Merge pull request #526 from ehang-io/dev, close #483

Dev

bridge/bridge.go

@@ -41,28 +41,30 @@ func NewClient(t, f *nps_mux.Mux, s *conn.Conn, vs string) *Client {
 }
 
 type Bridge struct {
-	TunnelPort  int //通信隧道端口
-	Client      sync.Map
-	Register    sync.Map
-	tunnelType  string //bridge type kcp or tcp
-	OpenTask    chan *file.Tunnel
-	CloseTask   chan *file.Tunnel
-	CloseClient chan int
-	SecretChan  chan *conn.Secret
-	ipVerify    bool
-	runList     sync.Map //map[int]interface{}
+	TunnelPort     int //通信隧道端口
+	Client         sync.Map
+	Register       sync.Map
+	tunnelType     string //bridge type kcp or tcp
+	OpenTask       chan *file.Tunnel
+	CloseTask      chan *file.Tunnel
+	CloseClient    chan int
+	SecretChan     chan *conn.Secret
+	ipVerify       bool
+	runList        sync.Map //map[int]interface{}
+	disconnectTime int
 }
 
-func NewTunnel(tunnelPort int, tunnelType string, ipVerify bool, runList sync.Map) *Bridge {
+func NewTunnel(tunnelPort int, tunnelType string, ipVerify bool, runList sync.Map, disconnectTime int) *Bridge {
 	return &Bridge{
-		TunnelPort:  tunnelPort,
-		tunnelType:  tunnelType,
-		OpenTask:    make(chan *file.Tunnel),
-		CloseTask:   make(chan *file.Tunnel),
-		CloseClient: make(chan int),
-		SecretChan:  make(chan *conn.Secret),
-		ipVerify:    ipVerify,
-		runList:     runList,
+		TunnelPort:     tunnelPort,
+		tunnelType:     tunnelType,
+		OpenTask:       make(chan *file.Tunnel),
+		CloseTask:      make(chan *file.Tunnel),
+		CloseClient:    make(chan int),
+		SecretChan:     make(chan *conn.Secret),
+		ipVerify:       ipVerify,
+		runList:        runList,
+		disconnectTime: disconnectTime,
 	}
 }
 
@@ -242,7 +244,7 @@ func (s *Bridge) typeDeal(typeVal string, c *conn.Conn, id int, vs string) {
 		go s.GetHealthFromClient(id, c)
 		logs.Info("clientId %d connection succeeded, address:%s ", id, c.Conn.RemoteAddr())
 	case common.WORK_CHAN:
-		muxConn := nps_mux.NewMux(c.Conn, s.tunnelType)
+		muxConn := nps_mux.NewMux(c.Conn, s.tunnelType, s.disconnectTime)
 		if v, ok := s.Client.LoadOrStore(id, NewClient(muxConn, nil, nil, vs)); ok {
 			v.(*Client).tunnel = muxConn
 		}
@@ -263,7 +265,7 @@ func (s *Bridge) typeDeal(typeVal string, c *conn.Conn, id int, vs string) {
 			logs.Error("secret error, failed to match the key successfully")
 		}
 	case common.WORK_FILE:
-		muxConn := nps_mux.NewMux(c.Conn, s.tunnelType)
+		muxConn := nps_mux.NewMux(c.Conn, s.tunnelType, s.disconnectTime)
 		if v, ok := s.Client.LoadOrStore(id, NewClient(nil, muxConn, nil, vs)); ok {
 			v.(*Client).file = muxConn
 		}

build.sh

@@ -1,5 +1,5 @@
 #/bash/sh
-export VERSION=0.26.6
+export VERSION=0.26.7
 export GOPROXY=direct
 
 sudo apt-get update

client/client.go

@@ -28,17 +28,19 @@ type TRPClient struct {
 	signal         *conn.Conn
 	ticker         *time.Ticker
 	cnf            *config.Config
+	disconnectTime int
 }
 
 //new client
-func NewRPClient(svraddr string, vKey string, bridgeConnType string, proxyUrl string, cnf *config.Config) *TRPClient {
+func NewRPClient(svraddr string, vKey string, bridgeConnType string, proxyUrl string, cnf *config.Config, disconnectTime int) *TRPClient {
 	return &TRPClient{
 		svrAddr:        svraddr,
 		p2pAddr:        make(map[string]string, 0),
 		vKey:           vKey,
 		bridgeConnType: bridgeConnType,
 		proxyUrl:       proxyUrl,
 		cnf:            cnf,
+		disconnectTime: disconnectTime,
 	}
 }
 
