therealaleph
c2a33a80c7
Wraps three already-merged PRs into a release: - PR #763 (@yyoyoian-pixel): block_doh: true default; rejects browser DoH at SOCKS5 listener so it falls back to system DNS via tun2proxy virtual DNS instead of paying ~1.5s tunnel round-trip per name lookup. Also fixes the Android tunnel_doh config mismatch (was false on Android, true on Rust — silently broke bypass_doh_hosts). - PR #751 (@yyoyoian-pixel): TLS pool refill loop keeping ≥8 ready connections, freshest-first acquire, pool TTL 45→60s, coalesce step 10→200ms (more conservative revert from v1.9.8 for full-mode batch packing). - PR #747 (@Shjpr9): added github.io to Fastly fronting group example. Tests: 179 lib + 35 tunnel-node green. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
4.0 KiB
• Block DoH by default (PR #763 از @yyoyoian-pixel): مرورگرها روی DoH (chrome.cloudflare-dns.com، dns.google، …) بهطور پیشفرض هر name lookup را از طریق tunnel میفرستند که ~۱.۵ثانیه overhead به هر page load اضافه میکنه. حالا با block_doh: true (پیشفرض)، CONNECTهای DoH فوراً rd میشن — مرورگر به system DNS fallback میکنه که tun2proxy با virtual DNS فوراً resolve میکنه. روی Android UI: Block DoH و Bypass DoH toggle در Advanced. Block over Bypass تقدم داره. همچنین fix bug Android: tunnelDoh در Android default false بود و در Rust true، باعث میشد config mismatch بشه و bypass_doh_hosts روی Android خاموش بمونه — اکنون defaultها synced.
• TLS connection pool tuning (PR #751 از @yyoyoian-pixel):
- Pool refill loop: background task که دائماً ≥۸ connection ready نگه میداره، یکی یکی (نه burst) باز میکنه با ۵ ثانیه interval check
- Freshest-first acquire: بهجای pop کردن آخرین entry، connection با بیشترین TTL باقیمانده انتخاب میشه
- Pool TTL ۴۵→۶۰ ثانیه: connectionها بیشتر زنده میمونن، churn کاهش
- Coalesce step ۱۰→۲۰۰ms: Full mode batch packing تنظیم — bottleneck dominant ~۱.۵s Apps Script round-trip است، 200ms wait نسبت به اون نامحسوس و ۳-۵× ops per batch بیشتر pack میکنه روی page load. (مقدار قبلی 10ms از v1.9.8 بود — این revert محافظهکارانهتر است.)
• Fronting groups example:
github.ioبه Fastly group اضافه شد (PR #747 از @Shjpr9). GitHub Pages روی Fastly anycast151.101.x.xاست. • تست: ۱۷۹ lib + ۳۵ tunnel-node test همه pass.
• Block DoH by default (PR #763 from @yyoyoian-pixel): browsers' DoH (chrome.cloudflare-dns.com, dns.google, …) was sending every name lookup through the tunnel by default, adding ~1.5s overhead per page load. With block_doh: true (now default), DoH CONNECTs are rejected immediately — the browser falls back to system DNS, which tun2proxy resolves instantly via virtual DNS. Android UI: Block DoH and Bypass DoH toggles in Advanced settings; Block takes priority over Bypass. Also fixes an Android config bug where tunnelDoh defaulted to false Android-side but true in Rust — the field was never serialized so bypass_doh_hosts matching was silently broken on every fresh Android install. Defaults are now synced.
• TLS connection pool tuning (PR #751 from @yyoyoian-pixel):
- Pool refill loop: background task that maintains ≥8 ready connections, opening them one at a time (no burst) with a 5s interval check
- Freshest-first acquire: picks the connection with the most remaining TTL instead of popping whatever is on top
- Pool TTL 45→60s: connections live longer, less churn
- Coalesce step 10→200ms: Full mode batch packing; the dominant bottleneck is the ~1.5s Apps Script round-trip, so 200ms wait is negligible against it but packs 3–5× more ops per batch during page loads. (The previous 10ms value was the v1.9.8 default — this is a more conservative revert.)
• Fronting groups example: added
github.ioto the Fastly group (PR #747 from @Shjpr9). GitHub Pages is on the same Fastly anycast151.101.x.xas the other entries in that group. • Tests: 179 lib + 35 tunnel-node tests passing.