• Changelog
    • v1.5.0 - 2022-01-11
      • Added
      • Changed
      • Fixed
      • Security
    • v1.4.0 - 2021-12-10
      • Added
      • Changed
    • v1.3.0 - 2021-09-16
      • Added
      • Changed
    • v1.2.0 - 2021-06-21
      • Added
      • Changed
    • v1.1.0 - 2021-04-08
      • Added
      • Changed
      • Fixed
      • Security
    • v1.0.0 - 2021-01-15
      • Added
      • Fixed
    • v0.12.0 - 2020-09-03
      • Added
    • v0.11.0 - 2020-07-24
      • Added
      • Changed
      • Removed
      • Fixed
      • Security
    • v0.10.0 - 2020-05-25
      • Added
      • Changed
      • Removed
    • v0.9.0 - 2020-04-16
      • Added
      • Changed
      • Fixed
    • v0.8.0 - 2020-03-27
      • Added
      • Changed
    • v0.7.0 - 2020-02-26
      • Added
      • Fixed
    • v0.6.0 - 2020-01-21
      • Added
      • Changed
    • v0.5.0 - 2019-12-12
      • Added
      • Changed
      • Removed
    • v0.4.0 - 2019-11-19
      • Added
      • Changed
      • Removed
    • v0.3.0 - 2019-10-17
      • Added
      • Security
    • v0.2.0 - 2019-09-26
      • Added
      • Changed
    • v0.1.0 - 2019-08-01
      • Added

    发布历史 - 图1Changelog

    All notable changes to this project will be documented in this file.

    The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

    发布历史 - 图2v1.5.0 - 2022-01-11

    发布历史 - 图3Added

    • Add mod_tcp_keepalive to support custom TCP KeepAlive configuration
    • Documents optimization

    发布历史 - 图4Changed

    • Change JSON parser: use json-iterator to replace encoding/json
    • Optimize error handling in io.Write

    发布历史 - 图5Fixed

    • Fix issue in go.mod which may cause build error (Issue #933)

    发布历史 - 图6Security

    • Fix http security issue (Issue #940)
    • Fix http security issue (Issue #941)

    发布历史 - 图7v1.4.0 - 2021-12-10

    发布历史 - 图8Added

    • Documents optimization

    发布历史 - 图9Changed

    • Upgrade golang version from 1.13 to 1.17
    • mod_markdown: upgrade bluemonday version to 1.0.16
    • Optimize mutex
    • Improve Makefile and pre-commit

    发布历史 - 图10v1.3.0 - 2021-09-16

    发布历史 - 图11Added

    • Support basic route rules that are similar to k8s ingress rules
    • Documents optimization

    发布历史 - 图12Changed

    • Ignore GREASE values for JA3 fingerprint

    发布历史 - 图13v1.2.0 - 2021-06-21

    发布历史 - 图14Added

    • Set GOMAXPROCS according to real CPU quota if running on container
    • Support condition primitive bfe_time_range/bfe_periodic_time_range
    • Support URI hash strategy
    • mod_block: support global request rules and ALLOW action
    • mod_header: support variables about client certificate
    • mod_access: support log to single file and stdout

    发布历史 - 图15Changed

    • Change primitive params of req_context_value_in

    发布历史 - 图16v1.1.0 - 2021-04-08

    发布历史 - 图17Added

    • Support JA3 fingerprint for SSL/TLS client
    • Support Slow‑Start to allow a backend instance gradually recover its weight
    • Add maxConnPerHost to limit the number of connections to a backend
    • mod_header: add header renaming actions
    • Merge some updates from golang/net/textproto
    • Merge some updates from golang/net/http
    • Merge some updates from golang/net/http2
    • Documents optimization

    发布历史 - 图18Changed

    • Change outlierDetectionLevel to OutlierDetectionHttpCode

    发布历史 - 图19Fixed

    • Fix panic when write internal response timeout
    • Fix unit test in bfe_spdy/frame_test.go under go 1.16

    发布历史 - 图20Security

    • Fix config loading for multi-value option

    发布历史 - 图21v1.0.0 - 2021-01-15

    发布历史 - 图22Added

    • Add condition primitive: req_path_contain/req_path_element_prefix_in/req_context_value_in
    • Add outlier detection options
    • Add mod_waf with rule to detect exploitation of “Shellshock” GNU Bash RCE vulnerability.