@@ -138,7 +140,7 @@ func (s *TRPClient) newUdpConn(localAddr, rAddr string, md5Password string) {
 			conn.SetUdpSession(udpTunnel)
 			logs.Trace("successful connection with client ,address %s", udpTunnel.RemoteAddr().String())
 			//read link info from remote
-			conn.Accept(nps_mux.NewMux(udpTunnel, s.bridgeConnType), func(c net.Conn) {
+			conn.Accept(nps_mux.NewMux(udpTunnel, s.bridgeConnType, s.disconnectTime), func(c net.Conn) {
 				go s.handleChan(c)
 			})
 			break
@@ -153,7 +155,7 @@ func (s *TRPClient) newChan() {
 		logs.Error("connect to ", s.svrAddr, "error:", err)
 		return
 	}
-	s.tunnel = nps_mux.NewMux(tunnel.Conn, s.bridgeConnType)
+	s.tunnel = nps_mux.NewMux(tunnel.Conn, s.bridgeConnType, s.disconnectTime)
 	for {
 		src, err := s.tunnel.Accept()
 		if err != nil {

client/control.go

@@ -175,7 +175,7 @@ re:
 	} else {
 		logs.Notice("web access login username:%s password:%s", cnf.CommonConfig.Client.WebUserName, cnf.CommonConfig.Client.WebPassword)
 	}
-	NewRPClient(cnf.CommonConfig.Server, vkey, cnf.CommonConfig.Tp, cnf.CommonConfig.ProxyUrl, cnf).Start()
+	NewRPClient(cnf.CommonConfig.Server, vkey, cnf.CommonConfig.Tp, cnf.CommonConfig.ProxyUrl, cnf, cnf.CommonConfig.DisconnectTime).Start()
 	CloseLocalServer()
 	goto re
 }

client/local.go

@@ -73,7 +73,7 @@ func startLocalFileServer(config *config.CommonConfig, t *file.Tunnel, vkey stri
 	}
 	logs.Info("start local file system, local path %s, strip prefix %s ,remote port %s ", t.LocalPath, t.StripPre, t.Ports)
 	fileServer = append(fileServer, srv)
-	listener := nps_mux.NewMux(remoteConn.Conn, common.CONN_TCP)
+	listener := nps_mux.NewMux(remoteConn.Conn, common.CONN_TCP, config.DisconnectTime)
 	logs.Error(srv.Serve(listener))
 }
 
@@ -214,6 +214,6 @@ func newUdpConn(localAddr string, config *config.CommonConfig, l *config.LocalSe
 	logs.Trace("successful create a connection with server", remoteAddress)
 	conn.SetUdpSession(udpTunnel)
 	udpConn = udpTunnel
-	muxSession = nps_mux.NewMux(udpConn, "kcp")
+	muxSession = nps_mux.NewMux(udpConn, "kcp", config.DisconnectTime)
 	p2pNetBridge = &p2pBridge{}
 }

cmd/npc/npc.go

@@ -21,23 +21,24 @@ import (
 )
 
