Skip to content

v20240606

Latest
Compare
Choose a tag to compare
@txthinking txthinking released this 10 May 09:51
· 14 commits to master since this release

CLI

  • Each subcommand has a --example argument, for example brook server --example
  • brook link --token: A token represents a user's identity. A string encoded in hexadecimal. Server needs to have --userAPI enabled. Note that: Only supported by the brook GUI(except for OpenWrt) and tun2brook. However, it is more recommended to use the user system to build token with brook link, such as brook-user-system.
  • brook --userAPI: When you build your own user system, Brook Server will send GET request to your userAPI to check if token is valid, for example: https://your-api-server.com/a_unpredictable_path. Yes, it is recommended to add an unpredictable path to your https API, of course, you can also use the http api for internal network communication. The request format is https://your-api-server.com/a_unpredictable_path?token=xxx. When the response is 200, the body should be the user's unique identifier, such as user ID; all other status codes are considered to represent an illegitimate user, and in these cases, the body should be a string describing the error. It should be used with --serverLog and server/wsserver/wssserver/quicserver with brook protocol. For more information, please read https://github.com/txthinking/brook/blob/master/protocol/user.md
  • brook --userAPIValidCacheTime: Once a token is checked and valid, the userAPI will not be requested to validate again for a certain period (s). A reasonable value must be set, otherwise it will affect the performance of each incoming connection (default: 3600)
  • brook --userAPIInvalidCacheTime: Once a token is checked and invalid, the userAPI will not be requested to validate again for a certain period (s). A reasonable value must be set, otherwise it will affect the performance of each incoming connection. Note that this may affect the user experience, when you change the user status from invalid to valid in your user system. (default: 1800)
  • brook --tag: Tag can be used to the process, will be append into log or serverLog, such as: 'key1:value1'. All tags will also be appended as query parameters one by one to the userAPI
  • brook --pid: A file path used to store pid. Send SIGUSR1 to me to reset the --serverLog file on unix system
  • brook --blockDomainList: One domain per line, suffix match mode. https://, http:// or local file absolute path. Like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_domain.txt. Works with server/wsserver/wssserver/quicserver
  • brook --blockCIDR4List: One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr4.txt. Works with server/wsserver/wssserver/quicserver
  • brook --blockCIDR6List: One CIDR per line, https://, http:// or local file absolute path, like: https://raw.githubusercontent.com/txthinking/brook/master/programmable/list/example_cidr6.txt. Works with server/wsserver/wssserver/quicserver
  • brook --blockGeoIP: Block IP by Geo country code, such as US. Works with server/wsserver/wssserver/quicserver
  • brook --blockListUpdateInterval: Update list --blockDomainList,--blockCIDR4List,--blockCIDR6List interval, second. default 0, only read one time on start (default: 0)
  • brook link --udpoverstream: When server is brook quicserver, UDP over Stream. Under normal circumstances, you need this parameter because the max datagram size for QUIC is very small. Note: only brook CLI and tun2brook suppport for now (default: false)

GUI

  • support brook link --fragment
  • support brook link --token. However, it is more recommended to use the user system to build token with brook link, such as brook-user-system
  • Fake DNS and Block Google Secure DNS module have been enabled by default.

Documentation

https://brook.app