diff --git a/cmd/zrok/accessPrivate.go b/cmd/zrok/accessPrivate.go index 8c106b84..df2f33f4 100644 --- a/cmd/zrok/accessPrivate.go +++ b/cmd/zrok/accessPrivate.go @@ -7,6 +7,7 @@ import ( "github.com/openziti/zrok/endpoints" "github.com/openziti/zrok/endpoints/proxy" "github.com/openziti/zrok/endpoints/tcpTunnel" + "github.com/openziti/zrok/endpoints/udpTunnel" "github.com/openziti/zrok/rest_client_zrok" "github.com/openziti/zrok/rest_client_zrok/share" "github.com/openziti/zrok/rest_model_zrok" @@ -18,6 +19,7 @@ import ( "os" "os/signal" "syscall" + "time" ) var accessPrivateCmd *accessPrivateCommand @@ -84,6 +86,8 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) { switch accessResp.Payload.BackendMode { case "tcpTunnel": protocol = "tcp://" + case "udpTunnel": + protocol = "udp://" } endpointUrl, err := url.Parse(protocol + cmd.bindAddress) @@ -95,7 +99,8 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) { } requests := make(chan *endpoints.Request, 1024) - if accessResp.Payload.BackendMode == "tcpTunnel" { + switch accessResp.Payload.BackendMode { + case "tcpTunnel": fe, err := tcpTunnel.NewFrontend(&tcpTunnel.FrontendConfig{ BindAddress: cmd.bindAddress, IdentityName: "backend", @@ -116,7 +121,31 @@ func (cmd *accessPrivateCommand) run(_ *cobra.Command, args []string) { panic(err) } }() - } else { + + case "udpTunnel": + fe, err := udpTunnel.NewFrontend(&udpTunnel.FrontendConfig{ + BindAddress: cmd.bindAddress, + IdentityName: "backend", + ShrToken: args[0], + RequestsChan: requests, + IdleTime: time.Minute, + }) + if err != nil { + if !panicInstead { + tui.Error("unable to create private frontend", err) + } + panic(err) + } + go func() { + if err := fe.Run(); err != nil { + if !panicInstead { + tui.Error("error starting frontend", err) + } + panic(err) + } + }() + + default: cfg := proxy.DefaultFrontendConfig("backend") cfg.ShrToken = shrToken cfg.Address = cmd.bindAddress diff --git a/cmd/zrok/sharePrivate.go b/cmd/zrok/sharePrivate.go index 3d32a4b5..d0bf392e 100644 --- a/cmd/zrok/sharePrivate.go +++ b/cmd/zrok/sharePrivate.go @@ -8,6 +8,7 @@ import ( "github.com/openziti/zrok/endpoints" "github.com/openziti/zrok/endpoints/proxy" "github.com/openziti/zrok/endpoints/tcpTunnel" + "github.com/openziti/zrok/endpoints/udpTunnel" "github.com/openziti/zrok/model" "github.com/openziti/zrok/rest_client_zrok" "github.com/openziti/zrok/rest_client_zrok/share" @@ -43,7 +44,7 @@ func newSharePrivateCommand() *sharePrivateCommand { } command := &sharePrivateCommand{cmd: cmd} cmd.Flags().StringArrayVar(&command.basicAuth, "basic-auth", []string{}, "Basic authentication users (,...") - cmd.Flags().StringVar(&command.backendMode, "backend-mode", "proxy", "The backend mode {proxy, web, tcpTunnel}") + cmd.Flags().StringVar(&command.backendMode, "backend-mode", "proxy", "The backend mode {proxy, web, tcpTunnel, udpTunnel}") cmd.Flags().BoolVar(&command.headless, "headless", false, "Disable TUI and run headless") cmd.Flags().BoolVar(&command.insecure, "insecure", false, "Enable insecure TLS certificate validation for ") cmd.Run = command.run @@ -70,6 +71,9 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) { case "tcpTunnel": target = args[0] + case "udpTunnel": + target = args[0] + default: tui.Error(fmt.Sprintf("invalid backend mode '%v'; expected {proxy, web, tcpTunnel}", cmd.backendMode), nil) } @@ -192,6 +196,26 @@ func (cmd *sharePrivateCommand) run(_ *cobra.Command, args []string) { } }() + case "udpTunnel": + cfg := &udpTunnel.BackendConfig{ + IdentityPath: zif, + EndpointAddress: target, + ShrToken: resp.Payload.ShrToken, + RequestsChan: requestsChan, + } + be, err := udpTunnel.NewBackend(cfg) + if err != nil { + if !panicInstead { + tui.Error("unable to create tcpTunnel backend", err) + } + panic(err) + } + go func() { + if err := be.Run(); err != nil { + logrus.Errorf("error running tcpTunnel backend: %v", err) + } + }() + default: tui.Error("invalid backend mode", nil) }