Documentation ¶
Index ¶
- Constants
- Variables
- func BytesSize(size float64) string
- func Copy(ctx context.Context, from, to net.Conn) error
- func CustomSize(format string, size float64, base float64, _map []string) string
- func ErrIsNetClosed(err error) bool
- func ListenDTLS(network string, addr *net.UDPAddr) (net.Listener, error)
- func RAMInBytes(size string) (int64, error)
- func UnderlyingConn(c net.Conn) net.Conn
- func UpdateContext(ctx context.Context, fn func(*ContextMeta)) context.Context
- type Addr
- type Address
- type Conn
- type Context
- type ContextMeta
- func (m *ContextMeta) Complete()
- func (m *ContextMeta) Emit()
- func (m *ContextMeta) GetBaseLabels(lbs ...map[string]string) prometheus.Labels
- func (m *ContextMeta) GetLabels(lbs ...map[string]string) prometheus.Labels
- func (m ContextMeta) GetProtocol() Protocol
- func (m ContextMeta) GetRare() RateConfig
- func (m *ContextMeta) Log()
- type DialProxy
- type Downstream
- type Incoming
- type Matcher
- type Options
- type Protocol
- type Proxy
- func (m Proxy) AddAllowACMESearch(ipPort string)
- func (m Proxy) AddHTTPHostMatchRoute(ipPort string, match Matcher, dest Target)
- func (m Proxy) AddHTTPHostRoute(ipPort, httpHost string, dest Target)
- func (m Proxy) AddRoute(ipPort string, dest Target)
- func (m Proxy) AddSNIMatchRoute(ipPort string, matcher Matcher, dest Target)
- func (m Proxy) AddSNIRoute(ipPort, sni string, dest Target)
- func (m Proxy) AddStopACMESearch(ipPort string)
- func (p *Proxy) Close() error
- func (p *Proxy) Configure(x *api.Config) error
- func (p *Proxy) GetConfig() (*api.Config, error)
- func (p *Proxy) RPC() *Updates
- func (p *Proxy) Reload(m configMap) error
- func (m Proxy) Route(r *api.Route)
- func (p *Proxy) Start() (err error)
- func (p *Proxy) TriggerReload() error
- type Rate
- type RateBy
- type RateConfig
- type RateCopy
- type ServerInfo
- type Speed
- type SpeedRateConfig
- type TCP
- type Target
- type TargetListener
- type Updates
- type Upstream
Constants ¶
const ( // Binary KiB = 1024 MiB = 1024 * KiB GiB = 1024 * MiB TiB = 1024 * GiB PiB = 1024 * TiB )
See: http://en.wikipedia.org/wiki/Binary_prefix
const BufferSize = KiB
BufferSize this is the size of data that is read/written by default.
Variables ¶
var ErrPortNotAllowed = errors.New("proxy: port not allowed")
ErrPortNotAllowed is returned when opening non whitelisted port.
Functions ¶
func BytesSize ¶
BytesSize returns a human-readable size in bytes, kibibytes, mebibytes, gibibytes, or tebibytes (eg. "44kiB", "17MiB").
func Copy ¶
Copy starts two goroutines. On that copy from=>to and another that copies to>from from is downstream connection while to is the upstream connection.
func CustomSize ¶
CustomSize returns a human-readable approximation of a size using custom format.
func ErrIsNetClosed ¶
ErrIsNetClosed returns true if err is an error returned when using a closed network connection
func ListenDTLS ¶
ListenDTLS implements listener for dtls
func RAMInBytes ¶
RAMInBytes parses a human-readable string representing an amount of RAM in bytes, kibibytes, mebibytes, gibibytes, or tebibytes and returns the number of bytes, or -1 if the string is unparseable. Units are case-insensitive, and the 'b' suffix is optional.
func UnderlyingConn ¶
UnderlyingConn returns c.Conn if c of type *Conn, otherwise it returns c.
func UpdateContext ¶
func UpdateContext(ctx context.Context, fn func(*ContextMeta)) context.Context
UpdateContext applies fn to the Meta that is in ctx and returns a new context if ctx doesn't have Meta yet.