    发布历史 - 图23Fixed

    • Fix build issue under go1.15 environment
    • Fix processing X-Forwarded-For header value
    • Fix write timeout of internal response generated by bfe

    发布历史 - 图24v0.12.0 - 2020-09-03

    发布历史 - 图25Added

    • Support gRPC over HTTP/2
    • Support communication with FastCGI server
    • Reduce objects number by release some objects that are not used as soon as possible
    • Replace ffjson with json-iterator
    • net/textproto: turn an ancient DoS BUG annotation into a comment
    • Optimize processing of new connections under PROXY mode
    • Support integration testing in CI

    发布历史 - 图26v0.11.0 - 2020-07-24

    发布历史 - 图27Added

    • Add mod_cors to enable cross-origin resource sharing
    • Add mod_secure_link to check authenticity and limit lifetime of links
    • Support PROXY protocol for TCP connections to backend
    • Support checking revocation status of the client certificate
    • mod_auth_request: send request with X-Forwarded-Method/X-Forwarded-Uri headers
    • mod_userid: support global rules
    • mod_key_log: support conditional logging
    • Add arm64 support for goreleaser

    发布历史 - 图28Changed

    • Create listeners in the final initialization step
    • Change package name to ‘github.com/bfenetworks/bfe’

    发布历史 - 图29Removed

    • Drops words like blacklist from programming to make vocabulary more inclusive
    • Remove legacy signature of response

    发布历史 - 图30Fixed

    • Fix getTransport() and modify transports map with write lock

    发布历史 - 图31Security

    • Fix textproto: not normalize headers with spaces before the colon (CVE-2019-16276)

    发布历史 - 图32v0.10.0 - 2020-05-25

    发布历史 - 图33Added

    • mod_auth_request: authorize clients based on thirdparty authorization service
    • mod_trace: support tracing based on Elastic APM
    • mod_compress: support brotli algorithm
    • mod_rewrite: add HostSuffixReplace action
    • Add condition primitive: req_host_tag_in/req_host_suffix_in
    • Add static content of website based on mkdocs
    • Documents optimization

    发布历史 - 图34Changed

    • Refactor and simplify mod_auth_jwt

    发布历史 - 图35Removed

    • Remove legacy type of Layer4LoadBalancer

    发布历史 - 图36v0.9.0 - 2020-04-16

    发布历史 - 图37Added

    • Support loading dynamic modules that may be written and complied by thirdparty vendors
    • Add mod_auth_jwt for JWT authentication
    • mod_trace: support distributed tracing based on jaeger
    • mod_doh: support timeout for DNS requests
    • mod_doh: support edns-client-subnet (ECS)
    • mod_doh: optimize max-age for DoH response
    • Optimize textproto reader cache
    • Documents optimization

    发布历史 - 图38Changed

    • Change base directory of ServerCertFile/ServerKeyFile to ConfRoot

    发布历史 - 图39Fixed

    • Fix failed unit tests about parsing request line under go1.14 environment

    发布历史 - 图40v0.8.0 - 2020-03-27

    发布历史 - 图41Added

    • Add mod_trace for distributed tracing based on zipkin
    • Add mod_doh for processing DNS over HTTPS(DoH) requests
    • Support TLS protocol with SM related ciphersuites
    • mod_header: add cookie related actions
    • Documents optimization

    发布历史 - 图42Changed

    • Disable sanitization of cookie value

    发布历史 - 图43v0.7.0 - 2020-02-26

    发布历史 - 图44Added

    • mod_access support NCSA Common Log Format(CLF) and W3C Extended Log Format(ELF)
    • mod_static suuport HTTP HEAD method
    • Add mod_userid for client identification
    • Add mod_tag for tagging and tracking groups of requests
    • http cookie: support Expires attribute in GMT format
    • http cookie: support SameSite attribute
    • Add static check in Makefile
    • Compiling on Windows OS is supported
    • Documents optimization

