Midori
Protocols
Build
git clone https://github.com/zephyrchien/midori
cd midori
cargo build --releaseOptional Features
uds-- enable unix domain socketudp-- enable udptls-- enable tls(rustls)ws-- enable websocketh2c-- enable http2quic-- enable quicfull-- enable all above (default)
# tcp only
cargo build --release --no-default-features
# with tls support
cargo build --release --no-default-features --features tls
# with other protocols
cargo build --release --no-default-features --features tls,ws,h2cUsage
midori [OPTIONS] [SUBCOMMAND]
FLAGS:
-h, --help Prints help information
-V, --version Prints version information
OPTIONS:
-c, --config <file> specify a config fileQuick Start
Let's start with a simple TCP relay(supports zero-copy on linux). Just create a config file and then specify the listen and remote address:
{
"endpoints":[
{
"listen": "0.0.0.0:5000",
"remote": "1.2.3.4:8080"
},
{
"listen": "0.0.0.0:10000",
"remote": "www.example.com:443"
},
]
}Launch these 2 endpoints:
midori -c config.jsonAlmost all kinds of address are supported, including ipv4, ipv6, domain name and unix socket path.
Log
This program is equipped with a light-weight logger, which is disabled by default. You can provide env variables to enable it.
Supported log levels:
- Off
- Error
- Warn
- Info
- Debug
- Trace
Example:
RUST_LOG=debug midoriFull Configuration
show example
{
"dns_mode": "ipv4_then_ipv6",
"endpoints": [
{
"listen": {
"addr": "0.0.0.0:5000",
"net": "tcp",
"trans": {
"proto": "ws",
"path": "/"
},
"tls": {
"cert": "x.crt",
"key": "x.pem",
"versions": "tlsv1.3, tlsv1.2",
"aplns": "http/1.1",
"ocsp": "x.ocsp"
}
},
"remote": {
"addr": "www.example.com:443",
"net": "tcp",
"trans": {
"proto": "h2",
"path": "/",
"server_push": false
},
"tls": {
"roots": "firefox",
"versions": "tlsv1.3, tlsv1.2",
"sni": "www.example.com",
"aplns": "h2",
"skip_verify": false,
"enable_sni": true
}
}
}
]
}
Global
Currently, the configuration file only consists of 2 fields:
{
"dns_mode": "", // and other global params
"endpoints": []
}DNS Mode
The trust-dns crate supports these strategies:
- ipv4_only
- ipv6_only
- ipv4_then_ipv6 (default)
- ipv6_then_ipv4
- ipv4_and_ipv6
Endpoint(s)
Each endpoint contains an associated pair of listen and remote:
{
"listen": "",
"remote": ""
}Options of listen & remote:
{
"addr": "", // must
"net": "", // tcp(deafult), uds, udp
"trans": "", // plain(default), ws, h2..
"tls": "" // none(default)
}Not all fields above are required. If not specified, the default value will be applied. trans and tls have more complicated params. See protocol docs for more details.
You can freely combine net, trans and tls. For example, tcp + ws + tls = wss; uds + h2 + tls = h2(over uds).
All possible combinations:
| net | tls | trans | result |
|---|---|---|---|
| tcp/uds | none | plain | plain tcp/uds |
| tcp/uds | rustls | plain | tls over tcp/uds |
| tcp/uds | none | ws | ws over tcp/uds |
| tcp/uds | rustls | ws | wss over tcp/uds |
| tcp/uds | none | h2 | h2c over tcp/uds |
| tcp/uds | rustls | h2 | http2 over tcp/uds |
| tcp/uds | none | grpc | grpc over tcp/uds |
| tcp/uds | rustls | grpc | grpc over tcp/uds |
| udp | none | plain | plain udp |
| udp | none | kcp | kcp |
| udp | rustls | quic | quic |