- Implement client bandwidth limitation parameter --bandwidth, supporting 1M, 1MB, 1G and other formats
- Added parseBandwidth function to parse bandwidth values and verify them
- Added bandwidth limit option in HTTP, HTTPS, TCP commands
- Pass bandwidth configuration to the server through protocol
- Add relevant test cases to verify the bandwidth analysis function
feat(server): implements server-side bandwidth limitation function
- Add bandwidth limitation logic in connection processing, using token bucket algorithm
- Implement an effective rate limiting strategy that minimizes the bandwidth of the client and server
- Added QoS limiter and restricted connection wrapper
- Integrated bandwidth throttling in HTTP and WebSocket proxies
- Added global bandwidth limit and burst multiplier settings in server configuration
docs: Updated documentation to describe bandwidth limiting functionality
- Add 2025-02-14 version update instructions in README and README_CN
- Add bandwidth limit function description and usage examples
- Provide client and server configuration examples and parameter descriptions
- Add Bearer Token authentication, supporting tunnel access control via the --auth-bearer parameter
- Refactor large modules into smaller, more focused components to improve code maintainability
- Update dependency versions, including golang.org/x/crypto, golang.org/x/net, etc.
- Add SilenceUsage and SilenceErrors configuration for all CLI commands
- Modify connector configuration structure to support the new authentication method
- Update recent change log in README with new feature descriptions
BREAKING CHANGE: Authentication via Bearer Token is now supported, requiring the new --auth-bearer parameter
Add the --auth parameter to enable proxy authentication for HTTP and HTTPS tunnels, supporting password verification and session management.
- Add --auth flag in CLI to set proxy authentication password
- Implement server-side authentication handling and login page
- Support Cookie-based session management and validation
- Add protocol message definitions related to authentication
- Implement IP whitelist/blacklist access control mechanism
- Add --allow-ip and --deny-ip command-line arguments to configure IP access rules
- Support CIDR format for IP range configuration
- Enable IP access control in HTTP, HTTPS, and TCP tunnels
- Add IP access check logic to server-side proxy handling
- Update documentation to explain how to use IP access control
- Reduce inspection intervals and cooling times to improve response speed
- Added burst load handling mechanism to support batch expansion.
- Introduced the GetSessionStats method to retrieve detailed statistics for each session.
- Create data sessions concurrently to accelerate scaling.
- Added a ping loop keep-alive mechanism for each session.
feat(server): Enhance tunnel management and security restrictions
- Implement IP-based tunnel number and registration frequency limits
- Add a rate limiter to prevent malicious registration behavior.
- Improved shutdown process to ensure proper exit of cleanup coroutines.
- Introduce atomic operations to tunnel connections to improve concurrency performance
- Track client IP addresses for access control
perf(server): Improves HTTP request processing performance and resource reuse.
- Use sync.Pool to reuse bufio.Writer to reduce GC pressure.
- Enable TCP_NODELAY to improve response speed
- Adjust HTTP server timeout configuration to balance performance and security
refactor(proxy): Optimizes the stream open timeout control logic
- Use context to control timeouts and avoid goroutine leaks.
- Ensure that established connections are properly closed upon timeout.
docs(test): Upgrade one-click test scripts to Go test service
- Replace Python's built-in server with a high-performance Go implementation
- Update dependency checks: Use Go instead of Python 3
- Enhanced startup log output for easier debugging
chore(shared): Enhances the security and consistency of the ID generator.
- Remove the timestamp fallback scheme and uniformly adopt crypto/rand.
- Added TryGenerateID to provide a non-panic error handling method.
- Define the maximum frame size explicitly and add comments to explain it.
style(frame): Reduce memory allocation and optimize read performance
- Use an array on the stack instead of heap allocation to read the frame header.
- Reduced maximum frame size from 10MB to 1MB to decrease DoS risk.
- Introduce pooled tunnel sessions (TunnelID/DataConnect) on client/server
- Proxy HTTP/HTTPS via raw HTTP over yamux streams; pipe TCP streams directly
- Move UI/stats into internal/shared; refactor CLI tunnel helpers; drop msgpack/hpack legacy
A new FlowControl frame type has been added for backpressure control between the client and server, and SafeFrame has been introduced.
Frame resource management has been encapsulated to ensure that frame data is correctly returned to the memory pool after use. The frame processing logic has also been optimized.
The way frame.Release() is called improves code security and maintainability.
feat(client): Implements queue pressure monitoring and flow control signal sending functions.
Add the `monitorQueuePressure` method to periodically check the length of the `dataFrameQueue`, and trigger an alarm when the queue usage exceeds a threshold.
