layer4-proxy/src/servers/protocol/tcp.rs

use crate::config::Upstream;
use crate::servers::protocol::tls::get_sni;
use crate::servers::{copy, Proxy};
use futures::future::try_join;
use log::{debug, error, info, warn};
use std::sync::Arc;
use tokio::io;
use tokio::io::AsyncWriteExt;
use tokio::net::{TcpListener, TcpStream};

pub(crate) async fn proxy(config: Arc<Proxy>) -> Result<(), Box<dyn std::error::Error>> {
    let listener = TcpListener::bind(config.listen).await?;
    let config = config.clone();

    loop {
        let thread_proxy = config.clone();
        match listener.accept().await {
            Err(err) => {
                error!("Failed to accept connection: {}", err);
                return Err(Box::new(err));
            }
            Ok((stream, _)) => {
                tokio::spawn(async move {
                    match accept(stream, thread_proxy).await {
                        Ok(_) => {}
                        Err(err) => {
                            error!("Relay thread returned an error: {}", err);
                        }
                    };
                });
            }
        }
    }
}

async fn accept(inbound: TcpStream, proxy: Arc<Proxy>) -> Result<(), Box<dyn std::error::Error>> {
    info!("New connection from {:?}", inbound.peer_addr()?);

    let upstream_name = match proxy.tls {
        false => proxy.default_action.clone(),
        true => {
            let mut hello_buf = [0u8; 1024];
            inbound.peek(&mut hello_buf).await?;
            let snis = get_sni(&hello_buf);
            if snis.is_empty() {
                proxy.default_action.clone()
            } else {
                match proxy.sni.clone() {
                    Some(sni_map) => {
                        let mut upstream = proxy.default_action.clone();
                        for sni in snis {
                            let m = sni_map.get(&sni);
                            if m.is_some() {
                                upstream = m.unwrap().clone();
                                break;
                            }
                        }
                        upstream
                    }
                    None => proxy.default_action.clone(),
                }
            }
        }
    };

    debug!("Upstream: {}", upstream_name);

    let upstream = match proxy.upstream.get(&upstream_name) {
        Some(upstream) => upstream,
        None => {
            warn!(
                "No upstream named {:?} on server {:?}",
                proxy.default_action, proxy.name
            );
            return process(inbound, proxy.upstream.get(&proxy.default_action).unwrap()).await;
            // ToDo: Remove unwrap and check default option
        }
    };

    process(inbound, upstream).await
}

async fn process(
    mut inbound: TcpStream,
    upstream: &Upstream,
) -> Result<(), Box<dyn std::error::Error>> {
    match upstream {
        Upstream::Ban => {
            inbound.shutdown().await?;
        }
        Upstream::Echo => {
            let (mut ri, mut wi) = io::split(inbound);
            let inbound_to_inbound = copy(&mut ri, &mut wi);
            let bytes_tx = inbound_to_inbound.await;
            debug!("Bytes read: {:?}", bytes_tx);
        }
        Upstream::Proxy(config) => {
            let outbound = match config.protocol.as_ref() {
                "tcp4" | "tcp6" | "tcp" => {
                    TcpStream::connect(config.resolve_addresses().await?.as_slice()).await?
                }
                _ => {
                    error!("Reached unknown protocol: {:?}", config.protocol);
                    return Err("Reached unknown protocol".into());
                }
            };

            debug!("Connected to {:?}", outbound.peer_addr().unwrap());

            let (mut ri, mut wi) = io::split(inbound);
            let (mut ro, mut wo) = io::split(outbound);

            let inbound_to_outbound = copy(&mut ri, &mut wo);
            let outbound_to_inbound = copy(&mut ro, &mut wi);

            let (bytes_tx, bytes_rx) = try_join(inbound_to_outbound, outbound_to_inbound).await?;

