hlpkg-dev
diff --git a/Diff for: ‎.gitignore
+4 b/Diff for: ‎.gitignore
+4
diff --git a/Diff for: ‎LICENSE
+674 b/Diff for: ‎LICENSE
+674
diff --git a/Diff for: ‎README.md
+77 b/Diff for: ‎README.md
+77
diff --git a/Diff for: ‎assets/ghidra-hw.png
126 KB b/Diff for: ‎assets/ghidra-hw.png
126 KB
diff --git a/Diff for: ‎assets/logo.png
4.03 KB b/Diff for: ‎assets/logo.png
4.03 KB
diff --git a/Diff for: ‎cmd/hlmuxd/hlmuxd.go
+184 b/Diff for: ‎cmd/hlmuxd/hlmuxd.go
+184
@@ -0,0 +1,4 @@
+config.json
+*.bak
+*.drawio*
+bin/
@@ -0,0 +1,77 @@
+# hlmux
+
+Multiplexer for Half-Life games (and its mods)
+
+<div align="center">
+
+![hlmux logo](./assets/logo.png)
+
+</div>
+
+*hlmux* is a gateway of multiple upstream GoldSource servers, offering a mechanism to redirect a client among these upstreams.
+
+⚠ THIS PROJECT IS STILL UNDER CONSTRUCTION.
+
+## Usage
+
+*hlmux* is a Go package, and theoretically it's just a building block for a gateway application.
+
+### hlmuxd
+
+For convenience, we offer an official gateway application [*hlmuxd*](./cmd/hlmuxd) to ease most users' pains. It also serves as an example to demonstrate the usage of *hlmux*.
+
+* Compilation
+
+```
+mkdir -p ./bin
+go build -o ./bin ./cmd/hlmuxd
+```
+
+* Sample configuration (`config.json`)
+
+```json
+{
+    "bind": "0.0.0.0:27015",
+    "api": "0.0.0.0:27081",
+    "ttl": "30",
+    "upstreams": [
+        {
+            "name": "cs1",
+            "address": "10.1.80.51:27001",
+            "default": true
+        },
+        {
+            "name": "cs2",
+            "address": "10.1.80.51:27002"
+        }
+    ]
+}
+```
+
+* Running
+
+```
+./bin/hlmuxd -config config.json
+
+# or without compilation
+go run ./cmd/hlmuxd -config config.json
+```
+
+## How does it work?
+
+Valve has banned `connect` command for a long time ([related issue][redirect-issue])
+as a part of [admin slowhacking][admin-slowhacking] mitigation. Many redirection plugins does not work any more, while they do serve
+as practical components, especially in community servers.
+
+This project implements a gateway in front of multiple GoldSource game servers, so that the
+gateway can have its own decision on the traffic forwarding.
+After in-game plugins tell the gateway which nexthop the clients want, their traffic will be forwarded to the target server when they send handshakes next time.
+
+The client side command `retry` is able to invoke re-handshaking (which is different from `reconnect`). Unfortunately, we have known that Valve's [page][admin-slowhacking] is out of date by inspecting `hw.so` (or `hw.dll` on Windows) as shown below: `retry` is also banned, regardless of the value of `cl_filterstuffcmd`.
+
+![stuff text filter in hw.so](./assets/ghidra-hw.png)
+
+Good news is that there is still an approach to trick the clients into a state similar to a manually-issued `retry`.
+
+[admin-slowhacking]: https://developer.valvesoftware.com/wiki/Admin_Slowhacking
+[redirect-issue]: https://github.com/ValveSoftware/halflife/issues/5
@@ -0,0 +1,184 @@
+// HLMUX
+//
+// Copyright (C) 2022 hlpkg-dev
+//
+// This program is free software: you can redistribute it and/or modify it under
+// the terms of the GNU General Public License as published by the Free Software
+// Foundation, either version 3 of the License, or (at your option) any later
+// version.
+//
+// This program is distributed in the hope that it will be useful, but WITHOUT
+// ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+// FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
+// details.
+//
+// You should have received a copy of the GNU General Public License along with
+// this program. If not, see <https://www.gnu.org/licenses/>.