Automatically send flow control commands to the server to pause or resume writing, preventing data backlog and connection interruptions caused by slow consumption speed.
feat(server): Supports receiving and responding to flow control requests from clients.
The `handleFlowControl` and `sendWithBackpressure` methods have been added to enable backpressure control of received data frames on the server side.
By blocking the sending process using a condition variable until the client releases the pause state, connection stability is ensured under high load.
refactor(client): Reduces redundant resource release operations during frame processing.
Use SafeFrame to manage frame lifecycles uniformly, replacing manual frame.Release() with defer sf.Close() in multiple frame handlers.
This avoids the risk of memory leaks caused by unreleased abnormal paths.
perf(client): Shorten the shutdown timeout to speed up resource reclamation.
The forced shutdown wait time in the tunnel runner and connector has been adjusted from 5 seconds and 3 seconds to 2 seconds to improve the program exit response speed.
- Add runtime performance optimization configurations to main.go, including setting GOMAXPROCS, adjusting GC frequency, and memory limits.
- Implement a worker pool-based data frame processing mechanism in connector.go to improve processing capabilities under high concurrency.
- Adjust frame writer configuration to improve batch write efficiency and enable adaptive refresh strategy.
- Add callback handling support for write errors to enhance connection stability.
refactor(server): Introduce an adaptive buffer pool to optimize memory usage
- Add adaptive_buffer_pool.go to implement large and small buffer reuse, reducing memory allocation overhead.
- Apply buffer pool management for large/medium temporary buffers in proxy handlers and TCP connections.
- Change the HTTP response writer to a cached bufio.Writer to improve I/O performance.
- Optimize HTTP request reading logic and response sending process.
build(docker): Update mount paths and remove unused named volumes
- Modify the data directory mount method in docker-compose.release.yml. ./data:/app/data
- Remove the unnecessary drip-data named volume definition
test(script): Add performance testing and profiling scripts
- Add profile-test.sh script for automating stress testing and performance data collection
- Supports collecting pprof data such as CPU, stack traces, and coroutines and generating analysis reports
Redundant comments have been removed from the `WriteFrame` and heartbeat control methods, and logic for releasing unprocessed frames in the queue has been added to the `Close` method to ensure proper resource reclamation. Some unnecessary channel signal comments have also been removed, making the code more concise and clear.
Added the `--short` flag to the `version` command for printing version information without styles.
In this mode, only the version, Git commit hash, and build time in plain text format will be output, facilitating script parsing.
Optimized Windows process detection logic to improve runtime accuracy.
Removed redundant comments and simplified signal checking methods, making the code clearer and easier to maintain.
refactor(protocol): Replaced string matching of data frame types with enumeration types.
Unified the representation of data frame types in the protocol, using the `DataType` enumeration to improve performance and readability.
Introduced a pooled buffer mechanism to improve memory efficiency in high-load scenarios.
refactor(ui): Adjusted style definitions, removing hard-coded color values.
Removed fixed color settings from some lipgloss styles, providing flexibility for future theme customization.
``` docs(install): Improved the version extraction function in the installation script.
Added the `get_version_from_binary` function to enhance version identification capabilities, prioritizing plain mode output, ensuring accurate version number acquisition for the drip client or server across different terminal environments.
perf(tcp): Improved TCP processing performance and connection management capabilities.
Adjusted HTTP client transmission parameter configuration, increasing the maximum number of idle connections to accommodate higher concurrent requests.
Improved error handling logic, adding special checks for common cases such as closing network connections to avoid log pollution.
chore(writer): Expanded the FrameWriter queue length to improve batch write stability.
Increased the FrameWriter queue size from 1024 to 2048, and released pooled resources after flushing, better handling sudden traffic spikes and reducing memory usage fluctuations.
Added a heartbeatControl channel to support dynamic start/stop of the heartbeat function and optimized related resource management logic,
ensuring that the heartbeat ticker can be correctly stopped and rebuilt. Also adjusted the field initialization order to ensure concurrency safety.
fix(ui): Improved the tunnel connection status display style
Updated the URL line display content, added the "(forwarded link)" prompt text; adjusted the style layout of the local forwarding address and prompt information,
making the interface clearer and easier to read.
- Optimized terminal output style and configuration management using libraries such as `lipgloss` and `go-json`
- Introduced the `ui` package to unify the display logic of colors, tables, and prompts
- Updated the README document structure and installation script links to improve readability and internationalization support
- Improved the interaction flow and log display effects of the daemon startup and attach commands
- Fixed some command parameter parsing issues, improving program robustness and user onboarding experience
