import * as plugins from './plugins.js';
/** Domain configuration with per-domain allowed port ranges */
export interface IDomainConfig {
    domains: string[];
    allowedIPs: string[];
    blockedIPs?: string[];
    targetIPs?: string[];
    portRanges?: Array<{
        from: number;
        to: number;
    }>;
    connectionTimeout?: number;
    useNetworkProxy?: boolean;
    networkProxyPort?: number;
}
/** Port proxy settings including global allowed port ranges */
export interface IPortProxySettings extends plugins.tls.TlsOptions {
    fromPort: number;
    toPort: number;
    targetIP?: string;
    domainConfigs: IDomainConfig[];
    sniEnabled?: boolean;
    defaultAllowedIPs?: string[];
    defaultBlockedIPs?: string[];
    preserveSourceIP?: boolean;
    initialDataTimeout?: number;
    socketTimeout?: number;
    inactivityCheckInterval?: number;
    maxConnectionLifetime?: number;
    inactivityTimeout?: number;
    gracefulShutdownTimeout?: number;
    globalPortRanges: Array<{
        from: number;
        to: number;
    }>;
    forwardAllGlobalRanges?: boolean;
    noDelay?: boolean;
    keepAlive?: boolean;
    keepAliveInitialDelay?: number;
    maxPendingDataSize?: number;
    disableInactivityCheck?: boolean;
    enableKeepAliveProbes?: boolean;
    enableDetailedLogging?: boolean;
    enableTlsDebugLogging?: boolean;
    enableRandomizedTimeouts?: boolean;
    allowSessionTicket?: boolean;
    maxConnectionsPerIP?: number;
    connectionRateLimitPerMinute?: number;
    keepAliveTreatment?: 'standard' | 'extended' | 'immortal';
    keepAliveInactivityMultiplier?: number;
    extendedKeepAliveLifetime?: number;
    useNetworkProxy?: number[];
    networkProxyPort?: number;
    acme?: {
        enabled?: boolean;
        port?: number;
        contactEmail?: string;
        useProduction?: boolean;
        renewThresholdDays?: number;
        autoRenew?: boolean;
        certificateStore?: string;
        skipConfiguredCerts?: boolean;
    };
}
export declare class PortProxy {
    private netServers;
    settings: IPortProxySettings;
    private connectionRecords;
    private connectionLogger;
    private isShuttingDown;
    private domainTargetIndices;
    private terminationStats;
    private connectionsByIP;
    private connectionRateByIP;
    private networkProxy;
    constructor(settingsArg: IPortProxySettings);
    /**
     * Initialize NetworkProxy instance
     */
    private initializeNetworkProxy;
    /**
     * Updates the domain configurations for the proxy
     * @param newDomainConfigs The new domain configurations
     */
    updateDomainConfigs(newDomainConfigs: IDomainConfig[]): Promise<void>;
    /**
     * Updates the ACME certificate settings
     * @param acmeSettings New ACME settings
     */
    updateAcmeSettings(acmeSettings: IPortProxySettings['acme']): Promise<void>;
    /**
     * Synchronizes PortProxy domain configurations to NetworkProxy
     * This allows domains configured in PortProxy to be used by NetworkProxy
     */
    private syncDomainConfigsToNetworkProxy;
    /**
     * Requests a certificate for a specific domain
     * @param domain The domain to request a certificate for
     * @returns Promise that resolves to true if the request was successful, false otherwise
     */
    requestCertificate(domain: string): Promise<boolean>;
    /**
     * Forwards a TLS connection to a NetworkProxy for handling
     * @param connectionId - Unique connection identifier
     * @param socket - The incoming client socket
     * @param record - The connection record
     * @param initialData - Initial data chunk (TLS ClientHello)
     * @param customProxyPort - Optional custom port for NetworkProxy (for domain-specific settings)
     */
    private forwardToNetworkProxy;
    /**
     * Sets up a direct connection to the target (original behavior)
     * This is used when NetworkProxy isn't configured or as a fallback
     */
    private setupDirectConnection;
    /**
     * Get connections count by IP
     */
    private getConnectionCountByIP;
    /**
     * Check and update connection rate for an IP
     */
    private checkConnectionRate;
    /**
     * Track connection by IP
     */
    private trackConnectionByIP;
    /**
     * Remove connection tracking for an IP
     */
    private removeConnectionByIP;
    /**
     * Track connection termination statistic
     */
    private incrementTerminationStat;
    /**
     * Cleans up a connection record.
     * Destroys both incoming and outgoing sockets, clears timers, and removes the record.
     * @param record - The connection record to clean up
     * @param reason - Optional reason for cleanup (for logging)
     */
    private cleanupConnection;
    /**
     * Update connection activity timestamp
     */
    private updateActivity;
    /**
     * Get target IP with round-robin support
     */
    private getTargetIP;
    /**
     * Initiates cleanup once for a connection
     */
    private initiateCleanupOnce;
    /**
     * Creates a generic error handler for incoming or outgoing sockets
     */
    private handleError;
    /**
     * Creates a generic close handler for incoming or outgoing sockets
     */
    private handleClose;
    /**
     * Main method to start the proxy
     */
    start(): Promise<void>;
    /**
     * Gracefully shut down the proxy
     */
    stop(): Promise<void>;
}