ProxyTCP proxies to a TCP connection between the origin service and cloudflared.
( ctx context.Context, conn connection.ReadWriteAcker, req *connection.TCPRequest, )
| 143 | |
| 144 | // ProxyTCP proxies to a TCP connection between the origin service and cloudflared. |
| 145 | func (p *Proxy) ProxyTCP( |
| 146 | ctx context.Context, |
| 147 | conn connection.ReadWriteAcker, |
| 148 | req *connection.TCPRequest, |
| 149 | ) error { |
| 150 | incrementTCPRequests() |
| 151 | defer decrementTCPConcurrentRequests() |
| 152 | |
| 153 | logger := newTCPLogger(p.log, req) |
| 154 | |
| 155 | // Try to start a new flow |
| 156 | if err := p.flowLimiter.Acquire(management.TCP.String()); err != nil { |
| 157 | logger.Warn().Msg("Too many concurrent flows being handled, rejecting tcp proxy") |
| 158 | return errors.Wrap(err, "failed to start tcp flow due to rate limiting") |
| 159 | } |
| 160 | defer p.flowLimiter.Release() |
| 161 | |
| 162 | serveCtx, cancel := context.WithCancel(ctx) |
| 163 | defer cancel() |
| 164 | |
| 165 | tracedCtx := tracing.NewTracedContext(serveCtx, req.CfTraceID, &logger) |
| 166 | logger.Debug().Msg("tcp proxy stream started") |
| 167 | |
| 168 | // Parse the destination into a netip.AddrPort |
| 169 | dest, err := netip.ParseAddrPort(req.Dest) |
| 170 | if err != nil { |
| 171 | logRequestError(&logger, err) |
| 172 | return err |
| 173 | } |
| 174 | |
| 175 | if err := p.proxyTCPStream(tracedCtx, conn, dest, p.originDialer, &logger); err != nil { |
| 176 | logRequestError(&logger, err) |
| 177 | return err |
| 178 | } |
| 179 | |
| 180 | logger.Debug().Msg("tcp proxy stream finished successfully") |
| 181 | |
| 182 | return nil |
| 183 | } |
| 184 | |
| 185 | // ProxyHTTPRequest proxies requests of underlying type http and websocket to the origin service. |
| 186 | func (p *Proxy) proxyHTTPRequest( |
nothing calls this directly
no test coverage detected