Mproxy
mProxy is an MQTT proxy – GitHub
mProxy is an MQTT proxy.
It is deployed in front of MQTT broker and can be used for authorization, packet inspection and modification,
logging and debugging and various other purposes.
Usage
go get
cd $(GOPATH)/
make. /mproxy
Architecture
mProxy starts TCP and WS servers, offering connections to devices. Upon the connection, it establishes a session with a remote MQTT broker.
It then pipes packets from devices to MQTT broker, inspecting or modifying them as they flow through proxy.
Here is the flow in more details:
Device connects to mProxy’s TCP server
mProxy accepts the inbound (IN) connection and estabishes a new session with remote MQTT broker
(i. e. it dials out to MQTT broker only once it accepted new connection from a device.
This way one device-mProxy connection corresponds to one mProxy-MQTT broker connection. )
mProxy then spawn 2 goroutines: one that will read incoming packets from device-mProxy socket (INBOUND or UPLINK),
inspect them (calling event handlers) and write them to mProxy-broker socket (forwarding them towards the broker)
and other that will be reading MQTT broker responses from mProxy-broker socket and writing them towards device,
in device-mProxy socket (OUTBOUND or DOWNLINK).
mProxy can parse and understand MQTT packages, and upon their detection it actually calls external event handlers.
Event handlers should implement the following interface defined in pkg/mqtt/
// Event is an interface for mProxy hooks
type Event interface {
// Authorization on client `CONNECT`
// Each of the params are passed by reference, so that it can be changed
AuthConnect(client *Client) error
// Authorization on client `PUBLISH`
// Topic is passed by reference, so that it can be modified
AuthPublish(client *Client, topic *string, payload *[]byte) error
// Authorization on client `SUBSCRIBE`
// Topics are passed by reference, so that they can be modified
AuthSubscribe(client *Client, topics *[]string) error
// After client successfully connected
Connect(client *Client)
// After client successfully published
Publish(client *Client, topic *string, payload *[]byte)
// After client successfully subscribed
Subscribe(client *Client, topics *[]string)
// After client unsubscribed
Unsubscribe(client *Client, topics *[]string)
// Disconnect on connection with client lost
Disconnect(client *Client)}
An example of implementation is given here, alongside with it’s main() function.
Deployment
mProxy does not do load balancing – just pure and simple proxying. This is why it should be deployed
right in front of it’s corresponding MQTT broker instance: one mProxy for each MQTT broker instance in the MQTT cluster.
Usually this is done by deploying mProxy as a side-car in the same Kubernetes pod alongside with MQTT broker instance (MQTT cluster node).
TLS termination and LB tasks can be offloaded to a standard ingress proxy – for example NginX.
Configuration
The service is configured using the environment variables presented in the following table. Note that any unset variables will be replaced with their default values.
Variable
Description
Default
MPROXY_WS_HOST
WebSocket inbound (IN) connection host
0. 0. 0
MPROXY_WS_PORT
WebSocket inbound (IN) connection port
8080
MPROXY_WS_PATH
WebSocket inbound (IN) connection path
/mqtt
MPROXY_WSS_PORT
WebSocket Secure inbound (IN) connection port
MPROXY_WSS_PATH
WebSocket Secure inbound (IN) connection path
MPROXY_WS_TARGET_SCHEME
WebSocket Target schema
ws
MPROXY_WS_TARGET_HOST
WebSocket Target host
localhost
MPROXY_WS_TARGET_PORT
WebSocket Target port
8888
MPROXY_WS_TARGET_PATH
WebSocket Target path
MPROXY_MQTT_HOST
MQTT inbound connection host
MPROXY_MQTT_PORT
MQTT inbound connection port
1883
MPROXY_MQTTS_PORT
MQTTS inbound connection port
8883
MPROXY_MQTT_TARGET_HOST
MQTT broker host
MPROXY_MQTT_TARGET_PORT
MQTT broker port
1884
MPROXY_CLIENT_TLS
Flag that indicates if TLS should be turned on
false
MPROXY_CA_CERTS
Path to trusted CAs in PEM format
MPROXY_SERVER_CERT
Path to server certificate in pem format
MPROXY_SERVER_KEY
Path to server key in pem format
MPROXY_LOG_LEVEL
Log level
debug
License
Apache-2
mproxy – Python Package Health Analysis | Snyk
Total Weekly Downloads (55) Dependents
0
GitHub Stars
1
Forks
Contributors
The PyPI package mproxy receives a total of
55 downloads a week. As such, we scored
mproxy popularity level to be Limited.
Based on project statistics from the GitHub repository for the
PyPI package mproxy, we found that it has been
starred 1 times, and that 0 other projects
in the ecosystem are dependent on it.
The download numbers shown are the average weekly downloads from the
last 6 weeks.
Security and license risk for latest version Release Date Sep 13, 2020 Direct Vulnerabilities 0 C0 H0 M0 L Indirect Vulnerabilities 0 C0 H0 M0 L All security vulnerabilities belong to
production dependencies of direct and indirect
packages. License
Unknown
Unable to detect license
We couldn’t find an appropriate license for this project. It is highly
advised to make sure the project license is compatible with your
business needs before including it as a dependency, to keep yourself
protected from infringement suits or loss of your own code.
