git clone https://github.com/zephyrchien/midori
cd midori
cargo build --release
uds
-- enable unix domain socketudp
-- enable udptls
-- enable tls(rustls)ws
-- enable websocketh2c
-- enable http2quic
-- enable quicfull
-- enable all above (default)
# tcp only
cargo build --release --no-default-features
# with tls support
cargo build --release --no-default-features --features tls
# with other protocols
cargo build --release --no-default-features --features tls,ws,h2c
midori [OPTIONS] [SUBCOMMAND]
FLAGS:
-h, --help Prints help information
-V, --version Prints version information
OPTIONS:
-c, --config <file> specify a config file
Let's start with a simple TCP relay(supports zero-copy on linux). Just create a config file and then specify the listen and remote address:
{
"endpoints":[
{
"listen": "0.0.0.0:5000",
"remote": "1.2.3.4:8080"
},
{
"listen": "0.0.0.0:10000",
"remote": "www.example.com:443"
},
]
}
Launch these 2 endpoints:
midori -c config.json
Almost all kinds of address are supported, including ipv4
, ipv6
, domain name
and unix socket path
.
This program is equipped with a light-weight logger, which is disabled by default. You can provide env variables to enable it.
Supported log levels:
- Off
- Error
- Warn
- Info
- Debug
- Trace
Example:
RUST_LOG=debug midori
show example
{
"dns_mode": "ipv4_then_ipv6",
"endpoints": [
{
"listen": {
"addr": "0.0.0.0:5000",
"net": "tcp",
"trans": {
"proto": "ws",
"path": "/"
},
"tls": {
"cert": "x.crt",
"key": "x.pem",
"versions": "tlsv1.3, tlsv1.2",
"aplns": "http/1.1",
"ocsp": "x.ocsp"
}
},
"remote": {
"addr": "www.example.com:443",
"net": "tcp",
"trans": {
"proto": "h2",
"path": "/",
"server_push": false
},
"tls": {
"roots": "firefox",
"versions": "tlsv1.3, tlsv1.2",
"sni": "www.example.com",
"aplns": "h2",
"skip_verify": false,
"enable_sni": true
}
}
}
]
}
Currently, the configuration file only consists of 2 fields:
{
"dns_mode": "", // and other global params
"endpoints": []
}
The trust-dns
crate supports these strategies:
- ipv4_only
- ipv6_only
- ipv4_then_ipv6 (default)
- ipv6_then_ipv4
- ipv4_and_ipv6
Each endpoint contains an associated pair of listen
and remote
:
{
"listen": "",
"remote": ""
}
Options of listen
& remote
:
{
"addr": "", // must
"net": "", // tcp(deafult), uds, udp
"trans": "", // plain(default), ws, h2..
"tls": "" // none(default)
}
Not all fields above are required. If not specified, the default value will be applied. trans
and tls
have more complicated params. See protocol docs for more details.
You can freely combine net
, trans
and tls
. For example, tcp + ws + tls = wss; uds + h2 + tls = h2(over uds).
All possible combinations:
net | tls | trans | result |
---|---|---|---|
tcp/uds | none | plain | plain tcp/uds |
tcp/uds | rustls | plain | tls over tcp/uds |
tcp/uds | none | ws | ws over tcp/uds |
tcp/uds | rustls | ws | wss over tcp/uds |
tcp/uds | none | h2 | h2c over tcp/uds |
tcp/uds | rustls | h2 | http2 over tcp/uds |
tcp/uds | none | grpc | grpc over tcp/uds |
tcp/uds | rustls | grpc | grpc over tcp/uds |
udp | none | plain | plain udp |
udp | none | kcp | kcp |
udp | rustls | quic | quic |