+
+package main
+
+import (
+	"bufio"
+	"encoding/json"
+	"flag"
+	"fmt"
+	"log"
+	"net"
+	"net/http"
+	"os"
+	"strings"
+
+	"github.com/hlpkg-dev/hlmux"
+)
+
+type Upstream struct {
+	Name    string `json:"name"`
+	Default bool   `json:"default"`
+	Address string `json:"address"`
+}
+
+type Config struct {
+	Bind      string      `json:"bind"`
+	API       string      `json:"api"`
+	TTL       int         `json:"ttl"`
+	Upstreams []*Upstream `json:"upstreams"`
+}
+
+type Set struct {
+	Proxy    string `json:"proxy"`
+	Upstream string `json:"upstream"`
+}
+
+var flagConfig = flag.String("config", "config.json", "Configuration file")
+
+func readConfig() (*Config, error) {
+	var config Config
+
+	data, err := os.ReadFile(*flagConfig)
+	if err != nil {
+		return nil, err
+	}
+
+	if json.Unmarshal(data, &config); err != nil {
+		return nil, err
+	}
+
+	return &config, nil
+}
+
+func main() {
+	config, err := readConfig()
+	if err != nil {
+		log.Fatalf("cannot read config: %v", err)
+	}
+
+	if len(config.Upstreams) == 0 {
+		log.Fatalf("cannot find valid upstreams")
+	}
+
+	upstreams := make(map[string]*net.UDPAddr)
+	var defaultUpstream *net.UDPAddr
+	for _, upstream := range config.Upstreams {
+		addr, err := net.ResolveUDPAddr("udp", upstream.Address)
+		if err != nil {
+			log.Fatalf("cannot resolve \"%s\": %v", upstream.Address, err)
+		}
+		upstreams[upstream.Name] = addr
+
+		if upstream.Default {
+			defaultUpstream = addr
+		}
+	}
+
+	if defaultUpstream == nil {
+		defaultUpstream = upstreams[config.Upstreams[0].Name]
+	}
+
+	log.Printf("default upstream: %v", defaultUpstream)
+
+	mux := hlmux.NewMux(defaultUpstream)
+	go func() {
+		reader := bufio.NewReader(os.Stdin)
+		for {
+			fmt.Print("> ")
+			line, err := reader.ReadString('\n')
+			if err != nil {
+				return
+			}
+			tokens := strings.FieldsFunc(line, func(c rune) bool {
+				return c == ' ' || c == '\n'
+			})
+			if len(tokens) > 0 {
+				switch tokens[0] {
+				case "ls":
+					conns := mux.Connections()
+					if len(conns) == 0 {
+						fmt.Println("no connections")
+					}
+					for i, conn := range conns {
+						fmt.Printf(`
+	[%d] Client: %v Proxy: %v Upstream: %v Next: %v
+`, i, conn.Client(), conn.Proxy(), conn.Upstream(), conn.NextUpstream())
+					}
+				case "update":
+					clientAddr, err := net.ResolveUDPAddr("udp", tokens[1])
+					if err != nil {
+						fmt.Printf("invalid client: %v\n", err)
+					}
+					if conn := mux.FindConnectionByClient(clientAddr); conn != nil {
+						addr, err := net.ResolveUDPAddr("udp", tokens[2])
+						if err != nil {
+							fmt.Printf("invalid upstream: %v\n", err)
+						} else {
+							conn.SetNextUpstream(addr)
+						}
+					} else {
+						fmt.Printf("connection not found")
+					}
+				}
+			}
+		}
+	}()
+	go func() {
+		// recommended to use more powerful libraries like `gin`
+
+		http.HandleFunc("/api/v1/set", func(w http.ResponseWriter, r *http.Request) {
+			if r.Method != "POST" {
+				w.WriteHeader(http.StatusNotImplemented)
+				return
+			}
+			var s Set
+			if err := json.NewDecoder(r.Body).Decode(&s); err != nil {
+				w.WriteHeader(http.StatusBadRequest)
+				return
+			}
+
+			if upstream, ok := upstreams[s.Upstream]; ok {
+				found := false
+				for _, conn := range mux.Connections() {
+					if conn.Proxy().String() == s.Proxy {
+						found = true
+						log.Printf("set client %v next upstream to %v", conn.Client(), upstream)
+						conn.SetNextUpstream(upstream)
+						break
+					}
+				}
+
+				if found {
+					w.WriteHeader(http.StatusOK)
+				} else {
+					w.WriteHeader(http.StatusNotFound)
+				}
+			} else {
+				w.WriteHeader(http.StatusNotFound)
+			}
+		})
+
+		if err := http.ListenAndServe(config.API, nil); err != nil {
+			log.Printf("cannot server http: %v", err)
+		}
+	}()
+	if err := mux.Run(config.Bind); err != nil {
+		log.Fatalf("cannot init mux: %v", err)
+	}
+}