1

internal/client/tunnel/client.go

@@ -108,20 +108,24 @@ func (c *Client) handleSession() {
 
 // handleStream 处理流
 func (c *Client) handleStream(stream net.Conn) {
-	defer stream.Close()
-
 	msg, err := protocol.ReadMessage(stream)
 	if err != nil {
+		stream.Close()
 		return
 	}
 
 	switch msg.Type {
 	case protocol.MsgTypeProxyConfig:
+		defer stream.Close()
 		c.handleProxyConfig(msg)
 	case protocol.MsgTypeNewProxy:
+		defer stream.Close()
 		c.handleNewProxy(stream, msg)
 	case protocol.MsgTypeHeartbeat:
+		defer stream.Close()
 		c.handleHeartbeat(stream)
+	case protocol.MsgTypeProxyConnect:
+		c.handleProxyConnect(stream, msg)
 	}
 }
 
@@ -175,3 +179,37 @@ func (c *Client) handleHeartbeat(stream net.Conn) {
 	msg := &protocol.Message{Type: protocol.MsgTypeHeartbeatAck}
 	protocol.WriteMessage(stream, msg)
 }
+
+// handleProxyConnect 处理代理连接请求 (SOCKS5/HTTP)
+func (c *Client) handleProxyConnect(stream net.Conn, msg *protocol.Message) {
+	defer stream.Close()
+
+	var req protocol.ProxyConnectRequest
+	if err := msg.ParsePayload(&req); err != nil {
+		c.sendProxyResult(stream, false, "invalid request")
+		return
+	}
+
+	// 连接目标地址
+	targetConn, err := net.DialTimeout("tcp", req.Target, 10*time.Second)
+	if err != nil {
+		c.sendProxyResult(stream, false, err.Error())
+		return
+	}
+	defer targetConn.Close()
+
+	// 发送成功响应
+	if err := c.sendProxyResult(stream, true, ""); err != nil {
+		return
+	}
+
+	// 双向转发数据
+	relay.Relay(stream, targetConn)
+}
+
+// sendProxyResult 发送代理连接结果
+func (c *Client) sendProxyResult(stream net.Conn, success bool, message string) error {
+	result := protocol.ProxyConnectResult{Success: success, Message: message}
+	msg, _ := protocol.NewMessage(protocol.MsgTypeProxyResult, result)
+	return protocol.WriteMessage(stream, msg)
+}

internal/server/tunnel/server.go

@@ -9,6 +9,7 @@ import (
 
 	"github.com/gotunnel/internal/server/db"
 	"github.com/gotunnel/pkg/protocol"
+	"github.com/gotunnel/pkg/proxy"
 	"github.com/gotunnel/pkg/relay"
 	"github.com/gotunnel/pkg/utils"
 	"github.com/hashicorp/yamux"
@@ -208,10 +209,21 @@ func (s *Server) startProxyListeners(cs *ClientSession) {
 		cs.Listeners[rule.RemotePort] = ln
 		cs.mu.Unlock()
 
-		log.Printf("[Server] Proxy %s: :%d -> %s:%d",
-			rule.Name, rule.RemotePort, rule.LocalIP, rule.LocalPort)
+		ruleType := rule.Type
+		if ruleType == "" {
+			ruleType = "tcp"
+		}
 
-		go s.acceptProxyConns(cs, ln, rule)
+		switch ruleType {
+		case "socks5", "http":
+			log.Printf("[Server] %s proxy %s on :%d",
+				ruleType, rule.Name, rule.RemotePort)
+			go s.acceptProxyServerConns(cs, ln, rule)
+		default:
+			log.Printf("[Server] TCP proxy %s: :%d -> %s:%d",
+				rule.Name, rule.RemotePort, rule.LocalIP, rule.LocalPort)
+			go s.acceptProxyConns(cs, ln, rule)
+		}
 	}
 }
 
@@ -226,6 +238,20 @@ func (s *Server) acceptProxyConns(cs *ClientSession, ln net.Listener, rule proto
 	}
 }
 
+// acceptProxyServerConns 接受 SOCKS5/HTTP 代理连接
+func (s *Server) acceptProxyServerConns(cs *ClientSession, ln net.Listener, rule protocol.ProxyRule) {
+	dialer := proxy.NewTunnelDialer(cs.Session)
+	proxyServer := proxy.NewServer(rule.Type, dialer)
+
+	for {
+		conn, err := ln.Accept()
+		if err != nil {
+			return
+		}
+		go proxyServer.HandleConn(conn)
+	}
+}
+
 // handleProxyConn 处理代理连接
 func (s *Server) handleProxyConn(cs *ClientSession, conn net.Conn, rule protocol.ProxyRule) {
 	defer conn.Close()