} else {
+		AddTask(t)
+		t.Start = 1
+		CsvDb.UpdateTask(t)
+	}
+	return nil
+}
+
+//delete task
+func DelTask(vKey string) error {
+	if err := StopServer(vKey); err != nil {
+		return err
+	}
+	return CsvDb.DelTask(vKey)
+}
+
+//init csv from file
+func InitCsvDb() *Csv {
+	var once sync.Once
+	once.Do(func() {
+		CsvDb = NewCsv(RunList)
+		CsvDb.Init()
+	})
+	return CsvDb
+}
+
+//get key by host from x
+func GetKeyByHost(host string) (h *HostList, t *ServerConfig, err error) {
+	for _, v := range CsvDb.Hosts {
+		if strings.Contains(host, v.Host) {
+			h = v
+			t, err = CsvDb.GetTask(v.Vkey)
+			return
+		}
+	}
+	err = errors.New("未找到host对应的内网目标")
+	return
+}
+
+//get task list by page num
+func GetServerConfig(start, length int, typeVal string) ([]*ServerConfig, int) {
+	list := make([]*ServerConfig, 0)
+	var cnt int
+	for _, v := range CsvDb.Tasks {
+		if v.Mode != typeVal {
+			continue
+		}
+		cnt++
+		if start--; start < 0 {
+			if length--; length > 0 {
+				if _, ok := RunList[v.VerifyKey]; ok {
+					v.IsRun = 1
+				} else {
+					v.IsRun = 0
+				}
+				if s, ok := Bridge.SignalList[getverifyval(v.VerifyKey)]; ok {
+					if s.Len() > 0 {
+						v.ClientStatus = 1
+					} else {
+						v.ClientStatus = 0
+					}
+				} else {
+					v.ClientStatus = 0
+				}
+				list = append(list, v)
+			}
+		}
+
+	}
+	return list, cnt
+}
+
+//get verify value
+//when mode is webServer and vKey is not none
+func getverifyval(vkey string) string {
+	if VerifyKey != "" {
+		return utils.Md5(VerifyKey)
+	}
+	return utils.Md5(vkey)
+}

server/socks5.go

@@ -0,0 +1,324 @@
+package server
+
+import (
+	"encoding/binary"
+	"errors"
+	"github.com/cnlh/easyProxy/bridge"
+	"github.com/cnlh/easyProxy/utils"
+	"io"
+	"log"
+	"net"
+	"strconv"
+	"strings"
+)
+
+const (
+	ipV4            = 1
+	domainName      = 3
+	ipV6            = 4
+	connectMethod   = 1
+	bindMethod      = 2
+	associateMethod = 3
+	// The maximum packet size of any udp Associate packet, based on ethernet's max size,
+	// minus the IP and UDP headers. IPv4 has a 20 byte header, UDP adds an
+	// additional 4 bytes.  This is a total overhead of 24 bytes.  Ethernet's
+	// max packet size is 1500 bytes,  1500 - 24 = 1476.
+	maxUDPPacketSize = 1476
+)
+
+const (
+	succeeded uint8 = iota
+	serverFailure
+	notAllowed
+	networkUnreachable
+	hostUnreachable
+	connectionRefused
+	ttlExpired
+	commandNotSupported
+	addrTypeNotSupported
+)
+
+const (
+	UserPassAuth    = uint8(2)
+	userAuthVersion = uint8(1)
+	authSuccess     = uint8(0)
+	authFailure     = uint8(1)
+)
+
+type Sock5ModeServer struct {
+	bridge   *bridge.Tunnel
+	isVerify bool
+	listener net.Listener
+	config   *ServerConfig
+}
+
+//req
+func (s *Sock5ModeServer) handleRequest(c net.Conn) {
+	/*
+		The SOCKS request is formed as follows:
+		+----+-----+-------+------+----------+----------+
+		|VER | CMD |  RSV  | ATYP | DST.ADDR | DST.PORT |
+		+----+-----+-------+------+----------+----------+
+		| 1  |  1  | X'00' |  1   | Variable |    2     |
+		+----+-----+-------+------+----------+----------+
+	*/
+	header := make([]byte, 3)
+
+	_, err := io.ReadFull(c, header)
+
+	if err != nil {
+		log.Println("illegal request", err)
+		c.Close()
+		return
+	}
+
+	switch header[1] {
+	case connectMethod:
+		s.handleConnect(c)
+	case bindMethod:
+		s.handleBind(c)
+	case associateMethod:
+		s.handleUDP(c)
+	default:
+		s.sendReply(c, commandNotSupported)
+		c.Close()
+	}
+}
+
+//reply
+func (s *Sock5ModeServer) sendReply(c net.Conn, rep uint8) {
+	reply := []byte{
+		5,
+		rep,
+		0,
+		1,
+	}
+
+	localAddr := c.LocalAddr().String()
+	localHost, localPort, _ := net.SplitHostPort(localAddr)
+	ipBytes := net.ParseIP(localHost).To4()
+	nPort, _ := strconv.Atoi(localPort)
+	reply = append(reply, ipBytes...)