 var (
-	serverAddr   = flag.String("server", "", "Server addr (ip:port)")
-	configPath   = flag.String("config", "", "Configuration file path")
-	verifyKey    = flag.String("vkey", "", "Authentication key")
-	logType      = flag.String("log", "stdout", "Log output mode（stdout|file）")
-	connType     = flag.String("type", "tcp", "Connection type with the server（kcp|tcp）")
-	proxyUrl     = flag.String("proxy", "", "proxy socks5 url(eg:socks5://111:222@127.0.0.1:9007)")
-	logLevel     = flag.String("log_level", "7", "log level 0~7")
-	registerTime = flag.Int("time", 2, "register time long /h")
-	localPort    = flag.Int("local_port", 2000, "p2p local port")
-	password     = flag.String("password", "", "p2p password flag")
-	target       = flag.String("target", "", "p2p target")
-	localType    = flag.String("local_type", "p2p", "p2p target")
-	logPath      = flag.String("log_path", "", "npc log path")
-	debug        = flag.Bool("debug", true, "npc debug")
-	pprofAddr    = flag.String("pprof", "", "PProf debug addr (ip:port)")
-	stunAddr     = flag.String("stun_addr", "stun.stunprotocol.org:3478", "stun server address (eg:stun.stunprotocol.org:3478)")
-	ver          = flag.Bool("version", false, "show current version")
+	serverAddr     = flag.String("server", "", "Server addr (ip:port)")
+	configPath     = flag.String("config", "", "Configuration file path")
+	verifyKey      = flag.String("vkey", "", "Authentication key")
+	logType        = flag.String("log", "stdout", "Log output mode（stdout|file）")
+	connType       = flag.String("type", "tcp", "Connection type with the server（kcp|tcp）")
+	proxyUrl       = flag.String("proxy", "", "proxy socks5 url(eg:socks5://111:222@127.0.0.1:9007)")
+	logLevel       = flag.String("log_level", "7", "log level 0~7")
+	registerTime   = flag.Int("time", 2, "register time long /h")
+	localPort      = flag.Int("local_port", 2000, "p2p local port")
+	password       = flag.String("password", "", "p2p password flag")
+	target         = flag.String("target", "", "p2p target")
+	localType      = flag.String("local_type", "p2p", "p2p target")
+	logPath        = flag.String("log_path", "", "npc log path")
+	debug          = flag.Bool("debug", true, "npc debug")
+	pprofAddr      = flag.String("pprof", "", "PProf debug addr (ip:port)")
+	stunAddr       = flag.String("stun_addr", "stun.stunprotocol.org:3478", "stun server address (eg:stun.stunprotocol.org:3478)")
+	ver            = flag.Bool("version", false, "show current version")
+	disconnectTime = flag.Int("disconnect_timeout", 60, "not receiving check packet times, until timeout will disconnect the client")
 )
 
 func main() {
@@ -218,6 +219,7 @@ func run() {
 		commonConfig.Client = new(file.Client)
 		commonConfig.Client.Cnf = new(file.Config)
 		go client.StartLocalServer(localServer, commonConfig)
+		return
 	}
 	env := common.GetEnvMap()
 	if *serverAddr == "" {
@@ -230,7 +232,7 @@ func run() {
 	if *verifyKey != "" && *serverAddr != "" && *configPath == "" {
 		go func() {
 			for {
-				client.NewRPClient(*serverAddr, *verifyKey, *connType, *proxyUrl, nil).Start()
+				client.NewRPClient(*serverAddr, *verifyKey, *connType, *proxyUrl, nil, *disconnectTime).Start()
 				logs.Info("It will be reconnected in five seconds")
 				time.Sleep(time.Second * 5)
 			}

cmd/npc/sdk.go

@@ -16,7 +16,7 @@ func StartClientByVerifyKey(serverAddr, verifyKey, connType, proxyUrl *C.char) i
 	if cl != nil {
 		cl.Close()
 	}
-	cl = client.NewRPClient(C.GoString(serverAddr), C.GoString(verifyKey), C.GoString(connType), C.GoString(proxyUrl), nil)
+	cl = client.NewRPClient(C.GoString(serverAddr), C.GoString(verifyKey), C.GoString(connType), C.GoString(proxyUrl), nil, 60)
 	go func() {
 		cl.Start()
 		return

cmd/nps/nps.go

@@ -1,14 +1,6 @@
 package main
 
 import (
-	"ehang.io/nps/lib/crypt"
-	"ehang.io/nps/lib/file"
-	"ehang.io/nps/lib/install"
-	"ehang.io/nps/lib/version"
-	"ehang.io/nps/server"
-	"ehang.io/nps/server/connection"
-	"ehang.io/nps/server/tool"
-	"ehang.io/nps/web/routers"
 	"flag"
 	"log"
 	"os"
@@ -18,7 +10,16 @@ import (
 	"strings"
 	"sync"
 
+	"ehang.io/nps/lib/file"
+	"ehang.io/nps/lib/install"
+	"ehang.io/nps/lib/version"
+	"ehang.io/nps/server"
+	"ehang.io/nps/server/connection"
+	"ehang.io/nps/server/tool"
+	"ehang.io/nps/web/routers"
+
 	"ehang.io/nps/lib/common"
+	"ehang.io/nps/lib/crypt"
 	"ehang.io/nps/lib/daemon"
 	"github.com/astaxie/beego"
 	"github.com/astaxie/beego/logs"
@@ -200,8 +201,13 @@ func run() {
 	}
 	logs.Info("the version of server is %s ,allow client core version to be %s", version.VERSION, version.GetVersion())
 	connection.InitConnectionService()
-	crypt.InitTls(filepath.Join(common.GetRunPath(), "conf", "server.pem"), filepath.Join(common.GetRunPath(), "conf", "server.key"))
+	//crypt.InitTls(filepath.Join(common.GetRunPath(), "conf", "server.pem"), filepath.Join(common.GetRunPath(), "conf", "server.key"))
+	crypt.InitTls()
 	tool.InitAllowPort()
 	tool.StartSystemInfo()
-	go server.StartNewServer(bridgePort, task, beego.AppConfig.String("bridge_type"))
+	timeout, err := beego.AppConfig.Int("disconnect_timeout")
+	if err != nil {
+		timeout = 60
+	}
+	go server.StartNewServer(bridgePort, task, beego.AppConfig.String("bridge_type"), timeout)
 }

