win
a72ba424cc
CI / test (push) Failing after 1m32s
CI / golangci-lint (push) Failing after 33s
Security Scan / backend-security (push) Failing after 32s
Security Scan / frontend-security (push) Failing after 32s
feat: Node.js TLS 指纹代理 + 网络隔离防泄露
- 新增 Node.js TLS Forward Proxy (tools/node-tls-proxy/)
原生 Node.js TLS 栈发起上游 HTTPS,JA3/JA4 天然匹配 Claude CLI
SSE 流式透传,支持上游 HTTP CONNECT 代理
零依赖,Node.js 24.13.0 锁定版本
- Go 集成 (config.go + http_upstream.go)
新增 NodeTLSProxyConfig 配置
DoWithTLS 优先走 Node.js 代理模式,URL 重写 https→http://localhost:3456
- Docker 网络隔离 (docker-compose.tls-proxy.yml)
sub2api 容器仅 internal 网络,物理隔离外网
node-tls-proxy 唯一出站通道,IPv6 内核级禁用
- iptables 防泄露脚本 (tools/firewall/)
QUIC/UDP 443 全局 DROP,仅 nodeproxy 用户可出站 TCP 443
- 镜像切换为 zfc931912343/ 仓库
2026-03-22 00:18:43 +08:00
..
2026-03-22 00:18:43 +08:00
2026-03-18 15:03:24 +08:00
2026-03-21 11:10:40 +08:00
2026-02-08 12:05:39 +08:00
2026-02-08 12:05:39 +08:00
2026-02-10 11:42:39 +08:00
2026-03-21 15:34:28 +08:00
2026-03-22 00:18:43 +08:00
2026-03-20 09:17:32 +08:00
2026-03-21 14:02:10 +08:00
2026-03-17 15:38:18 +08:00
2026-03-09 19:55:18 +08:00
2026-02-28 15:01:20 +08:00
2026-03-18 14:13:52 +08:00