Spawn multiple gost instances in a single command with --

[caribpa]

Hi!

This PR adds the multi-instance/cmd-split flag as described in ginuerzh/gost#713 to gost v3.

Unlike the gost v2 version, this time the multi-instance feature truly isolates the gost components that were previously shared in all instances: config files, SSL/TLS certs, logging, metrics, etc.

The following is an adaptation of the example referred in ginuerzh/gost#713.

Before this PR these are the steps to create a reverse-socks over SSH:

# Server
gost -L sshd://:2222

# Client - Terminal/Process 1
gost -L rtcp://127.0.0.1:3333/127.0.0.1:1111 -F sshd://<server-ip>:2222

# Client - Terminal/Process 2
gost -L socks5://127.0.0.1:1111

# Test from Server
curl -s -L -x socks5://127.0.0.1:3333 https://example.com

After this PR the client no longer needs to use multiple terminals/processes:

# Server
gost -L sshd://:2222

# Client
gost -L socks5://127.0.0.1:1111 -- -L rtcp://127.0.0.1:3333/127.0.0.1:1111 -F sshd://<server-ip>:2222

# Test from Server
curl -s -L -x socks5://127.0.0.1:3333 https://example.com

Check how the instances spawned above (client) are isolated by making them use config files and separating their logs:

# Save the configuration of the first instance to socks.yaml
gost -L socks5://127.0.0.1:1111 -O yaml > socks.yaml

# Make the first instance log to socks.txt
echo -e 'log:\n  output: ./socks.txt\n  format: text' >> socks.yaml

# Save the configuration of the second instance to rtcp.yaml
gost -L rtcp://127.0.0.1:3333/127.0.0.1:1111 -F sshd://:2222 -O yaml > rtcp.yaml

# Rename services/hops/chains to avoid name conflicts with the first instance
sed -i 's/0@/1@/' rtcp.yaml

# Make the second instance log to rtcp.txt
echo -e 'log:\n  output: ./rtcp.txt\n  format: text' >> rtcp.yaml

# Repeat the example in the code block above with the following as Client
gost -C socks.yaml -- -C rtcp.yaml

# Make the logs a bit more readable by extracting the service and msg content
gawk -i inplace -F'[="]' '{$0="["$NF"] "$7}1' socks.txt rtcp.txt

# Check the logs side by side
pr -w $COLUMNS -m -t socks.txt rtcp.txt

For those who would like to try it, these are the steps to build gost v3 with the multi-instance/cmd-split flag feature:

# Clone my repos and switch to the branch with the feature
git clone -b cmd-split https://github.com/caribpa/go-gost-core

git clone -b cmd-split https://github.com/caribpa/go-gost-x

git clone -b cmd-split https://github.com/caribpa/go-gost

# Tell the local go-gost/x to use the local go-gost/core
cd go-gost-x

go mod edit -replace="github.com/go-gost/core=../go-gost-core"

# Tell the local go-gost/gost to use the local go-gost/core and go-gost/x
cd ../go-gost

go mod edit -replace="github.com/go-gost/core=../go-gost-core"

go mod edit -replace="github.com/go-gost/x=../go-gost-x"

# Clean the module cache
go clean -modcache

# Build gost v3
cd cmd/gost

go build

# Test it!
./gost -L sock5://:1081 -- -L http://:8081 -L sshd://:2222

Cheers 😀

[ginuerzh]

The command line is for ease of use, -- operator makes it complicated.
For your use case, we can add an optional metadata for service (such as ignoreChain) to make it bypass the chain:

gost -L socks5://127.0.0.1:1111?ignoreChain=true -L rtcp://127.0.0.1:3333/127.0.0.1:1111 -F sshd://<server-ip>:2222

For more complex use cases, you should use configuration file.
Process is the natural tool for resource isolation, it is simple and reliable.

[caribpa]

@ginuerzh, respectfully, I believe that the proposed ignoreChain could be useful for configuration files but confusing and a bit clunky for the command line.

As I agree that the implementation of -- in this PR using goroutines is a hack and doesn't escalate well at all, I reimplemented -- using processes in PR #145. Hope you can take a look and reconsider 🙂

I'm closing this PR and those in the go-gost libs related to it.