+	portBytes := make([]byte, 2)
+	binary.BigEndian.PutUint16(portBytes, uint16(nPort))
+	reply = append(reply, portBytes...)
+
+	c.Write(reply)
+}
+
+//do conn
+func (s *Sock5ModeServer) doConnect(c net.Conn, command uint8) (proxyConn *utils.Conn, err error) {
+	addrType := make([]byte, 1)
+	c.Read(addrType)
+	var host string
+	switch addrType[0] {
+	case ipV4:
+		ipv4 := make(net.IP, net.IPv4len)
+		c.Read(ipv4)
+		host = ipv4.String()
+	case ipV6:
+		ipv6 := make(net.IP, net.IPv6len)
+		c.Read(ipv6)
+		host = ipv6.String()
+	case domainName:
+		var domainLen uint8
+		binary.Read(c, binary.BigEndian, &domainLen)
+		domain := make([]byte, domainLen)
+		c.Read(domain)
+		host = string(domain)
+	default:
+		s.sendReply(c, addrTypeNotSupported)
+		err = errors.New("Address type not supported")
+		return nil, err
+	}
+
+	var port uint16
+	binary.Read(c, binary.BigEndian, &port)
+	// connect to host
+	addr := net.JoinHostPort(host, strconv.Itoa(int(port)))
+	client, err := s.bridge.GetTunnel(getverifyval(s.config.VerifyKey), s.config.CompressEncode, s.config.CompressDecode, s.config.Crypt, s.config.Mux)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	s.sendReply(c, succeeded)
+	var ltype string
+	if command == associateMethod {
+		ltype = utils.CONN_UDP
+	} else {
+		ltype = utils.CONN_TCP
+	}
+	_, err = client.WriteHost(ltype, addr)
+	var flag string
+	if flag, err = client.ReadFlag(); err == nil {
+		if flag != utils.CONN_SUCCESS {
+			err = errors.New("conn failed")
+		}
+	}
+	return client, err
+}
+
+//conn
+func (s *Sock5ModeServer) handleConnect(c net.Conn) {
+	proxyConn, err := s.doConnect(c, connectMethod)
+	defer func() {
+		if s.config.Mux {
+			s.bridge.ReturnTunnel(proxyConn, getverifyval(s.config.VerifyKey))
+		}
+	}()
+	if err != nil {
+		c.Close()
+	} else {
+		go utils.Relay(proxyConn.Conn, c, s.config.CompressEncode, s.config.Crypt, s.config.Mux)
+		utils.Relay(c, proxyConn.Conn, s.config.CompressDecode, s.config.Crypt, s.config.Mux)
+	}
+}
+
+// passive mode
+func (s *Sock5ModeServer) handleBind(c net.Conn) {
+}
+
+//udp
+func (s *Sock5ModeServer) handleUDP(c net.Conn) {
+	log.Println("UDP Associate")
+	/*
+	   +----+------+------+----------+----------+----------+
+	   |RSV | FRAG | ATYP | DST.ADDR | DST.PORT |   DATA   |
+	   +----+------+------+----------+----------+----------+
+	   | 2  |  1   |  1   | Variable |    2     | Variable |
+	   +----+------+------+----------+----------+----------+
+	*/
+	buf := make([]byte, 3)
+	c.Read(buf)
+	// relay udp datagram silently, without any notification to the requesting client
+	if buf[2] != 0 {
+		// does not support fragmentation, drop it
+		log.Println("does not support fragmentation, drop")
+		dummy := make([]byte, maxUDPPacketSize)
+		c.Read(dummy)
+	}
+
+	proxyConn, err := s.doConnect(c, associateMethod)
+	defer func() {
+		if s.config.Mux {
+			s.bridge.ReturnTunnel(proxyConn, getverifyval(s.config.VerifyKey))
+		}
+	}()
+	if err != nil {
+		c.Close()
+	} else {
