tunnel

package

v0.32.0 Latest Latest Go to latest Published: Jan 26, 2026 License: Apache-2.0 Imports: 24 Imported by: 0

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/pomerium/cli

Links

Open Source Insights

Documentation ¶

Overview ¶

Package tunnel contains an implementation of a TCP tunnel via HTTP Connect.

Index ¶

func ParseURLs(destination string, pomeriumURL string) (destinationAddr string, proxyURL *url.URL, err error)
type EventSink
- func DiscardEvents() EventSink
- func LogEvents() EventSink
type Option
type TCPTunneler
type Tunnel
- func New(options ...Option) *Tunnel
type UDPDatagram
- func (d UDPDatagram) ContextID() uint64
- func (d UDPDatagram) Payload() []byte
type UDPDatagramReader
type UDPDatagramReaderWriter
type UDPDatagramWriter
type UDPTunneler

Constants ¶

This section is empty.

Variables ¶

This section is empty.

Functions ¶

func ParseURLs ¶

func ParseURLs(destination string, pomeriumURL string) (destinationAddr string, proxyURL *url.URL, err error)

ParseURLs parses tcp and udp URLs.

Types ¶

type EventSink ¶

type EventSink interface {
	// OnConnecting is called when listener is accepting a new connection from client
	OnConnecting(context.Context)
	// OnConnected is called when a connection is successfully
	// established to the remote destination via pomerium proxy
	OnConnected(context.Context)
	// OnAuthRequired is called after listener accepted a new connection from client,
	// but has to perform user authentication first
	OnAuthRequired(context.Context, string)
	// OnDisconnected is called when connection to client was closed
	OnDisconnected(context.Context, error)
}

EventSink is used to notify on the tunnel state transition

func DiscardEvents ¶

func DiscardEvents() EventSink

DiscardEvents returns an event sink that discards all events.

func LogEvents ¶

func LogEvents() EventSink

LogEvents returns an event sink that logs all events.

type Option ¶

type Option func(*config)

An Option modifies the config.

func WithBrowserCommand ¶

func WithBrowserCommand(browserCommand string) Option

WithBrowserCommand returns an option to configure the browser command.

func WithDestinationHost ¶

func WithDestinationHost(dstHost string) Option

WithDestinationHost returns an option to configure the destination host.

func WithJWTCache ¶

func WithJWTCache(jwtCache jwt.Cache) Option

WithJWTCache returns an option to configure the jwt cache.

func WithProxyHost ¶

func WithProxyHost(proxyHost string) Option

WithProxyHost returns an option to configure the proxy host.

func WithServiceAccount ¶

func WithServiceAccount(serviceAccount string) Option

WithServiceAccount sets the service account in the config.

func WithServiceAccountFile ¶

func WithServiceAccountFile(file string) Option

WithServiceAccountFile sets the service account file in the config.

func WithTLSConfig ¶

func WithTLSConfig(tlsConfig *tls.Config) Option

WithTLSConfig returns an option to configure the tls config.

type TCPTunneler ¶

type TCPTunneler interface {
	Name() string
	TunnelTCP(
		ctx context.Context,
		eventSink EventSink,
		local io.ReadWriter,
		rawJWT string,
	) error
}

A TCPTunneler tunnels TCP traffic.

type Tunnel ¶

type Tunnel struct {
	// contains filtered or unexported fields
}

A Tunnel represents a TCP tunnel over HTTP Connect.

func New ¶

func New(options ...Option) *Tunnel

New creates a new Tunnel.

func (*Tunnel) Run ¶

func (tun *Tunnel) Run(ctx context.Context, local io.ReadWriter, eventSink EventSink) error

Run establishes a TCP tunnel via HTTP Connect and forwards all traffic from/to local.

func (*Tunnel) RunListener ¶

func (tun *Tunnel) RunListener(ctx context.Context, listenerAddress string) error

RunListener runs a network listener on the given address. For each incoming connection a new TCP tunnel is established via Run.

func (*Tunnel) RunUDPListener ¶

func (tun *Tunnel) RunUDPListener(ctx context.Context, listenerAddress string) error

RunUDPListener runs the udp listener.

func (*Tunnel) RunUDPSessionManager ¶

func (tun *Tunnel) RunUDPSessionManager(ctx context.Context, conn *net.UDPConn, eventSink EventSink) error

RunUDPSessionManager runs the udp session manager.

type UDPDatagram ¶

type UDPDatagram struct {
	Addr netip.AddrPort
	// contains filtered or unexported fields
}

A UDPDatagram represents a udp datagram.

func (UDPDatagram) ContextID ¶

func (d UDPDatagram) ContextID() uint64

ContextID is the context id of a udp datagram.

func (UDPDatagram) Payload ¶

func (d UDPDatagram) Payload() []byte

Payload is the payload of a udp datagram.

type UDPDatagramReader ¶

type UDPDatagramReader interface {
	ReadDatagram(ctx context.Context) (UDPDatagram, error)
}

A UDPDatagramReader reads udp datagrams.

type UDPDatagramReaderWriter ¶

type UDPDatagramReaderWriter interface {
	UDPDatagramReader
	UDPDatagramWriter
}

A UDPDatagramReaderWriter reads and writes udp datagrams.

type UDPDatagramWriter ¶

type UDPDatagramWriter interface {
	WriteDatagram(ctx context.Context, datagram UDPDatagram) error
}

A UDPDatagramWriter writes udp datagrams.

type UDPTunneler ¶

type UDPTunneler interface {
	Name() string
	TunnelUDP(
		ctx context.Context,
		eventSink EventSink,
		local UDPDatagramReaderWriter,
		rawJWT string,
	) error
}

A UDPTunneler tunnels udp traffic.

Source Files ¶

View all Source files

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL