EN/CN
This project is a program used to implement a powerful traffic center, aiming to be [efficient, powerful, multi-functional, and safe].
- Because I am always tired of adjusting the network, I thought about whether I could make something that would allow me to conveniently switch and control traffic.
- So,
Anchoragewas born. - Maybe you know go-CFC, which is the predecessor of
Anchorage. It summed up experience and expanded it to produceAnchorage. Anchoragehas been working for me for a long time and it plays a big role in my daily work.- So I thought I'd share it and hope someone can use it and make some suggestions.
- Traffic forwarding, nothing more.
Anchoragedoes not do anything too advanced, but it can accomplish some things that we usually find cumbersome.- For example, expose an intranet service, divert some local traffic for proxy, etc.
- If you go one step further, you can access the SDK for specialized development.
- Operating system: Windows, macOS, or Linux (Unix)
- Get executable binaries in recent releases:
The executable file outputs version-related information to indicate that it is executable, and you can start the anchorage journey!(●´3`)~♪
root@ubuntu-s:~/anchorage# ./anchorage_linux_amd64 -v anchorage version (_) <--|--> _ | _ `\__/ \__/` `-.o.-' anch'rage anchorage-code:v0.1.0
- We need to initialize a configuration file for service startup
Usage: anchorage init [config] [flags]configis used to specify the service configuration file to be started. If it is empty,~/.anchorage/cfg.yamlwill be used by default.
- Anchorage’s command line tool is very simple to start.
Usage: anchorage start [config] [flags] Flags: --cmd.addr string cmd address --cmd.cert string cmd tls cert file --cmd.i cmd tls insecure --cmd.key string cmd tls key file --cmd.nk string cmd network --cmd.p string cmd password --cmd.tls cmd tls enable --cmd.u string cmd username -d, --debug string Enable debug pprof and metrics -h, --help help for start -i, --init If config not exist, will init configconfigis used to specify the service configuration file to be started. If it is empty,~/.anchorage/cfg.yamlwill be used by default to start the service.--cmd.addrThis is the listening address of the background management. By default,127.0.0.1:2024is used for monitoring.--cmd.nkThis is the listening network type of background management. By default,tcpis used.--cmd.u--cmd.pThis is the user password for background management, and is empty by default.--cmd.tls--cmd.cert--cmd.keyThese are some configurations of tls, which are not enabled by default.-d --debugThis is the function of enabling golang's pprof and metrics. You can use golang's pprof tool for performance analysis, or you can use prometheus for monitoring data collection.-i --initThis will initialize an empty configuration file when the configuration file does not exist.
- The anchorage service process is already running! But if you want anchorage to serve stably in the background, you need some necessary auxiliary tools.
Here we take Linux systemd as an example to write a service file to let anchorage continue to run in the background!
[Unit] Description=anchorage After=network.target [Service] User=root ExecStart=/root/anchorage/anchorage_linux_amd64 start --cmd.addr 0.0.0.0:2024 ExecStop=/usr/bin/killall -9 anchorage Restart=on-failure PrivateTmp=true [Install] WantedBy=multi-user.target
- Although the anchor service is already running, because the configuration file is an empty shell, we need to load some functions to make anchorage officially work for us! (The following will be performed through the command line tool that comes with anchorage)
First, we need a traffic forwarding center-
server!Through theanchorage core server command Usage: anchorage server [command] Available Commands: add add one anchorage core server. (requires vim, vi, nano, or emacs tool) config print one anchorage core server config. del del one anchorage core server. (if it is in a working state, the related work will be stopped) reload reload one anchorage core server. start start one anchorage core server. stop stop one anchorage core server. update update one anchorage core server config and reload (if in working). (requires vim, vi, nano, or emacs tool) Flags: --cmd.addr string cmd address --cmd.i cmd tls insecure --cmd.nk string cmd network --cmd.p string cmd password --cmd.tls cmd tls enable --cmd.u string cmd username -h, --help help for serveraddcommand, you can add aservermodule. Generally speaking, there will be text editors such as vim in the terminal, so we only need to fill in the template. But we don’t need to think too much, because we are starting quickly, so we only need to fill in the necessary items.It will be automatically submitted after saving. At this time, we can view the existingenable: false # loaded then to work <bool> config: # server config <*config.ServerConfig> nodeInfo: # current server node config <config.NodeConfig> nodeName: "test1" # must be <string> baseNetwork: # base network list <[]config.BaseNetworkConfig> - network: "tcp" # must be tcp,udp(quic) <string> address: "127.0.0.1:20240" # work address <string>servermodule through./anchorage_linux_amd64 view server, and then copy the id (a new id will be generated every time the anchorage service is started, so there is no need to remember it specially it) You can start this module through./anchorage_linux_amd64 server start [id]! If you want anchorage to also start theservermodule at startup, you only need to changeenable: false # loaded then to work <bool>in the configuration to true. - Along the way, you may be bored without experiencing the functions of anchorage. Sorry, anchorage is not a thing that can be used out of the box. It requires a little configuration before it can serve.