+		go utils.Relay(proxyConn.Conn, c, s.config.CompressEncode, s.config.Crypt, s.config.Mux)
+		utils.Relay(c, proxyConn.Conn, s.config.CompressDecode, s.config.Crypt, s.config.Mux)
+	}
+}
+
+//new conn
+func (s *Sock5ModeServer) handleConn(c net.Conn) {
+	buf := make([]byte, 2)
+	if _, err := io.ReadFull(c, buf); err != nil {
+		log.Println("negotiation err", err)
+		c.Close()
+		return
+	}
+
+	if version := buf[0]; version != 5 {
+		log.Println("only support socks5, request from: ", c.RemoteAddr())
+		c.Close()
+		return
+	}
+	nMethods := buf[1]
+
+	methods := make([]byte, nMethods)
+	if len, err := c.Read(methods); len != int(nMethods) || err != nil {
+		log.Println("wrong method")
+		c.Close()
+		return
+	}
+	if s.isVerify {
+		buf[1] = UserPassAuth
+		c.Write(buf)
+		if err := s.Auth(c); err != nil {
+			c.Close()
+			log.Println("验证失败：", err)
+			return
+		}
+	} else {
+		buf[1] = 0
+		c.Write(buf)
+	}
+	s.handleRequest(c)
+}
+
+//socks5 auth
+func (s *Sock5ModeServer) Auth(c net.Conn) error {
+	header := []byte{0, 0}
+	if _, err := io.ReadAtLeast(c, header, 2); err != nil {
+		return err
+	}
+	if header[0] != userAuthVersion {
+		return errors.New("验证方式不被支持")
+	}
+	userLen := int(header[1])
+	user := make([]byte, userLen)
+	if _, err := io.ReadAtLeast(c, user, userLen); err != nil {
+		return err
+	}
+	if _, err := c.Read(header[:1]); err != nil {
+		return errors.New("密码长度获取错误")
+	}
+	passLen := int(header[0])
+	pass := make([]byte, passLen)
+	if _, err := io.ReadAtLeast(c, pass, passLen); err != nil {
+		return err
+	}
+	if string(pass) == s.config.U && string(user) == s.config.P {
+		if _, err := c.Write([]byte{userAuthVersion, authSuccess}); err != nil {
+			return err
+		}
+		return nil
+	} else {
+		if _, err := c.Write([]byte{userAuthVersion, authFailure}); err != nil {
+			return err
+		}
+		return errors.New("验证不通过")
+	}
+	return errors.New("未知错误")
+}
+
+//start
+func (s *Sock5ModeServer) Start() error {
+	var err error
+	s.listener, err = net.Listen("tcp", ":"+strconv.Itoa(s.config.TcpPort))
+	if err != nil {
+		return err
+	}
+	for {
+		conn, err := s.listener.Accept()
+		if err != nil {
+			if strings.Contains(err.Error(), "use of closed network connection") {
+				break
+			}
+			log.Fatal("accept error: ", err)
+		}
+		go s.handleConn(conn)
+	}
+	return nil
+}
+
+//close
+func (s *Sock5ModeServer) Close() error {
+	return s.listener.Close()
+}
+
+//new
+func NewSock5ModeServer(bridge *bridge.Tunnel, cnf *ServerConfig) *Sock5ModeServer {
+	s := new(Sock5ModeServer)
+	s.bridge = bridge
+	s.config = cnf
+	if s.config.U != "" && s.config.P != "" {
+		s.isVerify = true
+	} else {
+		s.isVerify = false
+	}
+	return s
+}

server/tcp.go

@@ -0,0 +1,191 @@
+package server
+
+import (
+	"errors"
+	"fmt"
+	"github.com/astaxie/beego"
+	"github.com/cnlh/easyProxy/bridge"
+	"github.com/cnlh/easyProxy/utils"
+	"log"
+	"net"
+	"net/http"
+	"strings"
+)
+
+
+type process func(c *utils.Conn, s *TunnelModeServer) error
+
+type TunnelModeServer struct {
+	process  process
+	bridge   *bridge.Tunnel
+	config   *ServerConfig