Security Policy
No
We found a way for you to contribute to the project! Looks like
mproxy is missing a security policy.
You can
connect your project’s repository to Snyk
to stay up to date on security alerts and receive automatic fix pull
requests.
Keep your project free of vulnerabilities with Snyk Open Issues
Open PR
Last Release
1 year ago
Last Commit
Further analysis of the maintenance status of mproxy based on
released PyPI versions cadence, the repository activity,
and other data points determined that its maintenance is
Inactive.
An important project maintenance signal to consider for mproxy is
that it
hasn’t seen any new versions released to PyPI in the
past 12 months, and could be considered as a discontinued project, or that which
receives low attention from its maintainers.
In the past month we didn’t find any pull request activity or change in
issues status has been detected for the GitHub repository.
Python Versions Compatibility
Unspecified
Age
2 years
Latest Release
Dependencies
7 Direct / 31 Total
Versions
5
Maintainers
Wheels
OS Independent
mirrors / mainflux / mproxy – CODE CHINA
mProxy is an MQTT proxy.
It is deployed in front of MQTT broker and can be used for authorization, packet inspection and modification,
logging and debugging and various other purposes.
Usage
go get
cd $(GOPATH)/
make. /mproxy
Architecture
mProxy starts TCP and WS servers, offering connections to devices. Upon the connection, it establishes a session with a remote MQTT broker.
It then pipes packets from devices to MQTT broker, inspecting or modifying them as they flow through proxy.
Here is the flow in more details:
Device connects to mProxy’s TCP server
mProxy accepts the inbound (IN) connection and estabishes a new session with remote MQTT broker
(i. e. it dials out to MQTT broker only once it accepted new connection from a device.
This way one device-mProxy connection corresponds to one mProxy-MQTT broker connection. )
mProxy then spawn 2 goroutines: one that will read incoming packets from device-mProxy socket (INBOUND or UPLINK),
inspect them (calling event handlers) and write them to mProxy-broker socket (forwarding them towards the broker)
and other that will be reading MQTT broker responses from mProxy-broker socket and writing them towards device,
in device-mProxy socket (OUTBOUND or DOWNLINK).
mProxy can parse and understand MQTT packages, and upon their detection it actually calls external event handlers.
Event handlers should implement the following interface defined in pkg/mqtt/
// Event is an interface for mProxy hooks
type Event interface {
// Authorization on client `CONNECT`
// Each of the params are passed by reference, so that it can be changed
AuthConnect(client *Client) error
// Authorization on client `PUBLISH`
// Topic is passed by reference, so that it can be modified
AuthPublish(client *Client, topic *string, payload *[]byte) error
// Authorization on client `SUBSCRIBE`
// Topics are passed by reference, so that they can be modified
AuthSubscribe(client *Client, topics *[]string) error
// After client successfully connected
Connect(client *Client)
// After client successfully published
Publish(client *Client, topic *string, payload *[]byte)
// After client successfully subscribed
Subscribe(client *Client, topics *[]string)
// After client unsubscribed
Unsubscribe(client *Client, topics *[]string)
// Disconnect on connection with client lost
Disconnect(client *Client)}
An example of implementation is given here, alongside with it’s main() function.
Deployment
mProxy does not do load balancing – just pure and simple proxying. This is why it should be deployed
right in front of it’s corresponding MQTT broker instance: one mProxy for each MQTT broker instance in the MQTT cluster.
Usually this is done by deploying mProxy as a side-car in the same Kubernetes pod alongside with MQTT broker instance (MQTT cluster node).
TLS termination and LB tasks can be offloaded to a standard ingress proxy – for example NginX.
Configuration
The service is configured using the environment variables presented in the following table. Note that any unset variables will be replaced with their default values.
Variable
Description
Default
MPROXY_WS_HOST
WebSocket inbound (IN) connection host
0. 0. 0
MPROXY_WS_PORT
WebSocket inbound (IN) connection port
8080
MPROXY_WS_PATH
WebSocket inbound (IN) connection path
/mqtt
MPROXY_WSS_PORT
WebSocket Secure inbound (IN) connection port
MPROXY_WSS_PATH
WebSocket Secure inbound (IN) connection path
MPROXY_WS_TARGET_SCHEME
WebSocket Target schema
ws
MPROXY_WS_TARGET_HOST
WebSocket Target host
localhost
MPROXY_WS_TARGET_PORT
WebSocket Target port
8888
MPROXY_WS_TARGET_PATH
WebSocket Target path
MPROXY_MQTT_HOST
MQTT inbound connection host
MPROXY_MQTT_PORT
MQTT inbound connection port
1883
MPROXY_MQTTS_PORT
MQTTS inbound connection port
8883
MPROXY_MQTT_TARGET_HOST
MQTT broker host
MPROXY_MQTT_TARGET_PORT
MQTT broker port
1884
MPROXY_CLIENT_TLS
Flag that indicates if TLS should be turned on
false
MPROXY_CA_CERTS
Path to trusted CAs in PEM format
MPROXY_SERVER_CERT
Path to server certificate in pem format
MPROXY_SERVER_KEY
Path to server key in pem format
MPROXY_LOG_LEVEL
Log level
debug
License
Apache-2