Types ¶
type Conn ¶
type Conn struct { // HostName is the hostname field that was sent to the request router. // In the case of TLS, this is the SNI header, in the case of HTTPHost // route, it will be the host header. In the case of a fixed // route, i.e. those created with AddRoute(), this will always be // empty. This can be useful in the case where further routing decisions // need to be made in the Target implementation. HostName string // Peeked are the bytes that have been read from Conn for the // purposes of route matching, but have not yet been consumed // by Read calls. It set to nil by Read when fully consumed. Peeked []byte // Conn is the underlying connection. // It can be type asserted against *net.TCPConn or other types // as needed. It should not be read from directly unless // Peeked is nil. net.Conn }
Conn is an incoming connection that has had some bytes read from it to determine how to route the connection. The Read method stitches the peeked bytes and unread bytes back together.
type Context ¶
type Context struct {
ID int64
}
Context holds information about an a tcp request/response
func NewContext ¶
func NewContext() *Context
type ContextMeta ¶
type ContextMeta struct { ID atomic.Int64 // Downstream D TCP // Upstream U TCP // ACME true if we are serving acme challenge ACME atomic.Bool // Fixed is true if we are serving a fixed target Fixed atomic.Bool // NoMatch true if we have no matching route NoMatch atomic.Bool // ServerName SNI or Host of the server serving the request ServerName atomic.String // RouteName the name of the route if any RouteName atomic.String // Protocol The protocol which we are serving Protocol atomic.Uint32 Start, End time.Time Speed SpeedRateConfig Rate Rate // Labels these are labels that are attached to the request Labels map[string]string // contains filtered or unexported fields }
Meta a lot of details that is passed around with the connection.
func GetContextMeta ¶
func GetContextMeta(ctx context.Context) *ContextMeta
func (*ContextMeta) Complete ¶
func (m *ContextMeta) Complete()
func (*ContextMeta) Emit ¶
func (m *ContextMeta) Emit()
Emit based on m emits various metrics exposed by prometheus
func (*ContextMeta) GetBaseLabels ¶
func (m *ContextMeta) GetBaseLabels(lbs ...map[string]string) prometheus.Labels
func (*ContextMeta) GetLabels ¶
func (m *ContextMeta) GetLabels(lbs ...map[string]string) prometheus.Labels
func (ContextMeta) GetProtocol ¶
func (m ContextMeta) GetProtocol() Protocol
func (ContextMeta) GetRare ¶
func (m ContextMeta) GetRare() RateConfig
GetRare returns rate limiting configuration for this route
type DialProxy ¶
type DialProxy struct { Network string // Addr is the TCP address to proxy to. Addr string // KeepAlivePeriod sets the period between TCP keep alives. // If zero, a default is used. To disable, use a negative number. // The keep-alive is used for both the client connection and KeepAlivePeriod time.Duration // DialTimeout optionally specifies a dial timeout. // If zero, a default is used. // If negative, the timeout is disabled. DialTimeout time.Duration // DialContext optionally specifies an alternate dial function // for TCP targets. If nil, the standard // net.Dialer.DialContext method is used. DialContext func(ctx context.Context, network, address string) (net.Conn, error) // OnDialError optionally specifies an alternate way to handle errors dialing Addr. // If nil, the error is logged and src is closed. // If non-nil, src is not closed automatically. OnDialError func(src net.Conn, dstDialErr error) // ProxyProtocolVersion optionally specifies the version of // HAProxy's PROXY protocol to use. The PROXY protocol provides // connection metadata to the DialProxy target, via a header // inserted ahead of the client's traffic. The DialProxy target // must explicitly support and expect the PROXY header; there is // no graceful downgrade. // If zero, no PROXY header is sent. Currently, version 1 is supported. ProxyProtocolVersion int // MetricsLabels labels included when emitting metrics about the TPC proxying // with this Dial MetricsLabels map[string]string UpstreamSpeed Speed DownstreamSpeed Speed }
DialProxy implements Target by dialing a new connection to Addr and then proxying data back and forth.
The To func is a shorthand way of creating a DialProxy.
type Downstream ¶
type Downstream struct {
// contains filtered or unexported fields
}
type Proxy ¶
type Proxy struct { // ListenFunc optionally specifies an alternate listen // function. If nil, net.Dial is used. // The provided net is always "tcp". ListenFunc func(net, laddr string) (net.Listener, error) // contains filtered or unexported fields }
Proxy is a proxy. Its zero value is a valid proxy that does nothing. Call methods to add routes before calling Start or Run.