Let's add a
clientto connect to the previously configuredserver.Likeanchorage core client command Usage: anchorage client [command] Available Commands: add add one anchorage core client. (requires vim, vi, nano, or emacs tool) config print one anchorage core client config. del del one anchorage core client. (if it is in a working state, the related work will be stopped) reload reload one anchorage core client. start start one anchorage core client. stop stop one anchorage core client. update update one anchorage core client config and reload (if in working). (requires vim, vi, nano, or emacs tool) Flags: --cmd.addr string cmd address --cmd.i cmd tls insecure --cmd.nk string cmd network --cmd.p string cmd password --cmd.tls cmd tls enable --cmd.u string cmd username -h, --help help for serverserver, add aclientmodule through theaddcommand and fill in the necessary items. The information filled here is consistent with theserverconfiguration.It will be automatically submitted after saving. At this time, we can view the existingenable: false # loaded then to work <bool> config: # client config <*config.ClientConfig> nodes: # dial to server node list <[]config.NodeConfig> - nodeName: "test1" # must be <string> baseNetwork: # base network list <[]config.BaseNetworkConfig> - network: "tcp" # must be tcp,udp(quic) <string> address: "127.0.0.1:20240" # work address <string>clientmodule through./anchorage_linux_amd64 view client, and then copy the id (a new id will be generated every time the anchorage service is started, so there is no need to remember it specially it) You can start this module through./anchorage_linux_amd64 view start [id]! If you want anchorage to also start theclientmodule at startup, you only need to changeenable: false # loaded then to work <bool>in the configuration to true. - After creating the
clientmodule, we simply create alistenanddialmodules../anchorage_linux_amd64 listen add [client id]Use the id of theclientjust used and fill in the necessary items.Here we simply register aenable: false # loaded then to work <bool> name: "testssh" # service name <string> switchLink: true # whether or not to allow the link <bool> outNetwork: # out network config <*sdk.NetworkConfig> network: "tcp" # must be tcp or udp <string> address: "127.0.0.1:22" # must be tcp or udp <string> multi: true # whether support multi io to link <bool>listenmodule pointing to port 22 ssh, and query thelistenid through./anchorage_linux_amd64 view client default [client id]. Finally, start it through./anchorage_linux_amd64 listen start [client id] [listen id]. The enable in the configuration has the same effect as before../anchorage_linux_amd64 dial add [client id]Use the id of theclientjust used and fill in the necessary items.Finally, start it throughenable: false # loaded then to work <bool> link: "testssh" # link service name <string> inNetwork: # in network config <*sdk.NetworkConfig> network: "tcp" # must be tcp or udp <string> address: "127.0.0.1:20241" # must be tcp or udp <string> outNetwork: # out network config <*sdk.NetworkConfig> network: "tcp" # must be tcp or udp <string> address: "127.0.0.1:22" # must be tcp or udp <string>./anchorage_linux_amd64 dial start [client id] [listen id]. The enable in the configuration has the same effect as before. - Through the above steps, we have established a connection tunnel of
dial->client->server->client->listen. Usessh user@127.0.0.1 -p 20241to test whether the tunnel is working properly. - More usage methods can be found here
- For details, see go.dev
git clone https://github.com/peakedshout/anchorage-core.git
cd anchorage-core
go build -o anchorage ./cmd/anchorage
or
go install github.com/peakedshout/anchorage-core/cmd/anchorage
- More convenient cli calling
- The corresponding GUI client (uncomfortable, GUI design is not my strong point)
- More plugin support
- Fix bug...
- Optimize more designs
- Hope to get more feedback on using experience