Update readme

README.md

@@ -5,121 +5,83 @@
 [![GitHub issue](https://img.shields.io/github/issues/wweir/sower.svg?style=popout)](https://github.com/wweir/sower/issues)
 [![GitHub star](https://img.shields.io/github/stars/wweir/sower.svg?style=popout)](https://github.com/wweir/sower/stargazers)
 [![GitHub license](https://img.shields.io/github/license/wweir/sower.svg?style=popout)](LICENSE)
-```
-  relay   <--+       +-> target
-http service |       |   service
-     +-------+-------+----+
-     |    sower server    |
-     +----^-----^---------+
-          80   443
-301 http -+     +----- https
-to https        |     service
-                |
-            protected
-             by tls
-  dns <---+     |    +--> direct
- relay    |     |    |   request
-     +----+-----+----+----+
-     |    sower client    |
-     +----^--^----^---^---+
-          |  |    |   |
-    dns --+  +    +   +-- port
-            80  http(s)  forward
-           443  proxy
-```
-# **In refactor**
+
 
 中文介绍见 [Wiki](https://github.com/wweir/sower/wiki)
 
-The sower is a cross-platform intelligent transparent proxy tool base on DNS solution.
+The sower is a cross-platform intelligent transparent proxy tool.
+
+The first time you visit a new website, the sower will detect if the domain in the block list and add it in the dynamic detect list. So, you do not need to care about the rules, sower will handle it in an intelligent way.
 
-The first time you visit a new website, sower will detect if the domain in block list and add it in suggect list. So that, you do not need to care about the rules, sower will handle it in a intelligent way.
+Sower provider both http_proxy/https_proxy and dns-based proxy. All these kinds of proxy support intelligent router. You can also port-forward any tcp request to remote, such as: ssh / smtp / pop3.
 
-If you wanna enjoy the sower, you need to deploy sower on both server and client side.
-On client side, sower listening UDP `53` and TCP `80`/`443` ports, so that you need run it with privileged.
-On server side, it just listening to a port (default `5533`), parse and relay the request to target server.
+You are able to enjoy it by setting http_proxy or your DNS without any other settings.
 
-Sower also provides an http(s) proxy listening on `:8080` by default. You can turn it off or use another port at any time.
+If you already have another proxy solution, you can use it's socks5(h) service as parent proxy to enjoy sower's intelligent router.
 
 
 ## Installation
-After Deployed, please check your config file, it is placed in `/usr/local/etc/sower.toml` by default. Here is the example config file [**conf/sower.toml**](https://github.com/wweir/sower/blob/master/conf/sower.toml)
+To enjoy the sower, you need to deploy sower on both server-side and client-side.
 
-### Auto deploy
-Auto deploy script support Linux server side and masOS/Linux client side.
+Installation script has been integrated into sower. You can install sower as system service by running `./sower -install 'xxx'`
 
-```shell
-$ bash -c "$(curl -sL https://git.io/JeZzX)"
-```
+## Server
+*If you already have another proxy solution with socks5h support, you can skip server side.*
 
-Then modify the configuration file as needed and set `127.0.0.1` as your first domain name server.
-In most situation, you just need to modify `/etc/resolv.conf`.
+At server-side, sower run just like a web server proxy.
+It redirect http request to https, and proxy https requests to the setted upstream http service.
+You can use your own certificate or use the auto generated certificate by sower.
 
-If you wanna uninstall sower, run:
+What you must set is the upstream http service. You can set it by parameter `-s`, eg:
+``` shell
+# sower -s 127.0.0.1:8080
+```
 
