From 29a35d4a5d6cc723a25a3216af4bdd4fa8c40ff6 Mon Sep 17 00:00:00 2001 From: Denton Gentry Date: Fri, 25 Aug 2023 07:27:15 -0700 Subject: [PATCH] cmd/sniproxy: switch to peterbourgon/ff for flags Add support for TS_APPC_* variables to supply arguments by switching to https://github.com/peterbourgon/ff for CLI flag parsing. For example: TS_APPC_FORWARDS=tcp/22/github.com ./sniproxy Updates https://github.com/tailscale/tailscale/issues/1748 Signed-off-by: Denton Gentry --- cmd/sniproxy/sniproxy.go | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/cmd/sniproxy/sniproxy.go b/cmd/sniproxy/sniproxy.go index 04af9cd1b..1cbe6faaf 100644 --- a/cmd/sniproxy/sniproxy.go +++ b/cmd/sniproxy/sniproxy.go @@ -16,10 +16,12 @@ "log" "net" "net/http" + "os" "strconv" "strings" "time" + "github.com/peterbourgon/ff/v3" "golang.org/x/net/dns/dnsmessage" "inet.af/tcpproxy" "tailscale.com/client/tailscale" @@ -32,14 +34,6 @@ "tailscale.com/util/clientmetric" ) -var ( - ports = flag.String("ports", "443", "comma-separated list of ports to proxy") - forwards = flag.String("forwards", "", "comma-separated list of ports to transparently forward, protocol/number/destination. For example, --forwards=tcp/22/github.com,tcp/5432/sql.example.com") - wgPort = flag.Int("wg-listen-port", 0, "UDP port to listen on for WireGuard and peer-to-peer traffic; 0 means automatically select") - promoteHTTPS = flag.Bool("promote-https", true, "promote HTTP to HTTPS") - debugPort = flag.Int("debug-port", 8080, "Listening port for debug/metrics endpoint") -) - var tsMBox = dnsmessage.MustNewName("support.tailscale.com.") // portForward is the state for a single port forwarding entry, as passed to the --forward flag. @@ -74,7 +68,19 @@ func parseForward(value string) (*portForward, error) { } func main() { - flag.Parse() + fs := flag.NewFlagSet("sniproxy", flag.ContinueOnError) + var ( + ports = fs.String("ports", "443", "comma-separated list of ports to proxy") + forwards = fs.String("forwards", "", "comma-separated list of ports to transparently forward, protocol/number/destination. For example, --forwards=tcp/22/github.com,tcp/5432/sql.example.com") + wgPort = fs.Int("wg-listen-port", 0, "UDP port to listen on for WireGuard and peer-to-peer traffic; 0 means automatically select") + promoteHTTPS = fs.Bool("promote-https", true, "promote HTTP to HTTPS") + debugPort = fs.Int("debug-port", 8080, "Listening port for debug/metrics endpoint") + ) + + err := ff.Parse(fs, os.Args[1:], ff.WithEnvVarPrefix("TS_APPC")) + if err != nil { + log.Fatal("ff.Parse") + } if *ports == "" { log.Fatal("no ports") } @@ -126,7 +132,6 @@ func main() { }) go s.forward(ln, forw) - } ln, err := s.ts.Listen("udp", ":53")