+	listener *net.TCPListener
+}
+
+//tcp|http|host
+func NewTunnelModeServer(process process, bridge *bridge.Tunnel, cnf *ServerConfig) *TunnelModeServer {
+	s := new(TunnelModeServer)
+	s.bridge = bridge
+	s.process = process
+	s.config = cnf
+	return s
+}
+
+//开始
+func (s *TunnelModeServer) Start() error {
+	var err error
+	s.listener, err = net.ListenTCP("tcp", &net.TCPAddr{net.ParseIP("0.0.0.0"), s.config.TcpPort, ""})
+	if err != nil {
+		return err
+	}
+	for {
+		conn, err := s.listener.AcceptTCP()
+		if err != nil {
+			if strings.Contains(err.Error(), "use of closed network connection") {
+				break
+			}
+			log.Println(err)
+			continue
+		}
+		go s.process(utils.NewConn(conn), s)
+	}
+	return nil
+}
+
+//权限认证
+func (s *TunnelModeServer) auth(r *http.Request, c *utils.Conn, u, p string) error {
+	if u != "" && p != "" && !utils.CheckAuth(r, u, p) {
+		c.Write([]byte(utils.Unauthorized_BYTES))
+		c.Close()
+		return errors.New("401 Unauthorized")
+	}
+	return nil
+}
+
+//与客户端建立通道
+func (s *TunnelModeServer) dealClient(c *utils.Conn, cnf *ServerConfig, addr string, method string, rb []byte) error {
+	link, err := s.bridge.GetTunnel(getverifyval(cnf.VerifyKey), cnf.CompressEncode, cnf.CompressDecode, cnf.Crypt, cnf.Mux)
+	defer func() {
+		if cnf.Mux {
+			s.bridge.ReturnTunnel(link, getverifyval(cnf.VerifyKey))
+		} else {
+			c.Close()
+		}
+	}()
+	if err != nil {
+		log.Println(err)
+		c.Close()
+		return err
+	}
+	if _, err := link.WriteHost(utils.CONN_TCP, addr); err != nil {
+		c.Close()
+		link.Close()
+		log.Println(err)
+		return err
+	}
+	if flag, err := link.ReadFlag(); err == nil {
+		if flag == utils.CONN_SUCCESS {
+			if method == "CONNECT" {
+				fmt.Fprint(c, "HTTP/1.1 200 Connection established\r\n")
+			} else {
+				link.WriteTo(rb, cnf.CompressEncode, cnf.Crypt)
+			}
+			go utils.Relay(link.Conn, c.Conn, cnf.CompressEncode, cnf.Crypt, cnf.Mux)
+			utils.Relay(c.Conn, link.Conn, cnf.CompressDecode, cnf.Crypt, cnf.Mux)
+		}
+	}
+	return nil
+}
+
+//close
+func (s *TunnelModeServer) Close() error {
+	return s.listener.Close()
+}
+
+//tcp隧道模式
+func ProcessTunnel(c *utils.Conn, s *TunnelModeServer) error {
+	method, _, rb, err, r := c.GetHost()
+	if err == nil {
+		if err := s.auth(r, c, s.config.U, s.config.P); err != nil {
+			return err
+		}
+	}
+	return s.dealClient(c, s.config, s.config.Target, method, rb)
+}
+
+//http代理模式
+func ProcessHttp(c *utils.Conn, s *TunnelModeServer) error {
+	method, addr, rb, err, r := c.GetHost()
+	if err != nil {
+		c.Close()
+		return err
+	}
+	if err := s.auth(r, c, s.config.U, s.config.P); err != nil {
+		return err
+	}
+	//TODO效率问题
+	return s.dealClient(c, s.config, addr, method, rb)
+}
+
+//多客户端域名代理
+func ProcessHost(c *utils.Conn, s *TunnelModeServer) error {
+	method, addr, rb, err, r := c.GetHost()
+	if err != nil {
+		c.Close()
+		return err
+	}
+	host, task, err := GetKeyByHost(addr)
+	if err != nil {
+		return err
+	}
+	if err := s.auth(r, c, task.U, task.P); err != nil {
+		return err
+	}
+	if err != nil {
