dan-v
diff --git a/‎.circleci/config.yml
Lines changed: 2 additions & 6 deletions b/‎.circleci/config.yml
Lines changed: 2 additions & 6 deletions
diff --git a/‎.dockerignore
Lines changed: 2 additions & 3 deletions b/‎.dockerignore
Lines changed: 2 additions & 3 deletions
diff --git a/‎.github/ISSUE_TEMPLATE/bug_report.md
Lines changed: 43 additions & 0 deletions b/‎.github/ISSUE_TEMPLATE/bug_report.md
Lines changed: 43 additions & 0 deletions
diff --git a/‎.github/ISSUE_TEMPLATE/feature_request.md
Lines changed: 17 additions & 0 deletions b/‎.github/ISSUE_TEMPLATE/feature_request.md
Lines changed: 17 additions & 0 deletions
diff --git a/‎.gitignore
Lines changed: 2 additions & 4 deletions b/‎.gitignore
Lines changed: 2 additions & 4 deletions
diff --git a/‎Dockerfile
Lines changed: 4 additions & 4 deletions b/‎Dockerfile
Lines changed: 4 additions & 4 deletions
diff --git a/‎Makefile
Lines changed: 89 additions & 16 deletions b/‎Makefile
Lines changed: 89 additions & 16 deletions
diff --git a/‎README.md
Lines changed: 34 additions & 17 deletions b/‎README.md
Lines changed: 34 additions & 17 deletions
diff --git a/‎VERSION
Lines changed: 1 addition & 0 deletions b/‎VERSION
Lines changed: 1 addition & 0 deletions
diff --git a/‎images/how-it-works.png renamed to ‎assets/images/how-it-works.png b/‎images/how-it-works.png renamed to ‎assets/images/how-it-works.png
@@ -7,10 +7,6 @@ jobs:
     steps:
       - checkout
       - run: go get -u github.com/go-bindata/go-bindata/...
-      - run: make all-zip
+      - run: make
       - store_artifacts:
-          path: build/zip/awslambdaproxy-linux-x86-64.zip
-          destination: awslambdaproxy-linux-x86-64.zip
-      - store_artifacts:
-          path: build/zip/lambda.zip
-          destination: lambda.zip
+          path: artifacts
@@ -1,4 +1,3 @@
-build
-data
-images
+assets
+artifacts
 bindata.go
@@ -0,0 +1,43 @@
+---
+name: Bug report
+about: Create a report to help us improve
+
+---
+
+### Prerequisites
+
+* [ ] I am running the [latest version](https://github.com/dan-v/awslambdaproxy/releases) of awslambdaproxy
+* [ ] I am have read the [README](https://github.com/dan-v/awslambdaproxy#usage) instructions and the [FAQ](https://github.com/dan-v/awslambdaproxy#faq)
+
+### Description
+
+[Description of the issue]
+
+### Steps to Reproduce
+
+1. [First Step]
+2. [Second Step]
+3. [and so on...]
+
+**Expected behavior:** [What you expected to happen]
+
+**Actual behavior:** [What actually happened]
+
+### Environment
+* If you are using CLI, get the version and specify the full command you are using.
+```
+./awslambdaproxy version
+awslambdaproxy version 0.0.12
+./awslambdaproxy -r us-west-2,us-west-1 -f 60
+```
+* If you are using Docker, get the version and specify the full command you are using.
+```
+docker run -it --rm --entrypoint /app/awslambdaproxy vdan/awslambdaproxy -v
+awslambdaproxy version 0.0.12
+docker run -d vdan/awslambdaproxy -r us-west-2,us-west-1 -f 60
+```
+
+### Error Output
+```
+...
+```
@@ -0,0 +1,17 @@
+---
+name: Feature request
+about: Suggest an idea for this project
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.
@@ -83,10 +83,8 @@ fabric.properties
 # .idea/misc.xml 
 # *.ipr
 
-/awslambdaproxy
-data/lambda.zip
-data/lambda/main
 bindata.go
-build/
 .DS_Store
 vendor/
+artifacts
+coverage.html
@@ -3,10 +3,10 @@ RUN apt-get update -y
 RUN apt-get install -y zip
 RUN go get -u github.com/go-bindata/go-bindata/...
 ADD . /src
-RUN cd /src && make linux
+RUN cd /src && make build
 