conf/npc.conf

@@ -13,6 +13,7 @@ web_password=1234
 crypt=true
 compress=true
 #pprof_addr=0.0.0.0:9999
+disconnect_timeout=60
 
 [health_check_test1]
 health_check_timeout=1

conf/nps.conf

@@ -80,3 +80,6 @@ http_add_origin_header=false
 #pprof debug options
 #pprof_ip=0.0.0.0
 #pprof_port=9999
+
+#client disconnect timeout
+disconnect_timeout=60

docs/_coverpage.md

@@ -1,6 +1,6 @@
 ![logo](logo.svg)
 
-# NPS <small>0.26.6</small>
+# NPS <small>0.26.7</small>
 
 > 一款轻量级、高性能、功能强大的内网穿透代理服务器
 

docs/feature.md

@@ -16,8 +16,7 @@
 ## 加密传输
 
 如果公司内网防火墙对外网访问进行了流量识别与屏蔽，例如禁止了ssh协议等，通过设置 配置文件，将服务端与客户端之间的通信内容加密传输，将会有效防止流量被拦截。
-- nps使用tls加密，所以一定要保留conf目录下的密钥文件，同时也可以自行生成
-- 在web管理或客户端配置文件中设置
+- nps现在默认每次启动时随机生成tls证书，用于加密传输
 
 
 
@@ -244,3 +243,8 @@ LevelInformational->6 LevelDebug->7
 可在服务端与客户端配置中开启pprof端口，用于性能分析与调试，注释或留空相应参数为关闭。
 
 默认为关闭状态
+
+## 自定义客户端超时检测断开时间
+
+客户端与服务端间会间隔5s相互发送延迟测量包，这个时间间隔不可修改。
+可修改延迟测量包丢包的次数，默认为60也就是5分钟都收不到一个延迟测量回包，则会断开客户端连接。

go.mod

@@ -3,8 +3,8 @@ module ehang.io/nps
 go 1.13
 
 require (
-	ehang.io/nps-mux v0.0.0-20200319121657-f4af26331c9f
-	fyne.io/fyne v1.2.3
+	ehang.io/nps-mux v0.0.0-20200407130948-165521618e58
+	fyne.io/fyne v1.2.4
 	github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d // indirect
 	github.com/astaxie/beego v1.12.0
 	github.com/bradfitz/iter v0.0.0-20191230175014-e8f45d346db8 // indirect
@@ -16,14 +16,15 @@ require (
 	github.com/hooklift/assert v0.0.0-20170704181755-9d1defd6d214 // indirect
 	github.com/kardianos/service v1.0.0
 	github.com/klauspost/pgzip v1.2.1 // indirect
+	github.com/klauspost/reedsolomon v1.9.6 // indirect
 	github.com/panjf2000/ants/v2 v2.3.1
 	github.com/pkg/errors v0.9.1
 	github.com/shiena/ansicolor v0.0.0-20151119151921-a422bbe96644 // indirect
 	github.com/shirou/gopsutil v2.19.11+incompatible
 	github.com/xtaci/kcp-go v5.4.20+incompatible
-	golang.org/x/crypto v0.0.0-20200317142112-1b76d66859c6 // indirect
-	golang.org/x/net v0.0.0-20200301022130-244492dfa37a
-	golang.org/x/sys v0.0.0-20200317113312-5766fd39f98d // indirect
+	golang.org/x/crypto v0.0.0-20200429183012-4b2356b1ed79 // indirect
+	golang.org/x/net v0.0.0-20200506145744-7e3656a0809f
+	golang.org/x/sys v0.0.0-20200501145240-bc7a7d42d5c3 // indirect
 )
 
 replace github.com/astaxie/beego => github.com/exfly/beego v1.12.0-export-init