filtertransport

package module

v0.0.0-...-bdd9e61 Latest Latest Go to latest Published: Mar 16, 2020 License: MIT Imports: 5 Imported by: 19

Details

Valid go.mod file
Redistributable license
Tagged version
Stable version
Learn more about best practices

Repository

github.com/wader/filtertransport

Links

Open Source Insights

README ¶

Filtering go http transport and proxy handler

Useful when you want to limit what clients can connect to. Default transport and proxy handler filters local, private and link local networks.

See client and proxy examples.

Known issues

Probably messes up IPv6 happy eyeballs

License

filtertransport is licensed under the MIT license. See LICENSE for the full license text.

Documentation ¶

Overview ¶

Package filtertransport implements filtering http transport and proxy handler

Index ¶

Variables
func DefaultFilter(addr net.TCPAddr) error
func FilterDial(ctx context.Context, network string, address string, filter FilterTCPAddrFn, ...) (net.Conn, error)
func FindIPNet(ipnets []net.IPNet, ip net.IP) bool
func MustParseCIDR(s string) net.IPNet
type DialFn
type FilterError
- func (e FilterError) Error() string
type FilterTCPAddrFn

Constants ¶

This section is empty.

Variables ¶

View Source

var DefaultFilteredNetworks = []net.IPNet{
	MustParseCIDR("10.0.0.0/8"),
	MustParseCIDR("172.16.0.0/12"),
	MustParseCIDR("192.168.0.0/16"),
	MustParseCIDR("127.0.0.0/8"),
	MustParseCIDR("0.0.0.0/8"),
	MustParseCIDR("169.254.0.0/16"),
	MustParseCIDR("192.0.0.0/24"),
	MustParseCIDR("192.0.2.0/24"),
	MustParseCIDR("198.51.100.0/24"),
	MustParseCIDR("203.0.113.0/24"),
	MustParseCIDR("192.88.99.0/24"),
	MustParseCIDR("192.18.0.0/15"),
	MustParseCIDR("224.0.0.0/4"),
	MustParseCIDR("240.0.0.0/4"),
	MustParseCIDR("255.255.255.255/32"),
	MustParseCIDR("100.64.0.0/10"),
	MustParseCIDR("::/128"),
	MustParseCIDR("::1/128"),
	MustParseCIDR("100::/64"),
	MustParseCIDR("2001::/23"),
	MustParseCIDR("2001:2::/48"),
	MustParseCIDR("2001:db8::/32"),
	MustParseCIDR("2001::/32"),
	MustParseCIDR("fc00::/7"),
	MustParseCIDR("fe80::/10"),
	MustParseCIDR("ff00::/8"),
	MustParseCIDR("2002::/16"),
}

DefaultFilteredNetworks net.IPNets that are loopback, private, link local, default unicast based on https://github.com/letsencrypt/boulder/blob/master/bdns/dns.go

View Source

var DefaultTransport = &http.Transport{

	DialContext: func(ctx context.Context, network, addr string) (net.Conn, error) {
		return FilterDial(ctx, network, addr, DefaultFilter, (&net.Dialer{
			Timeout:   30 * time.Second,
			KeepAlive: 30 * time.Second,
			DualStack: true,
		}).DialContext)
	},
	ForceAttemptHTTP2:     true,
	MaxIdleConns:          100,
	IdleConnTimeout:       90 * time.Second,
	TLSHandshakeTimeout:   10 * time.Second,
	ExpectContinueTimeout: 1 * time.Second,
}

DefaultTransport http.DefaultTransport that filters using DefaultFilter

Functions ¶

func DefaultFilter ¶

func DefaultFilter(addr net.TCPAddr) error

DefaultFilter filters DefaultFilteredNetworks

func FilterDial ¶

func FilterDial(ctx context.Context, network string, address string, filter FilterTCPAddrFn, dial DialFn) (net.Conn, error)

FilterDial http.Transport dial with filtering function

func FindIPNet ¶

func FindIPNet(ipnets []net.IPNet, ip net.IP) bool

FindIPNet true if any of the ipnets contains ip

func MustParseCIDR ¶

func MustParseCIDR(s string) net.IPNet

MustParseCIDR parses string into net.IPNet

Types ¶

type DialFn ¶

type DialFn func(ctx context.Context, network string, address string) (net.Conn, error)

DialFn http.Transport dial function

type FilterError ¶

type FilterError struct {
	net.TCPAddr
}

FilterError TCP address filtered error

func (FilterError) Error ¶

func (e FilterError) Error() string

type FilterTCPAddrFn ¶

type FilterTCPAddrFn func(addr net.TCPAddr) error

FilterTCPAddrFn function deciding if to filter

Source Files ¶

View all Source files

Directories ¶

Path	Synopsis
cmd
filterclient
filterproxy
proxy

?	: This menu
/	: Search site
f or F	: Jump to
y or Y	: Canonical URL