@push.rocks/smartproxy/dist_ts/proxies/smart-proxy/security-manager.d.ts

A powerful proxy package with unified route-based configuration for high traffic management. Features include SSL/TLS support, flexible routing patterns, WebSocket handling, advanced security options, and automatic ACME certificate management.

import type { SmartProxy } from './smart-proxy.js';
/**
 * Handles security aspects like IP tracking, rate limiting, and authorization
 */
export declare class SecurityManager {
    private smartProxy;
    private connectionsByIP;
    private connectionRateByIP;
    private cleanupInterval;
    constructor(smartProxy: SmartProxy);
    /**
     * Get connections count by IP
     */
    getConnectionCountByIP(ip: string): number;
    /**
     * Check and update connection rate for an IP
     * @returns true if within rate limit, false if exceeding limit
     */
    checkConnectionRate(ip: string): boolean;
    /**
     * Track connection by IP
     */
    trackConnectionByIP(ip: string, connectionId: string): void;
    /**
     * Remove connection tracking for an IP
     */
    removeConnectionByIP(ip: string, connectionId: string): void;
    /**
     * Check if an IP is authorized using security rules
     *
     * This method is used to determine if an IP is allowed to connect, based on security
     * rules configured in the route configuration. The allowed and blocked IPs are
     * typically derived from route.security.ipAllowList and ipBlockList.
     *
     * @param ip - The IP address to check
     * @param allowedIPs - Array of allowed IP patterns from security.ipAllowList
     * @param blockedIPs - Array of blocked IP patterns from security.ipBlockList
     * @returns true if IP is authorized, false if blocked
     */
    isIPAuthorized(ip: string, allowedIPs: string[], blockedIPs?: string[]): boolean;
    /**
     * Check if the IP matches any of the glob patterns from security configuration
     *
     * This method checks IP addresses against glob patterns and handles IPv4/IPv6 normalization.
     * It's used to implement IP filtering based on the route.security configuration.
     *
     * @param ip - The IP address to check
     * @param patterns - Array of glob patterns from security.ipAllowList or ipBlockList
     * @returns true if IP matches any pattern, false otherwise
     */
    private isGlobIPMatch;
    /**
     * Check if IP should be allowed considering connection rate and max connections
     * @returns Object with result and reason
     */
    validateIP(ip: string): {
        allowed: boolean;
        reason?: string;
    };
    /**
     * Clears all IP tracking data (for shutdown)
     */
    clearIPTracking(): void;
    /**
     * Start periodic cleanup of expired data
     */
    private startPeriodicCleanup;
    /**
     * Perform cleanup of expired rate limits and empty IP entries
     */
    private performCleanup;
}