tourze/workerman-sni-proxy

SNI代理

Maintainers

Details

github.com/tourze/workerman-sni-proxy

Source

Issues

Installs: 0

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 1

Forks: 0

Open Issues: 0

0.0.1 2025-03-30 20:33 UTC

Requires

Requires (Dev)

MIT 9d9d18225dde9d537c09c30d1363beff9ae6b160

This package is auto-updated.

Last update: 2025-03-30 20:34:57 UTC

README

English | 中文

Latest Version Total Downloads License

A high-performance SNI (Server Name Indication) proxy server based on Workerman.

Features

  • Parses SNI extension from client TLS handshakes to identify target hosts
  • Routes connections to appropriate backend servers based on SNI hostname
  • Supports whitelisting of allowed hostnames
  • Provides flexible configuration options for binding address and port
  • Handles connection pooling and management efficiently
  • Integrates with PSR-compatible loggers (including Monolog)
  • Minimal dependencies, lightweight design for optimal performance

Installation

composer require tourze/workerman-sni-proxy

Requirements

  • PHP 8.1 or higher
  • Workerman 5.1 or higher
  • PSR-compatible logger (optional, Monolog recommended)

Quick Start

Basic Example

<?php

use Tourze\Workerman\SNIProxy\SniProxyWorker;
use Workerman\Worker;

require_once __DIR__ . '/vendor/autoload.php';

// Create an SNI proxy worker listening on port 8443
$worker = new SniProxyWorker('0.0.0.0', 8443);

// Set worker process count
$worker->count = 4;

// Run worker
Worker::runAll();

With Host Whitelist and Logging

<?php

use Monolog\Handler\StreamHandler;
use Monolog\Logger;
use Tourze\Workerman\SNIProxy\SniProxyWorker;
use Workerman\Worker;

require_once __DIR__ . '/vendor/autoload.php';

// Initialize logger
$logger = new Logger('sni-proxy');
$logger->pushHandler(new StreamHandler('php://stdout', Logger::DEBUG));

// Whitelist of allowed hosts (format: "hostname:port")
$allowedHosts = [
    "www.example.com:443",
    "api.example.com:443"
];

// Create an SNI proxy worker with whitelist and logger
$worker = new SniProxyWorker('0.0.0.0', 8443, $allowedHosts, $logger);

// Set worker process count
$worker->count = 4;

// Run worker
Worker::runAll();

API Documentation

SniProxyWorker

/**
 * @param string $bindHost Binding address
 * @param int $bindPort Binding port
 * @param array $remoteHosts Allowed hosts list (format: ["hostname:port", ...])
 * @param LoggerInterface|null $logger PSR-compatible logger instance
 */
public function __construct(
    string $bindHost = '0.0.0.0',
    int $bindPort = 443,
    array $remoteHosts = [],
    ?LoggerInterface $logger = null
)

Use Cases

  • TLS traffic routing based on domain name
  • Implementing virtual hosting for HTTPS services
  • SSL/TLS offloading at edge servers
  • Monitoring and debugging TLS traffic
  • Access control for HTTPS services

Notes

  • Using port 443 requires root privileges
  • For testing, use a non-privileged port like 8443
  • In production, consider using systemd or supervisor to manage the process
  • Performance scales with the number of worker processes

License

The MIT License (MIT). Please see License File for more information.