    发布历史 - 图45Fixed

    • Fix a bug that causes invalid ips are parsed and treated as domain names

    发布历史 - 图46v0.6.0 - 2020-01-21

    发布历史 - 图47Added

    • Add mod_prison to limit the amount of requests a user can make in a given period of time.
    • Add condition primitive: ses_tls_sni_in/ses_tls_client_auth/ses_tls_client_ca_in
    • Add tls mutual authentication
    • mod_header support client cert related variables
    • mod_header support geo related variables
    • mod_static support customized mime rules
    • mod_static allow sending precompressed files instead of regular files
    • Expose information about module handlers in web monitor
    • Optimize number of accept goroutines
    • Optimize lock of bfe_balance.BalTable
    • Optimize io.Copy while forwarding responses
    • Compiling on Mac OS is supported
    • Documents optimization

    发布历史 - 图48Changed

    • Change default Layer4LoadBalancer to NONE
    • Upgrade from go1.12 to go1.13

    发布历史 - 图49v0.5.0 - 2019-12-12

    发布历史 - 图50Added

    • Add mod_geo to determine user geolocation by MaxMind database
    • Add mod_auth_basic to restrict access from unknown users
    • Add mod_compress to compress response by customize rules
    • Add mod_errors to replace unexpected resposne
    • mod_static detect content type based on file extension or content
    • Expose pprof items in web monitor
    • Add default resFlushInterval for SSE(Server-Sent Events) response
    • Support X-Forwarded-Host Header
    • Support docker image in Makefile
    • Documents optimization

    发布历史 - 图51Changed

    • Change default monitor port to 8421
    • Rename HANDLE_READ_BACKEND to HANDLE_READ_RESPONSE

    发布历史 - 图52Removed

    • Remove some legacy fields from mod_access

    发布历史 - 图53v0.4.0 - 2019-11-19

    发布历史 - 图54Added

    • Expose metrics in prometheus text-based format
    • Add default value for core configs to reduce configuration cost
    • Add mod_static to serve static content by customize rules
    • Documents optimization

    发布历史 - 图55Changed

    • mod_logid: random logid in hex encoding format

    发布历史 - 图56Removed

    • Remove signal SIGSTKFLT

    发布历史 - 图57v0.3.0 - 2019-10-17

    发布历史 - 图58Added

    • Add condition primitive: req_cip_hash_in/req_header_value_hash_in/req_cookie_value_hash_in/req_query_value_hash_in
    • Add mod_header variable: bfe_log_id
    • Add mod_http_code to maintain basic status about response forwarded

    发布历史 - 图59Security

    • Fix http2: limit number of control frames in server send queue (CVE-2019-9512, CVE-2019-9514)

    发布历史 - 图60v0.2.0 - 2019-09-26

    发布历史 - 图61Added

    • Add proxy protocol to be compatible with F5 BigIP/Citrix ADC etc
    • Add mod_access to write request/session log in customized format
    • Add mod_key_log to wirte tls key log so that external programs(eg. wireshark) can decrypt TLS connections for trouble shooting
    • Add security grade ‘A+’ in tls
    • Add condition primitive: req_query_value_contain/req_header_value_contain/req_cookie_value_contain
    • Documents optimization

    发布历史 - 图62Changed

    • reverseproxy: flush response header immediately if flushInterval<0

    发布历史 - 图63v0.1.0 - 2019-08-01

    发布历史 - 图64Added

    • Multiple protocols supported, including HTTP, HTTPS, SPDY, HTTP2, WebSocket, TLS, etc
    • Content based routing, support user-defined routing rule in advanced domain-specific language
    • Support multiple load balancing policies
    • Flexible plugin framework to extend functionality. Based on the framework, developer can add new features rapidly
    • Detailed built-in metrics available for service status monitor