Implement HTTP relay proxy with upstream load balancing (round-robin/best/priority), captive-style health checking, domain blacklist/whitelist routing with domain-expression matching, and hot reload by Copilot · Pull Request #1 · Team-Haruki/http-proxy-lb

Copilot · 2026-03-21T15:20:05Z

Greenfield implementation of an HTTP relay proxy that listens on a local port and forwards traffic through a configurable upstream proxy pool with high-availability guarantees.

Core architecture

src/config.rs — YAML config structs (yaml_serde); mtime-based hot-reload detection; domain routing policy config
src/upstream.rs — UpstreamEntry (atomic state machine, latency EMA α=0.25, active-conn counter) + UpstreamPool (selection, reload)
src/health.rs — Background task; probes offline upstreams using captive-style HTTP generate_204 requests through the proxy, marks online on HTTP 204
src/proxy.rs — HTTP/1.x handler: CONNECT tunnel + plain HTTP forwarding; Content-Length and chunked body; client keep-alive; domain-policy based direct/proxy routing with domain-expression matching
src/main.rs — Tokio accept loop; spawns health checker and hot-reload watcher

Load balancing

Three modes via mode: in config:

Mode	Behavior
`round_robin`	Weighted round-robin across online upstreams
`best`	Picks upstream with lowest `latency_ema_ms + active_conns × 50`
`priority`	Picks the online upstream with the lowest `priority` value (higher priority), and automatically falls back to the next online priority level when the current one is offline

Each upstream now supports a priority field (default: 100) for priority mode.

Domain routing policy (blacklist / whitelist)

Adds optional domain-based direct/proxy selection:

domain_policy:
  mode: off        # off | blacklist | whitelist
  domains: []      # supports domain/suffix expressions

Behavior:

off (default): all domains use upstream proxy
blacklist: listed domains connect directly (bypass upstream proxy); others use upstream proxy
whitelist: listed domains use upstream proxy; others connect directly

This policy is applied to both:

CONNECT requests (HTTPS tunneling)
Plain HTTP forwarding

For direct HTTP routing, absolute-form proxy request targets are rewritten to origin-form before sending to origin servers.

Domain expression formats

domain_policy.domains supports:

domain:example.com — exact domain match
suffix:example.com — domain suffix match
*.example.com / .example.com — suffix shorthand
example.com — backward-compatible exact-or-suffix matching

Health checking

Passive — any TCP connect failure immediately marks the upstream offline; the in-flight request is retried on the next available upstream (up to min(pool_size, 3) attempts, then 502).

Active — background task probes each offline upstream every health_check.interval_secs seconds by sending a captive-style HTTP proxy request to:

GET http://connectivitycheck.gstatic.com/generate_204

Only an HTTP 204 response marks the upstream back online; non-204/timeout/error keeps it offline.

health_check:
  interval_secs: 30
  timeout_secs: 5

Hot reload

Config file mtime is polled every reload_interval_secs seconds. On change, the upstream list is reconciled: existing entries (matched by URL) retain their online/offline state and stats; new entries start online; removed entries are dropped — no restart required.

For existing URL-matched upstreams, hot reload now refreshes mutable config values (including priority, weight, and auth settings) while preserving runtime state/statistics, so priority changes take effect without restart.

Documentation additions

Added AGENTS.md at repository root
Added copilot-Instructions.md at repository root

Tests and validation

Added unit tests for:
- priority-mode primary selection
- priority-mode failover to next online upstream
- hot-reload priority update behavior
- captive 204 probe marks upstream online
- non-204 probe keeps upstream offline
- domain policy parsing (off/blacklist/whitelist)
- blacklist and whitelist domain matching behavior
- domain-expression matching behavior (domain:, suffix:, *. / . shorthand, legacy plain form, empty-expression guards)
- direct HTTP request-line rewrite to origin-form
Full test suite passes (cargo test)
Lint/checks pass (cargo clippy -- -D warnings)
Security scan passes (CodeQL: 0 alerts)

Original prompt

我需要这个项目做成http relay，本地监听一个http proxy端口，然后配置上游代理池
需要支持以下功能:
· 上游负载均衡模式
· 择优模式
· 主动与被动上游链路存活检测
· 正在使用的上游代理如果无法连通则需标记为离线，除非主动探测其已恢复，并且把流量转发到其他可用的上游代理
· 热更新配置
我需要确保连接到这个http proxy server的客户端能在上述需求中尽可能保证高连通性高可用性

📱 Kick off Copilot coding agent tasks wherever you are with GitHub Mobile, available on iOS and Android.

… reload Co-authored-by: MejiroRina <70424266+MejiroRina@users.noreply.github.com> Agent-Logs-Url: https://github.com/Team-Haruki/http-proxy-lb/sessions/f3748e80-1418-4394-a40c-a54bceb41f43

…sed parameters Co-authored-by: MejiroRina <70424266+MejiroRina@users.noreply.github.com> Agent-Logs-Url: https://github.com/Team-Haruki/http-proxy-lb/sessions/f3748e80-1418-4394-a40c-a54bceb41f43

MejiroRina · 2026-03-21T15:44:04Z

@copilot 再加一个优先级模式，为每个上游节点做优先级标记，根据节点存活状态切换

Copilot · 2026-03-21T15:44:08Z

@MejiroRina The model claude-sonnet-4.6 is not available for your account. This can happen if the model was disabled by your organization's policy or if your Copilot plan doesn't include access to it.