            debug!("Bytes read: {:?} write: {:?}", bytes_tx, bytes_rx);
        }
    };
    Ok(())
}
Add upstream scheme support Need to implement TCP and UDP upstream support. 2021-10-31 11:21:32 +00:00			`use crate::config::Upstream;`
Add KCP support 2021-10-26 13:36:12 +00:00			`use crate::servers::protocol::tls::get_sni;`
Deduplicate copy method Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-10-04 18:50:40 +00:00			`use crate::servers::{copy, Proxy};`
Add KCP support 2021-10-26 13:36:12 +00:00			`use futures::future::try_join;`
Enable explicit ipv4 / ipv6 proxying Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-06-02 15:35:29 +00:00			`use log::{debug, error, info, warn};`
Add KCP support 2021-10-26 13:36:12 +00:00			`use std::sync::Arc;`
			`use tokio::io;`
Deduplicate copy method Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-10-04 18:50:40 +00:00			`use tokio::io::AsyncWriteExt;`
Add KCP support 2021-10-26 13:36:12 +00:00			`use tokio::net::{TcpListener, TcpStream};`

Extract DNS address resolution Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-08-16 07:32:05 +00:00			`pub(crate) async fn proxy(config: Arc<Proxy>) -> Result<(), Box<dyn std::error::Error>> {`
Add KCP support 2021-10-26 13:36:12 +00:00			`let listener = TcpListener::bind(config.listen).await?;`
			`let config = config.clone();`

			`loop {`
			`let thread_proxy = config.clone();`
			`match listener.accept().await {`
			`Err(err) => {`
			`error!("Failed to accept connection: {}", err);`
			`return Err(Box::new(err));`
			`}`
			`Ok((stream, _)) => {`
			`tokio::spawn(async move {`
			`match accept(stream, thread_proxy).await {`
			`Ok(_) => {}`
			`Err(err) => {`
			`error!("Relay thread returned an error: {}", err);`
			`}`
			`};`
			`});`
			`}`
			`}`
			`}`
			`}`

			`async fn accept(inbound: TcpStream, proxy: Arc<Proxy>) -> Result<(), Box<dyn std::error::Error>> {`
Enable explicit ipv4 / ipv6 proxying Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-06-02 15:35:29 +00:00			`info!("New connection from {:?}", inbound.peer_addr()?);`
Add KCP support 2021-10-26 13:36:12 +00:00
			`let upstream_name = match proxy.tls {`
Rename Proxy::default to ::default_action Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-08-16 07:31:20 +00:00			`false => proxy.default_action.clone(),`
Add KCP support 2021-10-26 13:36:12 +00:00			`true => {`
			`let mut hello_buf = [0u8; 1024];`
			`inbound.peek(&mut hello_buf).await?;`
			`let snis = get_sni(&hello_buf);`
			`if snis.is_empty() {`
Rename Proxy::default to ::default_action Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-08-16 07:31:20 +00:00			`proxy.default_action.clone()`
Add KCP support 2021-10-26 13:36:12 +00:00			`} else {`
			`match proxy.sni.clone() {`
			`Some(sni_map) => {`
Rename Proxy::default to ::default_action Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-08-16 07:31:20 +00:00			`let mut upstream = proxy.default_action.clone();`
Add KCP support 2021-10-26 13:36:12 +00:00			`for sni in snis {`
			`let m = sni_map.get(&sni);`
			`if m.is_some() {`
			`upstream = m.unwrap().clone();`
			`break;`
			`}`
			`}`
			`upstream`
			`}`
Rename Proxy::default to ::default_action Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-08-16 07:31:20 +00:00			`None => proxy.default_action.clone(),`
Add KCP support 2021-10-26 13:36:12 +00:00			`}`
			`}`
			`}`
			`};`

			`debug!("Upstream: {}", upstream_name);`

			`let upstream = match proxy.upstream.get(&upstream_name) {`
			`Some(upstream) => upstream,`
			`None => {`
			`warn!(`
			`"No upstream named {:?} on server {:?}",`
Rename Proxy::default to ::default_action Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-08-16 07:31:20 +00:00			`proxy.default_action, proxy.name`
Add KCP support 2021-10-26 13:36:12 +00:00			`);`
Prevent unnecessary clone This also ensures that the address resolver actually keeps state. Otherwise it was cloned before each resolution, resulting in it never keeping the resolved addresses. Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-08-25 20:52:46 +00:00			`return process(inbound, proxy.upstream.get(&proxy.default_action).unwrap()).await;`
Add config validation 2021-11-01 05:45:47 +00:00			`// ToDo: Remove unwrap and check default option`
Add KCP support 2021-10-26 13:36:12 +00:00			`}`
			`};`
Enable explicit ipv4 / ipv6 proxying Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-06-02 15:35:29 +00:00
Improve code style Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-10-04 20:33:11 +00:00			`process(inbound, upstream).await`
Add KCP support 2021-10-26 13:36:12 +00:00			`}`