+		c.Close()
+		return err
+	}
+	return s.dealClient(c, task, host.Target, method, rb)
+}
+
+//web管理方式
+type WebServer struct {
+	bridge *bridge.Tunnel
+}
+
+//开始
+func (s *WebServer) Start() {
+	beego.BConfig.WebConfig.Session.SessionOn = true
+	log.Println("web管理启动，访问端口为", beego.AppConfig.String("httpport"))
+	beego.SetViewsPath(beego.AppPath + "/web/views")
+	beego.SetStaticPath("/static/", "/web/static")
+	beego.Run()
+}
+
+//new
+func NewWebServer(bridge *bridge.Tunnel) *WebServer {
+	s := new(WebServer)
+	s.bridge = bridge
+	return s
+}
+
+//host
+type HostServer struct {
+	config *ServerConfig
+}
+
+//开始
+func (s *HostServer) Start() error {
+	return nil
+}
+
+func NewHostServer(cnf *ServerConfig) *HostServer {
+	s := new(HostServer)
+	s.config = cnf
+	return s
+}
+
+//close
+func (s *HostServer) Close() error {
+	return nil
+}

server/udp.go

@@ -0,0 +1,84 @@
+package server
+
+import (
+	"github.com/cnlh/easyProxy/bridge"
+	"github.com/cnlh/easyProxy/utils"
+	"io"
+	"log"
+	"net"
+	"strings"
+)
+
+type UdpModeServer struct {
+	bridge   *bridge.Tunnel
+	listener *net.UDPConn
+	udpMap   map[string]*utils.Conn
+	config   *ServerConfig
+}
+
+func NewUdpModeServer(bridge *bridge.Tunnel, cnf *ServerConfig) *UdpModeServer {
+	s := new(UdpModeServer)
+	s.bridge = bridge
+	s.udpMap = make(map[string]*utils.Conn)
+	s.config = cnf
+	return s
+}
+
+//开始
+func (s *UdpModeServer) Start() error {
+	var err error
+	s.listener, err = net.ListenUDP("udp", &net.UDPAddr{net.ParseIP("0.0.0.0"), s.config.TcpPort, ""})
+	if err != nil {
+		return err
+	}
+	data := make([]byte, 1472) //udp数据包大小
+	for {
+		n, addr, err := s.listener.ReadFromUDP(data)
+		if err != nil {
+			if strings.Contains(err.Error(), "use of closed network connection") {
+				break
+			}
+			continue
+		}
+		go s.process(addr, data[:n])
+	}
+	return nil
+}
+
+//TODO:效率问题有待解决
+func (s *UdpModeServer) process(addr *net.UDPAddr, data []byte) {
+	conn, err := s.bridge.GetTunnel(getverifyval(s.config.VerifyKey), s.config.CompressEncode, s.config.CompressDecode, s.config.Crypt, s.config.Mux)
+	if err != nil {
+		log.Println(err)
+		return
+	}
+	if _, err := conn.WriteHost(utils.CONN_UDP, s.config.Target); err != nil {
+		conn.Close()
+		return
+	}
+	if flag, err := conn.ReadFlag(); err == nil {
+		defer func() {
+			if s.config.Mux {
+				s.bridge.ReturnTunnel(conn, getverifyval(s.config.VerifyKey))
+			} else {
+				conn.Close()
+			}
+		}()
+		if flag == utils.CONN_SUCCESS {
+			conn.WriteTo(data, s.config.CompressEncode, s.config.Crypt)
+			buf := make([]byte, 1024)
+			//conn.conn.SetReadDeadline(time.Now().Add(time.Duration(time.Second * 3)))
+			n, err := conn.ReadFrom(buf, s.config.CompressDecode, s.config.Crypt)
+			if err != nil || err == io.EOF {
+				log.Println("revieve error:", err)
+				return
+			}
+			s.listener.WriteToUDP(buf[:n], addr)
+			conn.WriteTo([]byte(utils.IO_EOF), s.config.CompressEncode, s.config.Crypt)
+		}
+	}
+}
+
+func (s *UdpModeServer) Close() error {
+	return s.listener.Close()
+}