update tutorial

docs/concepts/hop.md

@@ -312,7 +312,7 @@ hops:
 #### 请求示例
 
 ```bash
-curl -XPOST http://127.0.0.1:8000/hop -d '{"addr": "example.com:80", "client": "gost"}'
+curl -XPOST http://127.0.0.1:8000/hop -d '{"network":"tcp","addr":"example.com:80","client":"gost","src":"192.168.1.1:1234"}'
 ```
 
 ```json
@@ -332,5 +332,15 @@ curl -XPOST http://127.0.0.1:8000/hop -d '{"addr": "example.com:80", "client": "
 }
 ```
 
+`network` (string)
+:    网络类型: `tcp`, `udp`
+
+`addr` (string)
+:    目标访问地址
+
+`src` (string)
+:    客户端地址
+
 `client` (string)
 :    用户身份标识，此信息由认证器生成。
+

docs/tutorials/reverse-proxy.md

@@ -220,9 +220,9 @@ curl --resolve example.com:80:127.0.0.1 http://example.com
 
 当请求http://example.com时，最终发送给example.com:80的HTTP请求头中Host为test.example.com。
 
-### 自定义头
+### 自定义请求头
 
-通过设置`http.header`选项可以自定义头部信息，如果所设置的头部字段已存在则会被覆盖。
+通过设置`http.header`选项可以自定义请求头部信息，如果所设置的头部字段已存在则会被覆盖。
 
 ```yaml hl_lines="16-20"
 services:
@@ -260,6 +260,34 @@ services:
 
 当请求http://example.com时，最终发送给example.com:80的HTTP请求头中将会添加`User-Agent`，`Foo`和`Bar`三个字段。
 
+### 自定义响应头
+
+通过设置`http.responseHeader`选项可以自定义响应头部信息，如果所设置的头部字段已存在则会被覆盖。
+
+```yaml hl_lines="17-19"
+services:
+- name: http
+  addr: :80
+  handler:
+    type: tcp
+    metadata:
+      sniffing: true
+  listener:
+    type: tcp
+  forwarder:
+    nodes:
+    - name: example-com
+      addr: example.com:80
+      filter:
+        host: example.com
+      http:
+        responseHeader:
+          foo: bar
+          bar: 123
+```
+
+当请求http://example.com时，最终来自example.com:80的HTTP响应头中将会添加`Foo`和`Bar`两个字段。
+
 ### Basic Authentication
 
 通过设置`http.auth`选项为目标节点启用[HTTP基本认证](https://zh.wikipedia.org/zh-cn/HTTP%E5%9F%BA%E6%9C%AC%E8%AE%A4%E8%AF%81)功能。

docs/tutorials/sniffing.md

@@ -19,7 +19,7 @@ GOST中大部分代理和转发服务都支持流量嗅探。流量嗅探需要
 
 例如以下是一个开启了流量嗅探的HTTP代理服务，当代理协商阶段结束后，会进一步检查流量，尝试嗅探出HTTP或TLS流量。
 
-```yaml hl_lines="8-11 15-18"
+```yaml hl_lines="5-12 16-23"
 services:
   - name: service-0
     addr: :8080
@@ -29,7 +29,8 @@ services:
         metadata:
           # 同时记录HTTP请求和响应体
           http.body: true
-          # 记录的请求和响应体最大大小，默认最多记录64KB数据。
+          # 记录的请求和响应体最大大小，
+          # 默认最多记录64KB数据。
           http.maxBodySize: 65536
     handler:
       type: http
@@ -159,7 +160,7 @@ TLS流量劫持的关键是对私有CA根证书的信任，用我们提供的根
 
 以下是开启了TLS流量劫持的HTTP代理，并仅对访问`example.com`及其子域名的TLS流量进行劫持。
 
-```yaml hl_lines="19-26"
+```yaml hl_lines="20-27"
 services:
   - name: service-0
     addr: :8080
@@ -169,7 +170,8 @@ services:
         metadata:
           # 同时记录HTTP请求和响应体
           http.body: true
-          # 记录的请求和响应体最大大小，默认最多记录64KB数据。
+          # 记录的请求和响应体最大大小，
+          # 默认最多记录64KB数据。
           http.maxBodySize: 65536
     handler:
       type: http

en/docs/concepts/hop.md

@@ -313,7 +313,7 @@ hops:
 #### Example
 