 FROM alpine:latest
-COPY --from=build-env /src/build/linux/x86-64/awslambdaproxy /app/
+COPY --from=build-env /src/artifacts/server/linux/awslambdaproxy /app/
 
 ENV AWS_ACCESS_KEY_ID=
 ENV AWS_SECRET_ACCESS_KEY=
@@ -32,7 +32,7 @@ RUN mkdir ${HOME}/.ssh
 EXPOSE 2222
 EXPOSE 8080
 
-COPY docker/sshd_config /etc/ssh/sshd_config
-COPY docker/entrypoint.sh /entrypoint.sh
+COPY build/docker/sshd_config /etc/ssh/sshd_config
+COPY build/docker/entrypoint.sh /entrypoint.sh
 
 ENTRYPOINT ["/entrypoint.sh"]
@@ -1,27 +1,100 @@
-all: linux
+SHELL := /bin/bash
+TARGET := awslambdaproxy
+VERSION := $(shell cat VERSION)
+OS := linux
+ARCH := amd64
+PACKAGE := github.com/dan-v/$(TARGET)
 
-lambda:
-	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o data/lambda/main ./lambda
-	zip -jr data/lambda data/lambda
+.PHONY: \
+	clean \
+	tools \
+	test \
+	coverage \
+	vet \
+	lint \
+	fmt \
+	build \
+	lambda-build \
+	server-build-linux \
+	server-build-osx \
+	doc \
+	release \
+	docker-build \
+	docker-release \
 
-bindata: lambda
-	go-bindata -nocompress -pkg awslambdaproxy -o bindata.go data/lambda.zip
+all: tools fmt build lint vet test release
 
-linux: bindata
-	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o ./build/linux/x86-64/awslambdaproxy ./cmd/awslambdaproxy
-
-osx:
-	CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -o ./build/osx/x86-64/awslambdaproxy ./cmd/awslambdaproxy
+print-%:
+	@echo $* = $($*)
 
 clean:
-	rm -rf data/lambda/awslambdaproxy-lambda
-	rm -rf data/lambda.zip
-	rm -rf build
-	rm -rf bindata.go
+	rm -Rf artifacts
+	rm -vf $(CURDIR)/coverage.*
+
+tools:
+	go get golang.org/x/lint/golint
+	go get github.com/axw/gocov/gocov
+	go get github.com/matm/gocov-html
+
+test:
+	go test -v ./...
+
+coverage:
+	gocov test ./... > $(CURDIR)/coverage.out 2>/dev/null
+	gocov report $(CURDIR)/coverage.out
+	if test -z "$$CI"; then \
+	  gocov-html $(CURDIR)/coverage.out > $(CURDIR)/coverage.html; \
+	  if which open &>/dev/null; then \
+	    open $(CURDIR)/coverage.html; \
+	  fi; \
+	fi
+
+vet:
+	go vet -v ./...
+
+lint:
+	golint $(go list ./... | grep -v /vendor/)
+
+fmt:
+	go fmt ./...
+
+lambda-build:
+	CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o artifacts/lambda/main ./pkg/lambda
+	zip -jr artifacts/lambda artifacts/lambda
+	go-bindata -nocompress -pkg server -o pkg/server/bindata.go artifacts/lambda.zip
+	mv artifacts/lambda.zip artifacts/lambda-$(VERSION).zip
+
+server-build-linux:
+	CGO_ENABLED=0 GOOS=$(OS) GOARCH=$(ARCH) go build -ldflags \
+	    "-X $(PACKAGE)/cmd/awslambdaproxy.version=$(VERSION)" \
+	    -v -o $(CURDIR)/artifacts/server/$(OS)/$(TARGET) ./cmd/main.go
+
+server-build-osx:
+	CGO_ENABLED=0 GOOS=darwin GOARCH=amd64 go build -ldflags \
+	    "-X $(PACKAGE)/cmd/awslambdaproxy.version=$(VERSION)" \
+	    -v -o $(CURDIR)/artifacts/server/darwin/$(TARGET) ./cmd/main.go
+
+build: lambda-build server-build-linux
+
+build-osx: lambda-build server-build-osx
+
+doc:
+	godoc -http=:8080 -index
+
+release:
+	mkdir -p ./artifacts
+	zip -jr ./artifacts/$(TARGET)-$(OS)-$(VERSION).zip ./artifacts/server/$(OS)/$(TARGET)
 
