midori
midori copied to clipboard
zephyrchien
A multi-protocol network relay
Midori
Protocols
Build
git clone https://github.com/zephyrchien/midori
cd midori
cargo build --release
Optional Features
-
uds-- enable unix domain socket -
udp-- enable udp -
tls-- enable tls(rustls) -
ws-- enable websocket -
h2c-- enable http2 -
quic-- enable quic -
full-- enable all above (default)
# tcp only
cargo build --release --no-default-features
# with tls support
cargo build --release --no-default-features --features tls
# with other protocols
cargo build --release --no-default-features --features tls,ws,h2c
Usage
midori [OPTIONS] [SUBCOMMAND]
FLAGS:
-h, --help Prints help information
-V, --version Prints version information
OPTIONS:
-c, --config <file> specify a config file
Quick Start
Let's start with a simple TCP relay(supports zero-copy on linux). Just create a config file and then specify the listen and remote address:
{
"endpoints":[
{
"listen": "0.0.0.0:5000",
"remote": "1.2.3.4:8080"
},
{
"listen": "0.0.0.0:10000",
"remote": "www.example.com:443"
},
]
}
Launch these 2 endpoints:
midori -c config.json
Almost all kinds of address are supported, including ipv4, ipv6, domain name and unix socket path.
Log
This program is equipped with a light-weight logger, which is disabled by default. You can provide env variables to enable it.
Supported log levels:
- Off
- Error
- Warn
- Info
- Debug
- Trace
Example:
RUST_LOG=debug midori
Full Configuration
show example
{
"dns_mode": "ipv4_then_ipv6",
"endpoints": [
{
"listen": {
"addr": "0.0.0.0:5000",
"net": "tcp",
"trans": {
"proto": "ws",
"path": "/"
},
"tls": {
"cert": "x.crt",
"key": "x.pem",
"versions": "tlsv1.3, tlsv1.2",
"aplns": "http/1.1",
"ocsp": "x.ocsp"
}
},
"remote": {
"addr": "www.example.com:443",
"net": "tcp",
"trans": {
"proto": "h2",
"path": "/",
"server_push": false
},
"tls": {
"roots": "firefox",
"versions": "tlsv1.3, tlsv1.2",
"sni": "www.example.com",
"aplns": "h2",
"skip_verify": false,
"enable_sni": true
}
}
}
]
}
Global
Currently, the configuration file only consists of 2 fields:
{
"dns_mode": "", // and other global params
"endpoints": []
}
DNS Mode
The trust-dns crate supports these strategies:
- ipv4_only
- ipv6_only
- ipv4_then_ipv6 (default)
- ipv6_then_ipv4
- ipv4_and_ipv6
Endpoint(s)
Each endpoint contains an associated pair of listen and remote:
{
"listen": "",
"remote": ""
}
Options of listen & remote:
{
"addr": "", // must
"net": "", // tcp(deafult), uds, udp
"trans": "", // plain(default), ws, h2..
"tls": "" // none(default)
}
Not all fields above are required. If not specified, the default value will be applied. trans and tls have more complicated params. See protocol docs for more details.
You can freely combine net, trans and tls. For example, tcp + ws + tls = wss; uds + h2 + tls = h2(over uds).
All possible combinations:
| net | tls | trans | result |
|---|---|---|---|
| tcp/uds | none | plain | plain tcp/uds |
| tcp/uds | rustls | plain | tls over tcp/uds |
| tcp/uds | none | ws | ws over tcp/uds |
| tcp/uds | rustls | ws | wss over tcp/uds |
| tcp/uds | none | h2 | h2c over tcp/uds |
| tcp/uds | rustls | h2 | http2 over tcp/uds |
| tcp/uds | none | grpc | grpc over tcp/uds |
| tcp/uds | rustls | grpc | grpc over tcp/uds |
| udp | none | plain | plain udp |
| udp | none | kcp | kcp |
| udp | rustls | quic | quic |
zephyrchien