search

koding / tunnel

Tunnel proxy package in Go
BSD 3-Clause "New" or "Revised" License
322 stars 71 forks source link

Require port mapping to be explicit #3

Closed abh closed 9 years ago

abh commented 9 years ago

If I don't specify LocalAddr in the client then I get this error

2015-05-31 11:20:46 [tunnel-client] DEBUG    Dialing local server 127.0.0.1:
2015-05-31 11:20:46 [tunnel-client] DEBUG    Dialing local server(127.0.0.1:) failed: dial tcp: unknown port tcp/

However, I think you should make the LocalAddr required to be explicit. Since this is explicitly "punching holes in network security", having it be simple and explicit feels much safer.

If developers need something more dynamic, you could make an API where the client gets to choose LocalAddr on a per-request basis.

fatih commented 9 years ago

Actually we have fix for when the port is unknown:

https://github.com/koding/tunnel/blob/master/client.go#L319

It seems that it's something different. I'll add a better log to see what exactly you receive. The current way is documented that LocalAddr is optional, because the client should be able to proxy any machine. It's not a security hole though, because this provides a better UX.

foo.example.com, foo.example.com:3000, foo.example.com:8080, etc.. all will proxy to the respective ports on my localhost, which is the indented behavior and the right thing to do.

I'm working on the port fix now.

fatih commented 9 years ago

@abh any chance you test it with the latest master? Wonder if it's fixed for you?