EasyTier v2.6.1 Release Notes
📝 更新日志(v2.6.0 → v2.6.1)
🚀 关键新功能 / Key Features
- ACL 图形化配置界面 - Web UI 新增 ACL 图形化配置界面,用户可通过直观的界面配置访问控制规则,降低策略配置门槛 @xzzpig #1815
- Nix 开发环境增强 - 在 flake dev shell 中新增
rustfmt、clippy和mold,完善 Nix 下的 Rust 开发体验 @xzzpig #2126 #2122
🔐 安全与连接修复 / Security & Connection Fixes
- 配置合并行为收紧 - 限制隐式配置合并仅作用于显式配置文件,避免非预期配置覆盖 @xzzpig #2127
- Secure Tunnel 与连接安全 - 修复不可靠 UDP 隧道上的 secure tunnel 传输问题;为 web-client 的 secure tunnel handshake 增加超时机制;web-server 容忍延迟的 secure hello;修复 QUIC endpoint panic;修复 replay check 逻辑 @KKRainbow #2118
- WebSocket 延迟优化 - 在 WebSocket 连接上启用
TCP_NODELAY,降低交互延迟 @KKRainbow #2118 - Rust 工具链升级 - 升级至 Rust 1.95,并将项目迁移至 Rust 2024 Edition,同时以
cfg_select替换cfg_if@ZnqbuZ #2121 #2066
🐞 关键修复 / Bug Fixes
- UDP Tunnel 与 RPC 稳定性 - 转发时区分控制面与数据面;修复 UDP 隧道上的 RPC 分片问题;保护 RPC 端口免于被子网代理访问,避免异常流量进入管理端口 @KKRainbow #2107
- OSPF 路由修复 - 新增
remove_peers以支持按 peer id 列表批量移除路由,修复路由表清理逻辑 @KKRainbow #2118 - Proxy CIDR 重叠过滤 - 在
ProxyCidrsMonitor中过滤重叠的代理 CIDR,防止路由冲突 @ZnqbuZ #2079 - 日志行为修复 - 修复
OFF级别的日志过滤器;当日志级别显式设置为OFF时,不再创建日志文件;移除 file appender 创建时的 unwrap,提升健壮性 @ZnqbuZ #2083 - FakeTCP 安全加固 - 丢弃畸形的 FakeTCP 帧以避免 panic,使 OpenWrt 等节点在收到异常或截断包时仍能存活;修正 IPv6 ethertype;为解析器补充往返与截断回归测试 @fanyang89 #2103
- CLI 端口偏移修复 - 修复当端口为 0 时不应添加偏移量的问题 @ZnqbuZ #2085
⚡ 性能与稳定性 / Performance & Stability
- 依赖精简 - 移除
hashbrown外部依赖,减少依赖树体积 @ZnqbuZ #2108 - 网络接口配置优化 - 优化 macOS 和 FreeBSD 的网络接口配置,避免使用硬编码 IP 地址 @deddey @KKRainbow #1853
- UDP 实现简化 - 移除
NoGroAsyncUdpSocket,简化 UDP 相关实现并降低维护成本 @ZnqbuZ #1867 - 模块重构 - 将 utils 代码迁移至独立模块,新增
AsyncRuntime抽象;为 TcpSocket、TcpListener 和 UdpSocket 提取Bindabletrait,收敛 tunnel bind 逻辑至单一函数,提升可维护性 @ZnqbuZ #2072 #2070 - Proto 能力扩展 - 新增
MessageModel、RepeatedMessageModel(支持FromIterator、Extend、AsRef、AsMut、TryFrom<[Message]>)与TransientDigesttrait,并为Url增加类型转换,为后续协议扩展提供基础 @ZnqbuZ #2068 #2067 #2071
🏗️ 构建与工具链 / Build & Toolchain
- CI 流程优化 - 重写构建工作流,启用并发与 fail-fast,加速 CI 流水线执行;草稿 PR 不再触发构建;修复 get-result steps 与 xxx-result 的触发条件;测试阶段移除
-D warnings以减少噪音 @ZnqbuZ #2089 #2088 #2078 #2109 - 代码质量 - 修复 Windows 平台 clippy 警告;统一使用
Debug打印错误;禁用 itertools 中部分方法以满足 clippy 规范 @ZnqbuZ #2106 #2086 #2075 - 日志与测试 - 文件日志默认关闭 ANSI 颜色输出;测试日志自动初始化并将默认级别设为
WARNING;端到端加密测试增加 inst3 密钥等待逻辑,减少 flaky 失败 @ZnqbuZ #2110 #2113 #2073 #2069
🔗 完整更新记录: 点击查看完整变更
📝 Release Notes (v2.6.0 → v2.6.1)
🚀 Key Features
- ACL Graphical Configuration Interface - The Web UI now supports configuring access control rules through an intuitive graphical interface, lowering the barrier for policy setup @xzzpig #1815
- Nix Development Environment Enhancements - Added
rustfmt,clippy, andmoldto the flake dev shell, improving the Rust development experience under Nix @xzzpig #2126 #2122
🔐 Security & Connection Fixes
- Tighter Config Merge Behavior - Restricted implicit config merging to explicit config files only, preventing unintended configuration overwrites @xzzpig #2127
- Secure Tunnel & Connection Security - Fixed secure tunnel transmission over unreliable UDP tunnels; added timeout for web-client secure tunnel handshakes; made the web-server tolerate delayed secure hellos; fixed QUIC endpoint panic; fixed replay check logic @KKRainbow #2118