The order that routes are added in matters; each is matched in the order registered.
func (Proxy) AddAllowACMESearch ¶
func (m Proxy) AddAllowACMESearch(ipPort string)
func (Proxy) AddHTTPHostMatchRoute ¶
AddHTTPHostMatchRoute appends a route to the ipPort listener that routes to dest if the incoming HTTP/1.x Host header name is accepted by matcher. If it doesn't match, rule processing continues for any additional routes on ipPort.
The ipPort is any valid net.Listen TCP address.
func (Proxy) AddHTTPHostRoute ¶
AddHTTPHostRoute appends a route to the ipPort listener that routes to dest if the incoming HTTP/1.x Host header name is httpHost. If it doesn't match, rule processing continues for any additional routes on ipPort.
The ipPort is any valid net.Listen TCP address.
func (Proxy) AddRoute ¶
AddRoute appends an always-matching route to the ipPort listener, directing any connection to dest.
This is generally used as either the only rule (for simple TCP proxies), or as the final fallback rule for an ipPort.
The ipPort is any valid net.Listen TCP address.
func (Proxy) AddSNIMatchRoute ¶
AddSNIMatchRoute appends a route to the ipPort listener that routes to dest if the incoming TLS SNI server name is accepted by matcher. If it doesn't match, rule processing continues for any additional routes on ipPort.
By default, the proxy will route all ACME tls-sni-01 challenges received on ipPort to all SNI dests. You can disable ACME routing with AddStopACMESearch.
The ipPort is any valid net.Listen TCP address.
func (Proxy) AddSNIRoute ¶
AddSNIRoute appends a route to the ipPort listener that routes to dest if the incoming TLS SNI server name is sni. If it doesn't match, rule processing continues for any additional routes on ipPort.
By default, the proxy will route all ACME tls-sni-01 challenges received on ipPort to all SNI dests. You can disable ACME routing with AddStopACMESearch.
The ipPort is any valid net.Listen TCP address.
func (Proxy) AddStopACMESearch ¶
func (m Proxy) AddStopACMESearch(ipPort string)
func (*Proxy) Start ¶
Start creates a TCP listener for each unique ipPort from the previously created routes and starts the proxy. It returns any error from starting listeners.
If it returns a non-nil error, any successfully opened listeners are closed.
func (*Proxy) TriggerReload ¶
type ServerInfo ¶
ServerInfo general information about the server.
func GetInfo ¶
func GetInfo(ctx context.Context) *ServerInfo
GetInfo returns server information from context
type Speed ¶
type Speed string
Speed is a unit representing amount of bytes per duration eg 120kib/s
type SpeedRateConfig ¶
type SpeedRateConfig struct { // This is the amount of bytes read from the client by the server per second. // You can think of this as limit on upload speed, where tt is the server // receiving the data so it will use this value to limit how much it will be // reading per second // You can use this to control upload speeds Downstream atomic.Float64 // This is the amount of bytes read from the proxied(upstream) end point. In this case // tt will use this to limit how much data it reads from upstream. You can use // this to control download speeds Upstream atomic.Float64 }
type TCP ¶
type TCP struct { // A socket address A Address // R bytes read from this socket. R atomic.Int64 // W bytes written to this socket W atomic.Int64 }
TCP stats about a tcp socket connection
type Target ¶
type Target interface { // HandleConn is called when an incoming connection is // matched. After the call to HandleConn, the tcpproxy // package never touches the conn again. Implementations are // responsible for closing the connection when needed. // // The concrete type of conn will be of type *Conn if any // bytes have been consumed for the purposes of route // matching. HandleConn(context.Context, net.Conn) }
Target is what an incoming matched connection is sent to.
type TargetListener ¶
type TargetListener struct { Address string // Address is the string reported by TargetListener.Addr().String(). // contains filtered or unexported fields }
TargetListener implements both net.Listener and Target. Matched Targets become accepted connections.
func (*TargetListener) Accept ¶
func (tl *TargetListener) Accept() (net.Conn, error)
Accept implements the Accept method in the net.Listener interface.
func (*TargetListener) Addr ¶
func (tl *TargetListener) Addr() net.Addr
Addr returns the listener's Address field as a net.Addr.
func (*TargetListener) Close ¶
func (tl *TargetListener) Close() error
Close stops listening for new connections. All new connections routed to this listener will be closed. Already accepted connections are not closed.
func (*TargetListener) HandleConn ¶
func (tl *TargetListener) HandleConn(ctx context.Context, c net.Conn)
HandleConn implements the Target interface. It blocks until tl is closed or another goroutine has called Accept and received c.