+<<<<<<< HEAD
 all-zip: all
 	mkdir ./build/zip
 	zip -jr ./build/zip/awslambdaproxy-linux-x86-64 ./build/linux/x86-64/awslambdaproxy
 	cp data/lambda.zip ./build/zip/
+=======
+docker:
+	docker build . -t vdan/awslambdaproxy:$(VERSION) -t vdan/awslambdaproxy:latest
+>>>>>>> e8cc220d5edad0cbbac20ecd5143c1000ec2cda1
 
-.PHONY: lambda bindata
+docker-release:
+	docker push vdan/awslambdaproxy:$(VERSION)
+	docker push vdan/awslambdaproxy:latest
@@ -1,22 +1,21 @@
 <b>awslambdaproxy</b> is an [AWS Lambda](https://aws.amazon.com/lambda/) powered HTTP/SOCKS web proxy. It provides a constantly rotating IP address for your network traffic from all regions where AWS Lambda is available. The goal is to obfuscate your traffic and make it harder to track you as a user.
 
-![](/images/overview.gif?raw=true)
+![](/assets/images/overview.gif?raw=true)
 
 ## Features
 * HTTP/HTTPS/SOCKS5 proxy protocols support (including authentication).
-* No special software required. Just configure your system to use a proxy.
-* Each AWS Lambda region provides 1 outgoing IP address that gets rotated roughly every 4 hours. That means if you use 10 AWS regions, you'll get 60 unique IPs per day.
+* No special client side software required. Just configure your system to use a proxy.
+* Each configured AWS Lambda region provides a large pool of constantly rotating IP address.
 * Configurable IP rotation frequency between multiple regions.
-* Personal proxy server not shared with anyone else.
 * Mostly [AWS free tier](https://aws.amazon.com/free/) compatible (see FAQ below).
 
 ## Project status
 Current code status: <b>proof of concept</b>. This is the first Go application that I've ever written. It has no tests. It may not work. It may blow up. Use at your own risk.
 
 ## How it works
-At a high level, awslambdaproxy proxies TCP/UDP traffic through AWS Lambda regional endpoints. To do this, awslambdaproxy is setup on a publicly accessible host (e.g. EC2 instance) and it handles creating Lambda resources that run a proxy server ([ginuerzh/gost](https://github.com/ginuerzh/gost)). Since Lambda does not allow you to connect to bound ports in executing functions, a reverse SSH tunnel is established from the Lambda function to the host running awslambdaproxy. Once a tunnel connection is established, all user traffic is forwarded through this reverse tunnel to the proxy server. Lambda functions have a max execution time of 15 minutes, so there is a goroutine that continuously executes Lambda functions to ensure there is always a live tunnel in place. If multiple regions are specified, user traffic will be routed in a round robin fashion across these regions.
+At a high level, awslambdaproxy proxies TCP/UDP traffic through AWS Lambda regional endpoints. To do this, awslambdaproxy is setup on a publicly accessible host (e.g. EC2 instance) and it handles creating Lambda resources that run a proxy server ([gost](https://github.com/ginuerzh/gost)). Since Lambda does not allow you to connect to bound ports in executing functions, a reverse SSH tunnel is established from the Lambda function to the host running awslambdaproxy. Once a tunnel connection is established, all user traffic is forwarded through this reverse tunnel to the proxy server. Lambda functions have a max execution time of 15 minutes, so there is a goroutine that continuously executes Lambda functions to ensure there is always a live tunnel in place. If multiple regions are specified, user traffic will be routed in a round robin fashion across these regions.
 
