https://github.com/sinri/dothan
A light TCP proxy. You can take it as MySQL proxy, might also work for SSH.
https://github.com/sinri/dothan
tcp-proxy
Last synced: 10 months ago
JSON representation
A light TCP proxy. You can take it as MySQL proxy, might also work for SSH.
- Host: GitHub
- URL: https://github.com/sinri/dothan
- Owner: sinri
- License: gpl-3.0
- Created: 2017-11-06T10:09:12.000Z (about 8 years ago)
- Default Branch: master
- Last Pushed: 2022-01-25T05:01:13.000Z (almost 4 years ago)
- Last Synced: 2025-01-29T18:33:52.377Z (12 months ago)
- Topics: tcp-proxy
- Language: Java
- Homepage:
- Size: 4.8 MB
- Stars: 0
- Watchers: 2
- Forks: 2
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# Dothan
[](https://sinri.github.io/Dothan/)
A light TCP proxy. You can take it as MySQL proxy, might also work for SSH.
> And the man said, They are departed hence; for I heard them say, Let us go to Dothan. And Joseph went after his brethren, and found them in Dothan. (Genesis 37:17 )
> And he said, Go and spy where he [is], that I may send and fetch him. And it was told him, saying, Behold, [he is] in Dothan....And Elisha said unto them, This [is] not the way, neither [is] this the city: follow me, and I will bring you to the man whom ye seek. But he led them to Samaria. (2 Kings 6:13,19)
## Package
Since Version 6, new package `io.github.sinri.Dothan` is adopted to the this project.
## Maven Access
[OSS-SONATYPE](https://oss.sonatype.org/content/groups/public/io/github/sinri/Dothan/)
```xml
io.github.sinri
Dothan
6.0.1
```
### Deploy Note
You should export your `JAVA_HOME` first. In Mac OS X, you may run `/usr/libexec/java_home` to get correct path for it.
Commonly snapshot is used for quick deploy with default version tag `6.0-SNAPSHOT` or so, run `mvn clean package deploy -P snapshot` to update.
To release new version to OSS-SONATYPE, run `mvn clean package deploy -P release` after correcting the version.
## Environment
* Java 8
## Maven Dependencies
* io.vertx core
* Apache commons cli
* Apache commons validator
## License
GPLv3
## Get Runnable Package
You can obtain the runnable package in two ways.
1. Download JAR file from GitHub release area.
1. Use Maven 3, run `mvn clean package`.
## Usage (As of Version 2.0)
usage: options
-b blacklist, separate IP with comma (as of 4.0)
-c Set proxy config file. If not use this, h,p and l are needed.
-d use detail mode
-h database host
-help Display help information
-k keep config and no hot update
-l listen local port
-p database port
-w whitelist, separate IP with comma (as of 4.0)
### Quick Proxy
Run Dothan quickly for one proxy, *h*ost, *p*ort and *l*isten port are required, and *d*etail mode is also available.
java -jar Dothan.jar -d -hdatabase.com -p3306 -l20001
### Configured Proxy
You should provide a config file as *c*onfig parameter.
The config file should contain one or more lines and each for one proxy requirement.
The format is `[LISTEN_PORT]:[SERVER_HOST]:[SERVER_PORT]` as of 5.0.
Previous format `[LISTEN_PORT] [SERVER_HOST]:[SERVER_PORT]` is still supported though not recommended now.
The lines with leading Sharp(#) would be treated as comments.
The lines with leading Plus(+) would be treated as IP Address in whitelist. If no such lines, whitelist is ignored.
The lines with leading Minus(-) would be treated as IP Address in blacklist. If no such lines, blacklist is ignored.
Here is an example:
````
# Dothan Config [SAMPLE]
+ 127.0.0.1
- 192.168.0.2
20001:1.rds.aliyuncs.com:3306
20002:2.rds.aliyuncs.com:3306
````
The command would be as following if the config file path is `/path/to/Dothan.config`.
java -jar Dothan.jar -d -c /path/to/Dothan.config
### Hot Update Version
As of version 3.0, the hot version update is available for Config-File Mode.
This relies on the version declaration in configuration file as a line:
# Dothan Config Version VERSION_CODE
The version code should be an *positive* integer.
If there are more than one line in this format, the last would be used.
The file would be watched by the Dothan process and update config if the current version code became greater.
Since version 3.1, Dothan uses WatchService for hot update function, and provide a parameter (-k) to disable hot update.
## Translate Mode
We have to admit, the network is not so safe. That is why the service provider make databases not accessible from outside.
However, we have certain time to access to such service, but we may be afraid that our connections would be seen by others through public network.
So we might use the translate mode to pass our data encrypted, with two new parameters `MODE` and `TRANSFER KEY`, as of version 5.0.
````
[CLIENT]
| ↑
PLAIN TEXT | | PLAIN TEXT
↓ |
encrypt [DOTHAN LOCAL] decrypt
| ↑
SECRET BYTES | | SECRET BYTES
↓ |
decrypt [DOTHAN REMOTE] encrypt
| ↑
PLAIN TEXT | | PLAIN TEXT
↓ |
[SERVICE PROVIDER]
````
On `DOTHAN LOCAL` the config file should contain transfer mode `ENCRYPT` and key.
```
# MODE ENCRYPT
# TRANSFER KEY t8o7diugf8iauyvge8iu
[DOTHAN_LOCAL_PORT]:[DOTHAN_REMOTE_ADDRESS]:[DOTHAN_REMOTE_PORT]
```
While on `DOTHAN REMOTE` the config file should contain transfer mode `DECRYPT` and key.
```
# MODE DECRYPT
# TRANSFER KEY t8o7diugf8iauyvge8iu
[DOTHAN_REMOTE_PORT]:[SERVER_ADDRESS]:[SERVER_PORT]
```
So your request sent to the `DOTHAN_LOCAL_PORT` of `DOTHAN LOCAL` would be transferred to `DOTHAN REMOTE` and finally reach the actual service provider.
If you like, you can use more than one Dothan pair to make the connection chain.
----
## Museum: Version 1.1 (deprecated)
java -jar target/Dothan-1.1-SNAPSHOT.jar some.mysql.rds.aliyuncs.com 3306 33306