forked from BrockChen/tcpproxy
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathproxy.go
More file actions
117 lines (101 loc) · 2.76 KB
/
proxy.go
File metadata and controls
117 lines (101 loc) · 2.76 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
package proxy
import (
"crypto/tls"
"log"
"net"
)
// Server is a TCP server that takes an incoming request and sends it to another
// server, proxying the response back to the client.
type Server struct {
// TCP address to listen on
Addr string
// TCP address of target server
Target string
// ModifyRequest is an optional function that modifies the request from a client to the target server.
ModifyRequest func(b *[]byte)
// ModifyResponse is an optional function that modifies the response from the target server.
ModifyResponse func(b *[]byte)
// TLS configuration to listen on.
TLSConfig *tls.Config
// TLS configuration for the proxy if needed to connect to the target server with TLS protocol.
// If nil, TCP protocol is used.
TLSConfigTarget *tls.Config
}
// ListenAndServe listens on the TCP network address laddr and then handle packets
// on incoming connections.
func (s *Server) ListenAndServe() error {
listener, err := net.Listen("tcp", s.Addr)
if err != nil {
return err
}
return s.serve(listener)
}
// ListenAndServeTLS acts identically to ListenAndServe, except that it uses TLS
// protocol. Additionally, files containing a certificate and matching private key
// for the server must be provided if neither the Server's TLSConfig.Certificates nor
// TLSConfig.GetCertificate are populated.
func (s *Server) ListenAndServeTLS(certFile, keyFile string) error {
configHasCert := len(s.TLSConfig.Certificates) > 0 || s.TLSConfig.GetCertificate != nil
if !configHasCert || certFile != "" || keyFile != "" {
var err error
s.TLSConfig.Certificates = make([]tls.Certificate, 1)
s.TLSConfig.Certificates[0], err = tls.LoadX509KeyPair(certFile, keyFile)
if err != nil {
return err
}
}
listener, err := tls.Listen("tcp", s.Addr, s.TLSConfig)
if err != nil {
return err
}
return s.serve(listener)
}
func (s *Server) serve(ln net.Listener) error {
for {
conn, err := ln.Accept()
if err != nil {
log.Println(err)
continue
}
go s.handleConn(conn)
}
}
func (s *Server) handleConn(conn net.Conn) {
// connects to target server
var rconn net.Conn
var err error
if s.TLSConfigTarget == nil {
rconn, err = net.Dial("tcp", s.Target)
} else {
rconn, err = tls.Dial("tcp", s.Target, s.TLSConfigTarget)
}
if err != nil {
return
}
// write to dst what it reads from src
var pipe = func(src, dst net.Conn, filter func(b *[]byte)) {
defer func() {
conn.Close()
rconn.Close()
}()
buff := make([]byte, 65535)
for {
n, err := src.Read(buff)
if err != nil {
log.Println(err)
return
}
b := buff[:n]
if filter != nil {
filter(&b)
}
_, err = dst.Write(b)
if err != nil {
log.Println(err)
return
}
}
}
go pipe(conn, rconn, s.ModifyRequest)
go pipe(rconn, conn, s.ModifyResponse)
}