Changelog

    The format is based on Keep a Changelog, and this project adheres to .

    • mod_auth_request: authorize clients based on thirdparty authorization service
    • mod_trace: support tracing based on Elastic APM
    • mod_compress: support brotli algorithm
    • mod_rewrite: add HostSuffixReplace action
    • Add condition primitive: req_host_tag_in/req_host_suffix_in
    • Documents optimization

    Changed

    • Refactor and simplify mod_auth_jwt

    Removed

    • Remove legacy type of Layer4LoadBalancer

    v0.9.0 - 2020-04-16

    Added

    • Support loading dynamic modules that may be written and complied by thirdparty vendors
    • Add mod_auth_jwt for JWT authentication
    • mod_trace: support distributed tracing based on jaeger
    • mod_doh: support timeout for DNS requests
    • mod_doh: support edns-client-subnet (ECS)
    • mod_doh: optimize max-age for DoH response
    • Optimize textproto reader cache
    • Documents optimization

    Changed

    • Change base directory of ServerCertFile/ServerKeyFile to ConfRoot

    Fixed

    • Fix failed unit tests about parsing request line under go1.14 environment

    v0.8.0 - 2020-03-27

    Added

    • Add mod_trace for distributed tracing based on zipkin
    • Add mod_doh for processing DNS over HTTPS(DoH) requests
    • Support TLS protocol with SM related ciphersuites
    • mod_header: add cookie related actions
    • Documents optimization
    • Disable sanitization of cookie value

    Added

    • mod_access support NCSA Common Log Format(CLF) and W3C Extended Log Format(ELF)
    • mod_static suuport HTTP HEAD method
    • Add mod_userid for client identification
    • Add mod_tag for tagging and tracking groups of requests
    • http cookie: support Expires attribute in GMT format
    • http cookie: support SameSite attribute
    • Add static check in Makefile
    • Compiling on Windows OS is supported
    • Documents optimization

    Fixed

    • Fix a bug that causes invalid ips are parsed and treated as domain names

    v0.6.0 - 2020-01-21

    Added

    • Add mod_prison to limit the amount of requests a user can make in a given period of time.
    • Add condition primitive: ses_tls_sni_in/ses_tls_client_auth/ses_tls_client_ca_in
    • Add tls mutual authentication
    • mod_header support client cert related variables
    • mod_header support geo related variables
    • mod_static support customized mime rules
    • mod_static allow sending precompressed files instead of regular files
    • Expose information about module handlers in web monitor
    • Optimize number of accept goroutines
    • Optimize io.Copy while forwarding responses
    • Compiling on Mac OS is supported
    • Documents optimization

    Changed

    • Change default Layer4LoadBalancer to NONE
    • Upgrade from go1.12 to go1.13

    v0.5.0 - 2019-12-12

    Added

    • Add mod_geo to determine user geolocation by MaxMind database
    • Add mod_auth_basic to restrict access from unknown users
    • Add mod_compress to compress response by customize rules
    • Add mod_errors to replace unexpected resposne
    • mod_static detect content type based on file extension or content
    • Expose pprof items in web monitor
    • Add default resFlushInterval for SSE(Server-Sent Events) response
    • Support X-Forwarded-Host Header
    • Support docker image in Makefile
    • Documents optimization

    Changed

    • Change default monitor port to 8421
    • Rename HANDLE_READ_BACKEND to HANDLE_READ_RESPONSE
    • Remove some legacy fields from mod_access

    Added

    • Expose metrics in prometheus text-based format
    • Add default value for core configs to reduce configuration cost
    • Add mod_static to serve static content by customize rules
    • Documents optimization

    Changed

    • mod_logid: random logid in hex encoding format

    Removed

    • Remove signal SIGSTKFLT

    v0.3.0 - 2019-10-17

    Added

    • Add condition primitive: req_cip_hash_in/req_header_value_hash_in/req_cookie_value_hash_in/req_query_value_hash_in
    • Add mod_header variable: bfe_log_id
    • Add mod_http_code to maintain basic status about response forwarded

    Security

    • Fix http2: limit number of control frames in server send queue (CVE-2019-9512, CVE-2019-9514)

    v0.2.0 - 2019-09-26

    Added

    • Add proxy protocol to be compatible with F5 BigIP/Citrix ADC etc
    • Add mod_access to write request/session log in customized format
    • Add mod_key_log to wirte tls key log so that external programs(eg. wireshark) can decrypt TLS connections for trouble shooting
    • Add security grade ‘A+’ in tls
    • Add condition primitive: req_query_value_contain/req_header_value_contain/req_cookie_value_contain
    • Documents optimization
    • reverseproxy: flush response header immediately if flushInterval<0

    Added

    • Multiple protocols supported, including HTTP, HTTPS, SPDY, HTTP2, WebSocket, TLS, etc
    • Content based routing, support user-defined routing rule in advanced domain-specific language
    • Support multiple load balancing policies
    • Detailed built-in metrics available for service status monitor