-![](/images/how-it-works.png?raw=true)
+![](/assets/images/how-it-works.png?raw=true)
 
 ## Installation
 
@@ -27,13 +26,13 @@ The easiest way is to download a pre-built binary from the [GitHub Releases](htt
 
 ## Manual
 
-1. Copy `awslambdaproxy` binary to a publicly accessible linux host (e.g. EC2 instance, VPS instance, etc). You will need to open the following ports on this host:
-    * Port 22 - functions executing in AWS Lambda will open SSH connections back to the host running `awslambdaproxy`, so this port needs to be open to the world. The SSH key used here is dynamically generated at startup and added to the running users authorized_keys file.
-    * Port 8080 - the default configuration will start a HTTP/SOCKS proxy listener on this port with default user/password authentication. If you don't want to publicly expose the proxy server, one option is to setup your own VPN server (e.g. [dosxvpn](https://github.com/dan-v/dosxvpn) or [algo](https://github.com/trailofbits/algo)), connect to it, and just run awslambdaproxy with the proxy listener only on localhost (-l localhost:8080).
+1. Copy `awslambdaproxy` binary to a <b>publicly accessible</b> linux host (e.g. EC2 instance, VPS instance, etc). You will need to <b>open the following ports</b> on this host:
+    * <b>Port 22</b> - functions executing in AWS Lambda will open SSH connections back to the host running `awslambdaproxy`, so this port needs to be open to the world. The SSH key used here is dynamically generated at startup and added to the running users authorized_keys file.
+    * <b>Port 8080</b> - the default configuration will start a HTTP/SOCKS proxy listener on this port with default user/password authentication. If you don't want to publicly expose the proxy server, one option is to setup your own VPN server (e.g. [dosxvpn](https://github.com/dan-v/dosxvpn) or [algo](https://github.com/trailofbits/algo)), connect to it, and just run awslambdaproxy with the proxy listener only on localhost (-l localhost:8080).
 
 2. Optional, but I'd highly recommend taking a look at the Minimal IAM Policies section below. This will allow you to setup minimal permissions required to setup and run the project. Otherwise, if you don't care about security you can always use an access key with full administrator privileges. 
 
-3. `awslambdaproxy` will need access to credentials for AWS in some form. This can be either through exporting environment variables (as shown below), shared crendential file, or an IAM role if assigned to the instance you are running it on. See [this](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials) for more details.
+3. `awslambdaproxy` will need access to credentials for AWS in some form. This can be either through exporting environment variables (as shown below), shared credential file, or an IAM role if assigned to the instance you are running it on. See [this](https://docs.aws.amazon.com/sdk-for-go/v1/developer-guide/configuring-sdk.html#specifying-credentials) for more details.
 
     ```shell script
     export AWS_ACCESS_KEY_ID=XXXXXXXXXX
@@ -51,14 +50,32 @@ The easiest way is to download a pre-built binary from the [GitHub Releases](htt
     ./awslambdaproxy run -r us-west-2,us-west-1,us-east-1,us-east-2
     ```
 
-6. Configure your web browser (or OS) to use the SOCKS5 proxy on the publicly accessible host running `awslambdaproxy` on port 8080.
+6. Configure your web browser (or OS) to use the HTTP/SOCKS5 proxy on the publicly accessible host running `awslambdaproxy` on port 8080.
+
+## Examples
+```
+# execute proxy in four different regions with rotation happening every 60 seconds
+./awslambdaproxy run -r us-west-2,us-west-1,us-east-1,us-east-2 -f 60s
+
+# choose a different port and username/password for proxy and add another listener on localhost with no auth
+./awslambdaproxy run -l "admin:admin@:8888,localhost:9090"
+
+# bypass certain domains from using lambda proxy
+./awslambdaproxy run -b "*.websocket.org,*.youtube.com"
+
+# specify a dns server for the proxy server to use for dns lookups
+./awslambdaproxy run -l "admin:awslambdaproxy@:8080?dns=1.1.1.1"
+
+# increase function memory size for better network performance
+./awslambdaproxy run -m 512
+```
 