Add config validation 2021-11-01 05:45:47 +00:00			`async fn process(`
			`mut inbound: TcpStream,`
Prevent unnecessary clone This also ensures that the address resolver actually keeps state. Otherwise it was cloned before each resolution, resulting in it never keeping the resolved addresses. Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-08-25 20:52:46 +00:00			`upstream: &Upstream,`
Add config validation 2021-11-01 05:45:47 +00:00			`) -> Result<(), Box<dyn std::error::Error>> {`
Add upstream scheme support Need to implement TCP and UDP upstream support. 2021-10-31 11:21:32 +00:00			`match upstream {`
			`Upstream::Ban => {`
Improve code style Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-10-04 20:33:11 +00:00			`inbound.shutdown().await?;`
Add upstream scheme support Need to implement TCP and UDP upstream support. 2021-10-31 11:21:32 +00:00			`}`
			`Upstream::Echo => {`
			`let (mut ri, mut wi) = io::split(inbound);`
			`let inbound_to_inbound = copy(&mut ri, &mut wi);`
			`let bytes_tx = inbound_to_inbound.await;`
			`debug!("Bytes read: {:?}", bytes_tx);`
			`}`
Rename Upstream::Custom to Upstream::Proxy And CustomUpstream to ProxyToUpstream. Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-10-04 20:10:28 +00:00			`Upstream::Proxy(config) => {`
			`let outbound = match config.protocol.as_ref() {`
Enable explicit ipv4 / ipv6 proxying Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-06-02 15:35:29 +00:00			`"tcp4" \| "tcp6" \| "tcp" => {`
Rename Upstream::Custom to Upstream::Proxy And CustomUpstream to ProxyToUpstream. Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-10-04 20:10:28 +00:00			`TcpStream::connect(config.resolve_addresses().await?.as_slice()).await?`
Enable explicit ipv4 / ipv6 proxying Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-06-02 15:35:29 +00:00			`}`
			`_ => {`
Rename Upstream::Custom to Upstream::Proxy And CustomUpstream to ProxyToUpstream. Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-10-04 20:10:28 +00:00			`error!("Reached unknown protocol: {:?}", config.protocol);`
Enable explicit ipv4 / ipv6 proxying Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-06-02 15:35:29 +00:00			`return Err("Reached unknown protocol".into());`
			`}`
			`};`
Add KCP support 2021-10-26 13:36:12 +00:00
Enable explicit ipv4 / ipv6 proxying Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-06-02 15:35:29 +00:00			`debug!("Connected to {:?}", outbound.peer_addr().unwrap());`
Add KCP support 2021-10-26 13:36:12 +00:00
Enable explicit ipv4 / ipv6 proxying Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-06-02 15:35:29 +00:00			`let (mut ri, mut wi) = io::split(inbound);`
			`let (mut ro, mut wo) = io::split(outbound);`
Add KCP support 2021-10-26 13:36:12 +00:00
Enable explicit ipv4 / ipv6 proxying Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-06-02 15:35:29 +00:00			`let inbound_to_outbound = copy(&mut ri, &mut wo);`
			`let outbound_to_inbound = copy(&mut ro, &mut wi);`
Add KCP support 2021-10-26 13:36:12 +00:00
Enable explicit ipv4 / ipv6 proxying Signed-off-by: Jacob Kiers <code@kiers.eu> 2023-06-02 15:35:29 +00:00			`let (bytes_tx, bytes_rx) = try_join(inbound_to_outbound, outbound_to_inbound).await?;`

			`debug!("Bytes read: {:?} write: {:?}", bytes_tx, bytes_rx);`
			`}`
Update README and minor refactor 2021-11-01 07:25:12 +00:00			`};`
			`Ok(())`
Add KCP support 2021-10-26 13:36:12 +00:00			`}`