-```shell
-$ bash -c "$(curl -sL https://git.io/JeZz1)"
+## Client
+The easiest way to run it is:
+``` shell
+# sower -c aa.bb.cc # the `aa.bb.cc` can also be `socks5h://127.0.0.1:1080`
 ```
+But a configuration file is recommended to persist dynamic rules in client side.
+
+There are 3 kinds of proxy solutions, they are: http(s)_proxy / dns-based proxy / port-forward.
 
-### Manually deploy
-1. Download the precompiled file from https://github.com/wweir/sower/releases
-2. Decompression the file into a folder
-3. Run `./sower -h` for help
-5. Config domain name server
-4. Config auto start
+### HTTP(S)_PROXY
+An http(s)_proxy listening on `:8080` is setted by deault if you run sower as client mode.
 
-### Docker deploy
-The auto build docker images are [wweir/sower](https://hub.docker.com/r/wweir/sower).
+### dns-based proxy
+You can set the `serve_ip` field in `dns` section in configuration file to start dns-based proxy. You should also set the value of `serve_ip` as your default DNS in OS.
 
-It is very simple to use it on the server side. Export the port(5533) and run it directly.
+If you want to enjoy the full experience provided by sower, you can take sower as your private DNS on long running server and setting it as your default DNS in you router.
 
-But the client is more troublesome and needs some understanding of the working mechanism of the sower.
+### port-forward
+The port-forward can be only setted in configuration file, you can set it in section `client.router.port_mapping`, eg:
+``` toml
+[client.router.port_mapping]
+":2222"="aa.bb.cc:22"
+```
 
 
 ## Architecture
 ```
-          request target servers
-<-------------+              +------------->
-              |              |
-              |              |
-      +------------server-------------+
-      |       | relay service|        |
-      | +-----+---------------------+ |
-      | |                           | |
-      | | parse http(s) target url  | |
-      | |                           | |
-      | +---------------------------+ |
-      |     shadow service            |
-      +--------^----------------------+
-               |           request domain server
-       quic / KCP / TCP         +---------->
-               |                |
-      +--------+---client+------+-----+
-      |                  |            |
-      |  shadow service  |            |
-      |  relay service   |     dns    |
-      |                  |   service  |
-      |                  |            |
-      |       127.0.0.1 or other      |
-      |                  |            |
-      +-^-----^----------+---^----^---+
-        |     |              |    |
-        |     |              |    |   +----->
-http(s) proxy |   +----------+    |   |
-              2   1               1   2
-              +   +               +   +
-         blocked request      normal request
-
+  relay   <--+       +-> target
+http service |       |   service
+     +-------+-------+----+
+     |    sower server    |
+     +----^-------^-------+
+          80     443
+301 http -+       +----- https
+to https          |     service
+               protected
+                by tls
+          socks5  |
+ dns <---+   ^    |  +--> direct
+relay    |   |    |  |   request
+     +---+---+----+--+----+
+     |    sower client    |
+     +----^--^----^---^---+
+          |  |    |   |
+    dns --+  +    +   +-- port
+            80  http(s)  forward
+           443  proxy
 ```
-For more detail, see [透明代理 Sower 技术剖析](https://wweir.cc/post/%E9%80%8F%E6%98%8E%E4%BB%A3%E7%90%86-sower-%E6%8A%80%E6%9C%AF%E5%89%96%E6%9E%90/)
-
-
-## Todo
-- [x] authenticate
-- [ ] broker(waiting for QUIC implementation to be stable)
-- [x] CI/CD
-- [x] relay optimization
-- [x] deploy script for all normal platform
-- [x] dns rule intelligent suggestions
-- [x] use socks5 as upstream proxy
-- [ ] multi port http_proxy support

main.go

@@ -16,7 +16,7 @@ func main() {
 
 	if conf.Client.Address != "" {
 		if conf.Client.DNS.ServeIP != "" {
-			go proxy.ServeDNS(conf.Client.DNS.ServeIP, conf.Client.DNS.Upstream)
+			go proxy.StartDNS(conf.Client.DNS.ServeIP, conf.Client.DNS.Upstream)
 		}
 
 		proxy.StartClient(conf.Password, conf.Client.Address, conf.Client.HTTPProxy.Address,

proxy/dns.go

@@ -11,7 +11,7 @@ import (
 	"github.com/wweir/utils/log"
 )
 
-func ServeDNS(redirectIP, relayServer string) {
+func StartDNS(redirectIP, relayServer string) {
 	serveIP := net.ParseIP(redirectIP)
 	if redirectIP == "" || serveIP.String() != redirectIP {
 		log.Fatalw("invalid listen ip", "ip", redirectIP)

proxy/proxy.go

@@ -43,9 +43,11 @@ func StartClient(password, serverAddr, httpProxy, dnsServeIP string, forwards ma
 
 			go func(conn net.Conn) {
 				defer conn.Close()
+
 				if isSocks5 {
 					teeConn := &util.TeeConn{Conn: conn}
 					teeConn.StartOrReset()
+
 					switch tgtType {
 					case _http.TGT_HTTP:
 						conn, host, port, err = _http.ParseHTTP(teeConn)