 ## Minimal IAM Policies
 * This assumes you have the AWS CLI setup with an admin user
 * Create a user with proper permissions needed to run the setup command. This user can be removed after running the setup command.
 ```shell script
 aws iam create-user --user-name awslambdaproxy-setup
-aws iam put-user-policy --user-name awslambdaproxy-setup --policy-name awslambdaproxy-setup --policy-document file://iam/setup.json
+aws iam put-user-policy --user-name awslambdaproxy-setup --policy-name awslambdaproxy-setup --policy-document file://deployment/iam/setup.json
 aws iam create-access-key --user-name awslambdaproxy-setup
 {
     "AccessKey": {
@@ -73,7 +90,7 @@ aws iam create-access-key --user-name awslambdaproxy-setup
 * Create a user with proper permission needed to run the proxy.
 ```shell script
 aws iam create-user --user-name awslambdaproxy-run
-aws iam put-user-policy --user-name awslambdaproxy-run --policy-name awslambdaproxy-run --policy-document file://iam/run.json
+aws iam put-user-policy --user-name awslambdaproxy-run --policy-name awslambdaproxy-run --policy-document file://deployment/iam/run.json
 aws iam create-access-key --user-name awslambdaproxy-run
 {
     "AccessKey": {
@@ -109,25 +126,25 @@ It will create all dependent resources and run awslambdaproxy inside Docker cont
 2. <b>Why did you use AWS Lambda for this?</b> The primary reason for using AWS Lambda in this project is the vast pool of IP addresses available that automatically rotate.
 3. <b>How big is the pool of available IP addresses?</b> This I don't know, but I do know I did not have a duplicate IP while running the proxy for a week.
 4. <b>Will this make me completely anonymous?</b> No, absolutely not. The goal of this project is just to obfuscate your web traffic by rotating your IP address. All of your traffic is going through AWS which could be traced back to your account. You can also be tracked still with [browser fingerprinting](https://panopticlick.eff.org/), etc. Your [IP address may still leak](https://ipleak.net/) due to WebRTC, Flash, etc.
-5. <b>How often will my external IP address change?</b> For each region specified, the IP address will change roughly every 4 hours. This of course is subject to change at any moment as this is not something that is documented by AWS Lambda.
+5. <b>How often will my external IP address change?</b> I'm not positive as that's specific to the internals of AWS Lambda, and that can change at any time. However, I'll give an example, with 4 regions specified rotating every 5 minutes it resulted in around 15 unique IPs per hour.
 6. <b>How much does this cost?</b> awslambdaproxy should be able to run mostly on the [AWS free tier](https://aws.amazon.com/free/) minus bandwidth costs. It can run on a t2.micro instance and the default 128MB Lambda function that is constantly running should also fall in the free tier usage. The bandwidth is what will cost you money; you will pay for bandwidth usage for both EC2 and Lambda.
-7. <b>Why does my connection drop periodically?</b> AWS Lambda functions can currently only execute for a maximum of 15 minutes. In order to maintain an ongoing proxy a new function is executed and all new traffic is cut over to it. Any ongoing connections to the previous Lambda function will hard stop after a timeout period. You generally won't see any issues for normal web browsing as connections are very short lived, but for any long lived connections you may see issues.
+7. <b>Why does my connection drop periodically?</b> AWS Lambda functions can currently only execute for a maximum of 15 minutes. In order to maintain an ongoing proxy a new function is executed and all new traffic is cut over to it. Any ongoing connections to the previous Lambda function will hard stop after a timeout period. You generally won't see any issues for normal web browsing as connections are very short lived, but for any long lived connections you will see issues. Consider using the `--bypass` flag to specify known domains that you know use persistent connections to avoid having your connection constantly dropping for these.
 
 # Powered by
 * [gost](https://github.com/ginuerzh/gost) - A simple security tunnel written in Golang.
 * [yamux](https://github.com/hashicorp/yamux) - Golang connection multiplexing library.
 * [goad](https://github.com/goadapp/goad) - Code was borrowed from this project to handle AWS Lambda zip creation and function upload.
 
 ## Build From Source
-1. Install [Go](https://golang.org/dl/) and [go-bindata](https://github.com/kevinburke/go-bindata)
+1. Install [Go](https://golang.org/dl/) and [go-bindata](https://github.com/go-bindata/go-bindata)
 
 2. Fetch the project with `git clone`:
 
   ```shell script
   git clone git@github.com:dan-v/awslambdaproxy.git && cd awslambdaproxy
   ```
 
-3. Run make to build awslambdaproxy. You'll find your `awslambdaproxy` binary in the `build` folder.
+3. Run make to build awslambdaproxy. You'll find your `awslambdaproxy` binary in the `artifacts` folder.
 
   ```shell script
   make
 
@@ -0,0 +1 @@
+0.0.13
-Original file line number
+Diff line change
@@ @@ -1,4 +1,3 @@ @@
 -build
 -data
 -images
 +assets
 +artifacts
 bindata.go