Initial implementation of mc-proxy

Layer 4 TLS SNI proxy with global firewall (IP/CIDR/GeoIP blocking), per-listener route tables, bidirectional TCP relay with half-close propagation, and a gRPC admin API (routes, firewall, status) with TLS/mTLS support. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-03-17 02:56:24 -07:00
commit c7024dcdf0
23 changed files with 2693 additions and 0 deletions
--- a/.golangci.yaml
+++ b/.golangci.yaml
@@ -0,0 +1,34 @@
+version: "2"
+
+linters:
+  enable:
+    - errcheck
+    - govet
+    - ineffassign
+    - unused
+    - errorlint
+    - gosec
+    - staticcheck
+    - revive
+    - gofmt
+    - goimports
+
+  settings:
+    errcheck:
+      check-type-assertions: true
+    govet:
+      disable:
+        - shadow
+    gosec:
+      severity: medium
+      confidence: medium
+      excludes:
+        - G104
+
+issues:
+  max-issues-per-linter: 0
+  exclude-rules:
+    - path: _test\.go
+      linters:
+        - gosec
+      text: "G101"