Bfe Versions Save

A modern layer 7 load balancer from baidu

v1.6.0

1 year ago

Added

  • Allow user to disable monitor port (Issue #936)
  • Support HTTP2 fingerprint (Issue #1071)
  • Documents optimization

Changed

  • Optimize idle connection handling (Pull #1044)
  • Performance optimize in smooth least connection balancing algorithm(Pull #1062)
  • Miscellaneous golang dependency updates
  • Miscellaneous improvements in makefile and other CI tools

Fixed

  • mod_trust_clientip: fix incorrect private IP address range (Issue #856)
  • arm build error in golang 1.18

v1.5.0

2 years ago

Added

  • Add mod_tcp_keepalive to support custom TCP KeepAlive configuration
  • Documents optimization

Changed

  • Change JSON parser: use json-iterator to replace encoding/json
  • Optimize error handling in io.Write

Fixed

  • Fix issue in go.mod which may cause build error (Issue #933)

Security

  • Fix http security issue (Issue #940)
  • Fix http security issue (Issue #941)

v1.4.0

2 years ago

Added

  • Documents optimization

Changed

  • Upgrade golang version from 1.13 to 1.17
  • mod_markdown: upgrade bluemonday version to 1.0.16
  • Optimize mutex
  • Improve Makefile and pre-commit

v1.3.0

2 years ago

Added

  • Support basic route rules that are similar to k8s ingress rules
  • Documents optimization

Changed

  • Ignore GREASE values for JA3 fingerprint

v1.2.0

2 years ago

Added

  • Set GOMAXPROCS according to real CPU quota if running on container
  • Support condition primitive bfe_time_range/bfe_periodic_time_range
  • Support URI hash strategy
  • mod_block: support global request rules and ALLOW action
  • mod_header: support variables about client certificate
  • mod_access: support log to single file and stdout

Changed

  • Change primitive params of req_context_value_in

v1.1.0

3 years ago

Added

  • Support JA3 fingerprint for SSL/TLS client
  • Support Slow‑Start to allow a backend instance gradually recover its weight
  • Add maxConnPerHost to limit the number of connections to a backend
  • mod_header: add header renaming actions
  • Merge some updates from golang/net/textproto
  • Merge some updates from golang/net/http
  • Merge some updates from golang/net/http2
  • Documents optimization

Changed

  • Change outlierDetectionLevel to OutlierDetectionHttpCode

Fixed

  • Fix panic when write internal response timeout
  • Fix unit test in bfe_spdy/frame_test.go under go 1.16

Security

  • Fix config loading for multi-value option

v1.0.0

3 years ago

Added

  • Add condition primitive: req_path_contain/req_path_element_prefix_in/req_context_value_in
  • Add outlier detection options
  • Add mod_waf with rule to detect exploitation of "Shellshock" GNU Bash RCE vulnerability

Fixed

  • Fix build issue under go1.15 environment
  • Fix processing X-Forwarded-For header value
  • Fix write timeout of internal response generated by bfe

v0.12.0

3 years ago

Added

  • Support gRPC over HTTP/2
  • Support communication with FastCGI server
  • Reduce objects number by release some objects that are not used as soon as possible
  • Replace ffjson with json-iterator
  • net/textproto: turn an ancient DoS BUG annotation into a comment
  • Optimize processing of new connections under PROXY mode
  • Support integration testing in CI

v0.11.0

3 years ago

Added

  • Add mod_cors to enable cross-origin resource sharing
  • Add mod_secure_link to check authenticity and limit lifetime of links
  • Support PROXY protocol for TCP connections to backend
  • Support checking revocation status of the client certificate
  • mod_auth_request: send request with X-Forwarded-Method/X-Forwarded-Uri headers
  • mod_userid: support global rules
  • mod_key_log: support conditional logging
  • Add arm64 support for goreleaser

Changed

  • Create listeners in the final initialization step
  • Change package name to 'github.com/bfenetworks/bfe'

Removed

  • Drops words like blacklist from programming to make vocabulary more inclusive
  • Remove legacy signature of response

Fixed

  • Fix getTransport() and modify transports map with write lock

Security

  • Fix textproto: not normalize headers with spaces before the colon (CVE-2019-16276)

v0.10.0

3 years ago

Added

  • mod_auth_request: authorize clients based on thirdparty authorization service
  • mod_trace: support tracing based on Elastic APM
  • mod_compress: support brotli algorithm
  • mod_rewrite: add HostSuffixReplace action
  • Add condition primitive: req_host_tag_in/req_host_suffix_in
  • Add static content of website based on mkdocs
  • Documents optimization

Changed

  • Refactor and simplify mod_auth_jwt

Removed

  • Remove legacy type of Layer4LoadBalancer