 ```bash
-curl -XPOST http://127.0.0.1:8000/hop -d '{"addr": "example.com:80", "client": "gost"}'
+curl -XPOST http://127.0.0.1:8000/hop -d '{"network":"tcp","addr":"example.com:80","client":"gost","src":"192.168.1.1:1234"}'
 ```
 
 ```json
@@ -333,5 +333,14 @@ curl -XPOST http://127.0.0.1:8000/hop -d '{"addr": "example.com:80", "client": "
 }
 ```
 
+`network` (string)
+:    network type: `tcp`, `udp`
+
+`addr` (string)
+:    target address
+
+`src` (string)
+:    client address
+
 `client` (string)
 :    user ID, generated by Authenticator.

en/docs/tutorials/reverse-proxy.md

@@ -218,9 +218,9 @@ curl --resolve example.com:80:127.0.0.1 http://example.com
 
 When requesting http://example.com, the Host in the HTTP request header sent to example.com:80 is test.example.com.
 
-### Custom Header
+### Custom Request Header
 
-The header information can be customized by setting the `http.header` option, if the header field already exists, it will be overwritten.
+The request header can be customized by setting the `http.header` option, if the header field already exists, it will be overwritten.
 
 ```yaml hl_lines="16-20"
 services:
@@ -258,6 +258,34 @@ services:
 
 When requesting http://example.com, three fields `User-Agent`, `Foo` and `Bar` will be added to the HTTP request header sent to example.com:80.
 
+### Custom Response Header
+
+The response header can be customized by setting the `http.responseHeader` option, if the header field already exists, it will be overwritten.
+
+```yaml hl_lines="17-19"
+services:
+- name: http
+  addr: :80
+  handler:
+    type: tcp
+    metadata:
+      sniffing: true
+  listener:
+    type: tcp
+  forwarder:
+    nodes:
+    - name: example-com
+      addr: example.com:80
+      filter:
+        host: example.com
+      http:
+        responseHeader:
+          foo: bar
+          bar: 123
+```
+
+When requesting http://example.com, `Foo` and `Bar` fields will be added to the HTTP response header received from example.com:80.
+
 ### HTTP Basic Authentication
 
 You can enable [HTTP Basic Authentication](https://en.wikipedia.org/wiki/Basic_access_authentication) for target node by setting the `http.auth` option.

en/docs/tutorials/sniffing.md

@@ -21,7 +21,7 @@ Most proxy and forwarding services in GOST support traffic sniffing. Traffic sni
 
 For example, the following is an HTTP proxy service with traffic sniffing enabled. After the proxy negotiation phase is over, it will further check the traffic and try to sniff out HTTP or TLS traffic.
 
-```yaml hl_lines="8-11 15-18"
+```yaml hl_lines="5-12 16-23"
 services:
   - name: service-0
     addr: :8080
@@ -163,7 +163,7 @@ The key to TLS traffic hijacking is to trust the private CA root certificate, an
 
 The following is an HTTP proxy with TLS traffic hijacking enabled, which only hijacks TLS traffic to `example.com` and its subdomains.
 
-```yaml hl_lines="19-26"
+```yaml hl_lines="20-27"
 services:
   - name: service-0
     addr: :8080
@@ -189,6 +189,7 @@ services:
         mitm.keyFile: ca.key
         # Customize ALPN negotiation result
         mitm.alpn: h2
+        # mitm bypass
         mitm.bypass: mitm
     listener:
       type: tcp