Skip to content

Commit

Permalink
docs: add description of fallback and timeout
Browse files Browse the repository at this point in the history 
add description of fallback and timeout in port reuse mode
  • Loading branch information
@X1r0z
X1r0z committed Dec 25, 2024
1 parent 484bc6f commit 5c1a4cd
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 2 deletions.
11 changes: 10 additions & 1 deletion README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,13 +85,14 @@ $ ./pivot reuse -h

Port reuse mode

Usage: pivot reuse --local <LOCAL> --remote <REMOTE> --fallback <FALLBACK> --external <EXTERNAL>
Usage: pivot reuse [OPTIONS] --local <LOCAL> --remote <REMOTE> --external <EXTERNAL>

Options:
-l, --local <LOCAL> Local reuse IP address, format: IP:PORT
-r, --remote <REMOTE> Remote redirect IP address, format: IP:PORT
-f, --fallback <FALLBACK> Fallback IP address, format: IP:PORT
-e, --external <EXTERNAL> External IP address, format: IP
-t, --timeout <TIMEOUT> Timeout to stop port reuse
-h, --help Print help
```

Expand Down Expand Up @@ -330,6 +331,14 @@ Attackers from external address `1.2.3.4` will connect to `10.0.0.1:22` through

It is not recommended to reuse ports on `0.0.0.0` address although it may work in some cases, because it will make the fallback address useless (the fallback connection will be looped in `pivot-rs` and finally cause a crash)

Sometimes the fallback address is not necessary, you can omit it and set a timeout.

```bash
./pivot reuse -l 192.168.1.1:8000 -r 10.0.0.1:22 -e 1.2.3.4 -t 10
```

The timeout means stopping the reuse listener after a specific time (10s), and continuing to forward the alive connections.

## Reference

[https://github.com/EddieIvan01/iox](https://github.com/EddieIvan01/iox)
Expand Down
11 changes: 10 additions & 1 deletion README.zh.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,13 +85,14 @@ $ ./pivot reuse -h

Port reuse mode

Usage: pivot reuse --local <LOCAL> --remote <REMOTE> --fallback <FALLBACK> --external <EXTERNAL>
Usage: pivot reuse [OPTIONS] --local <LOCAL> --remote <REMOTE> --external <EXTERNAL>

Options:
-l, --local <LOCAL> Local reuse IP address, format: IP:PORT
-r, --remote <REMOTE> Remote redirect IP address, format: IP:PORT
-f, --fallback <FALLBACK> Fallback IP address, format: IP:PORT
-e, --external <EXTERNAL> External IP address, format: IP
-t, --timeout <TIMEOUT> Timeout to stop port reuse
-h, --help Print help
```

Expand Down Expand Up @@ -330,6 +331,14 @@ TLS 加密支持 TCP 端口转发, Unix domain socket 转发和 Socks 代理.

注意不建议复用 `0.0.0.0` 地址上的端口 (虽然有时候能用), 因为这会导致 fallback 地址直接没用了 (fallback 连接依然会走 `pivot-rs` 的端口复用流程, 一直循环, 最终 crash)

有时候你可以不用指定 fallback 地址, 而是设置一个 timeout

```bash
./pivot reuse -l 192.168.1.1:8000 -r 10.0.0.1:22 -e 1.2.3.4 -t 10
```

这里的 timeout 代表在特定时间 (10s) 后停止端口复用, 但是已有的活动连接会被继续转发.

## 参考

[https://github.com/EddieIvan01/iox](https://github.com/EddieIvan01/iox)
Expand Down

0 comments on commit 5c1a4cd

Please sign in to comment.