Skip to content

Commit

Permalink
add knock option for probe resistance
Browse files Browse the repository at this point in the history
  • Loading branch information
ginuerzh committed Jun 13, 2019
1 parent 6f0bf7d commit 86e9772
Show file tree
Hide file tree
Showing 4 changed files with 15 additions and 4 deletions.
1 change: 1 addition & 0 deletions cmd/gost/route.go
Original file line number Diff line number Diff line change
Expand Up @@ -438,6 +438,7 @@ func (r *route) GenRouters() ([]router, error) {
gost.RetryHandlerOption(node.GetInt("retry")), // override the global retry option.
gost.TimeoutHandlerOption(time.Duration(node.GetInt("timeout"))*time.Second),
gost.ProbeResistHandlerOption(node.Get("probe_resist")),
gost.KnockingHandlerOption(node.Get("knock")),
gost.NodeHandlerOption(node),
gost.IPsHandlerOption(ips),
)
Expand Down
8 changes: 8 additions & 0 deletions handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,7 @@ type HandlerOptions struct {
Resolver Resolver
Hosts *Hosts
ProbeResist string
KnockingHost string
Node Node
Host string
IPs []string
Expand Down Expand Up @@ -150,6 +151,13 @@ func ProbeResistHandlerOption(pr string) HandlerOption {
}
}

// KnockingHandlerOption adds the knocking host for probe resistance.
func KnockingHandlerOption(host string) HandlerOption {
return func(opts *HandlerOptions) {
opts.KnockingHost = host
}
}

// NodeHandlerOption set the server node for server handler.
func NodeHandlerOption(node Node) HandlerOption {
return func(opts *HandlerOptions) {
Expand Down
5 changes: 3 additions & 2 deletions http.go
Original file line number Diff line number Diff line change
Expand Up @@ -302,8 +302,9 @@ func (h *httpHandler) authenticate(conn net.Conn, req *http.Request, resp *http.
return true
}

// probing resistance is enabled
if ss := strings.SplitN(h.options.ProbeResist, ":", 2); len(ss) == 2 {
// probing resistance is enabled, and knocking host is mismatch.
if ss := strings.SplitN(h.options.ProbeResist, ":", 2); len(ss) == 2 &&
(h.options.KnockingHost == "" || !strings.EqualFold(req.URL.Hostname(), h.options.KnockingHost)) {
resp.StatusCode = http.StatusServiceUnavailable // default status code

switch ss[0] {
Expand Down
5 changes: 3 additions & 2 deletions http2.go
Original file line number Diff line number Diff line change
Expand Up @@ -461,8 +461,9 @@ func (h *http2Handler) authenticate(w http.ResponseWriter, r *http.Request, resp
return true
}

// probing resistance is enabled
if ss := strings.SplitN(h.options.ProbeResist, ":", 2); len(ss) == 2 {
// probing resistance is enabled, and knocking host is mismatch.
if ss := strings.SplitN(h.options.ProbeResist, ":", 2); len(ss) == 2 &&
(h.options.KnockingHost == "" || !strings.EqualFold(r.URL.Hostname(), h.options.KnockingHost)) {
resp.StatusCode = http.StatusServiceUnavailable // default status code
w.Header().Del("Proxy-Agent")

Expand Down

0 comments on commit 86e9772

Please sign in to comment.