search

metalbear-co / mirrord

Connect your local process and your cloud environment, and run local code in cloud conditions.
https://mirrord.dev
MIT License
3.77k stars 103 forks source link

Stolen connections interrupted when application closes sockets on steal mode. #1575

Open t4lz opened 1 year ago

t4lz commented 1 year ago

Bug Description

When the user application closes a listening socket, existing connected sockets accepted from that socket should continue.

However, once the agent receives a PortUnsubscribe it removes the iptables redirect, which interrupts existing connections.

This means for example that you cannot successfully run with mirrord on steal mode an application that listens on a socket, accepts one connection, and then closes the listening socket but keeps the connection.

Steps to Reproduce

cargo test -p tests traffic::steal::steal::close_socket_keep_connection::agent_2_Agent__Job -- --nocapture

Backtrace

No response

Relevant Logs

No response

Your operating system and version

macOS 13.4

Local process

python3

Local process version

No response

Additional Info

No response

eyalb181 commented 1 year ago

@t4lz Do we know of a real life scenario where this happens?

t4lz commented 1 year ago

@t4lz Do we know of a real life scenario where this happens?

There is the close_socket_keep_connection test that runs an application constructed to trigger this issue, but we don't know of a natural application in the wild that has this issue.