- WebSocket Latency Optimization - Enabled
TCP_NODELAYon WebSocket connections to reduce interaction latency @KKRainbow #2118 - Rust Toolchain Upgrade - Upgraded to Rust 1.95 and migrated the project to Rust 2024 Edition; replaced
cfg_ifwithcfg_select@ZnqbuZ #2121 #2066
🐞 Bug Fixes
- UDP Tunnel & RPC Stability - Distinguish control and data planes when forwarding packets; fixed RPC splitting on UDP tunnels; protected the RPC port from subnet proxy access, avoiding anomalous traffic entering the management port @KKRainbow #2107
- OSPF Routing Fix - Added
remove_peersto support batch removal of routes by peer id list, fixing route table cleanup logic @KKRainbow #2118 - Proxy CIDR Overlap Filtering - Filtered overlapping proxy CIDRs in
ProxyCidrsMonitorto prevent routing conflicts @ZnqbuZ #2079 - Logging Behavior Fix - Fixed the log level filter for
OFF; when the log level is explicitly set toOFF, log files are no longer created; removed unwrap from file appender creation to improve robustness @ZnqbuZ #2083 - FakeTCP Security Hardening - Discards malformed FakeTCP frames instead of panicking, allowing OpenWrt nodes to survive unexpected or truncated packets; corrected the IPv6 ethertype; added round-trip and truncation regression tests for the parser @fanyang89 #2103
- CLI Port Offset Fix - Fixed the issue where an offset should not be added when the port is 0 @ZnqbuZ #2085
⚡ Performance & Stability
- Dependency Trimming - Removed the
hashbrownexternal dependency to reduce dependency tree size @ZnqbuZ #2108 - Network Interface Configuration Optimization - Optimized network interface configuration for macOS and FreeBSD to avoid hard-coded IP addresses @deddey @KKRainbow #1853
- UDP Implementation Simplification - Removed
NoGroAsyncUdpSocket, simplifying UDP-related implementation and reducing maintenance overhead @ZnqbuZ #1867 - Module Refactoring - Moved utils code to a dedicated module and added the
AsyncRuntimeabstraction; extracted aBindabletrait forTcpSocket,TcpListener, andUdpSocket, gathering tunnel bind logic into a single function to improve maintainability @ZnqbuZ #2072 #2070 - Proto Capability Expansion - Added
MessageModel,RepeatedMessageModel(withFromIterator,Extend,AsRef,AsMut,TryFrom<[Message]>), andTransientDigesttrait, plusUrltype conversions to lay the groundwork for future protocol extensions @ZnqbuZ #2068 #2067 #2071
🏗️ Build & Toolchain
- CI Pipeline Optimization - Rewrote build workflows with concurrency and fail-fast enabled to accelerate CI execution; draft PRs no longer trigger builds; fixed get-result steps and xxx-result trigger conditions; removed
-D warningsfrom tests to reduce noise @ZnqbuZ #2089 #2088 #2078 #2109 - Code Quality - Fixed clippy warnings on Windows; unified error printing via
Debug; disallowed some itertools methods to meet clippy standards @ZnqbuZ #2106 #2086 #2075 - Logging & Testing - Disabled ANSI color output for file logs by default; auto-initialized test logs and set the default level to
WARNING; added key-wait logic for inst3 in end-to-end encryption tests to reduce flaky failures @ZnqbuZ #2110 #2113 #2073 #2069
🔗 Full Changelog: View Full Changes