fix selecting wrong port on remote docker provide

0.4.4

.github/workflows/docker-image.yml

@@ -0,0 +1,14 @@
+name: Docker Image CI
+
+on:
+  push:
+    tags:
+      - "*"
+jobs:
+  build_and_push:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Build and Push Container to ghcr.io
+        uses: GlueOps/github-actions-build-push-containers@v0.3.7
+        with:
+          tags: latest,${{ github.ref_name }}

.github/workflows/go.yml

@@ -0,0 +1,30 @@
+# This workflow will build a golang project
+# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go
+
+name: Go
+
+on:
+  push:
+    tags:
+      - "*"
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Set up Go
+        uses: actions/setup-go@v4
+        with:
+          go-version: "1.22.1"
+
+      - name: Build
+        run: make build
+
+      - name: Release
+        uses: softprops/action-gh-release@v2
+        with:
+          files: bin/go-proxy
+    #- name: Test
+    #  run: go test -v ./...

.gitignore

@@ -1,9 +1,8 @@
 compose.yml
 
-config/**
-
-bin/go-proxy.bak
-
+config/
+certs/
+bin/
 templates/codemirror/
 
 logs/

Dockerfile

@@ -1,17 +1,34 @@
+FROM alpine:latest AS codemirror
+RUN apk add --no-cache unzip wget make
+COPY Makefile .
+RUN make setup-codemirror
+
+FROM golang:1.22.1-alpine as builder
+COPY src/ /src
+COPY go.mod go.sum /src/go-proxy
+WORKDIR /src/go-proxy
+RUN --mount=type=cache,target="/go/pkg/mod" \
+    go mod download
+
+ENV GOCACHE=/root/.cache/go-build
+RUN --mount=type=cache,target="/go/pkg/mod" \
+    --mount=type=cache,target="/root/.cache/go-build" \
+    CGO_ENABLED=0 GOOS=linux go build -pgo=auto -o go-proxy
+
 FROM alpine:latest
 
 LABEL maintainer="yusing@6uo.me"
 
 RUN apk add --no-cache tzdata
-RUN mkdir /app
-COPY bin/go-proxy /app/
+RUN mkdir -p /app/templates
+COPY --from=codemirror templates/codemirror/ /app/templates/codemirror
 COPY templates/ /app/templates
 COPY schema/ /app/schema
+COPY --from=builder /src/go-proxy /app/
 
 RUN chmod +x /app/go-proxy
 ENV DOCKER_HOST unix:///var/run/docker.sock
 ENV GOPROXY_DEBUG 0
-ENV GOPROXY_REDIRECT_HTTP 1
 
 EXPOSE 80
 EXPOSE 8080

Makefile

@@ -6,12 +6,12 @@ setup:
 	mkdir -p config certs
 	[ -f config/config.yml ] || cp config.example.yml config/config.yml
 	[ -f config/providers.yml ] || touch config/providers.yml
-	[ -f compose.yml ] || cp compose.example.yml compose.yml
 
 setup-codemirror:
 	wget https://codemirror.net/5/codemirror.zip
 	unzip codemirror.zip
 	rm codemirror.zip
+	mkdir -p templates
 	mv codemirror-* templates/codemirror
 
 build:
@@ -36,6 +36,6 @@ udp-server:
 		-p 9999:9999/udp \
 		--label proxy.test-udp.scheme=udp \
 		--label proxy.test-udp.port=20003:9999 \
-		--network data_default \
+		--network host \
 		--name test-udp \
 		$$(docker build -q -f udp-test-server.Dockerfile .)

README.md

@@ -10,8 +10,6 @@ In the examples domain `x.y.z` is used, replace them with your domain
   - [Table of content](#table-of-content)
   - [Key Points](#key-points)
   - [How to use](#how-to-use)
-    - [Binary](#binary)
-    - [Docker](#docker)
   - [Command-line args](#command-line-args)
     - [Commands](#commands)
   - [Use JSON Schema in VSCode](#use-json-schema-in-vscode)
@@ -44,83 +42,30 @@ In the examples domain `x.y.z` is used, replace them with your domain
 - Subdomain matching + Path matching **(domain name doesn't matter)**
 - HTTP(s) proxy + TCP/UDP Proxy (UDP is _experimental_)
 - HTTP(s) round robin load balance support (same subdomain and path across different hosts)
-- Simple panel to see all reverse proxies and health available on port 8080 (http) and port 8443 (https)
+- Web UI on port 8080 (http) and port 8443 (https)
 
-  ![panel screenshot](screenshots/panel.png)
+  - a simple panel to see all reverse proxies and health
 
-- Config editor to edit config and provider files with validation
+    ![panel screenshot](screenshots/panel.png)
 
-  **Validate and save file with Ctrl+S**
+  - a config editor to edit config and provider files with validation
 
-  ![config editor screenshot](screenshots/config_editor.png)
+    **Validate and save file with Ctrl+S**
+
+    ![config editor screenshot](screenshots/config_editor.png)
 
 ## How to use
 
-1. Clone the repository `git clone https://github.com/yusing/go-proxy && cd go-proxy`
-
-2. Call `make setup` to init config file, provider file, and docker compose file
-
-3. Point your domain (i.e `y.z`) to your machine's IP address
+1. Setup DNS Records to your machine's IP address
 
    - A Record: `*.y.z` -> `10.0.10.1`
    - AAAA Record: `*.y.z` -> `::ffff:a00:a01`
 
-4. Start `go-proxy` (see [Binary](#binary) or [docker](#docker))
+2. Start `go-proxy` (see [Binary](docs/binary.md) or [docker](docs/docker.md))
 
-5. (Optional) `make setup-codemirror` in case you use the web config editor
-
-6. Start editing config files
-    - with text editor (i.e. Visual Studio Code)
-    - with web config editor by navigate to `ip:8080`
-
-### Binary
-
-1. (Optional) enabled HTTPS
-
-   - Use autocert feature by completing `autocert` in `config.yml`
-
-   - Use existing certificate
-
-     Prepare your wildcard (`*.y.z`) SSL cert in `certs/`
-
-     - cert / chain / fullchain: `certs/cert.crt`
-     - private key: `certs/priv.key`
-
-2. run the binary `bin/go-proxy`
-
-3. enjoy
-
-### Docker
-
-1. Copy content from [compose.example.yml](compose.example.yml) and create your own `compose.yml`
-
-2. Add networks to make sure it is in the same network with other containers, or make sure `proxy.<alias>.host` is reachable
-
-3. (Optional) enable HTTPS
-
-   - Use autocert feature by completing `autocert` section in `config/config.yml` and mount `certs/` to `/app/certs` in order to store obtained certs
-
-   - Use existing certificate by mount your wildcard (`*.y.z`) SSL cert
-
-     - cert / chain / fullchain -> `/app/certs/cert.crt`
-     - private key -> `/app/certs/priv.key`
-
-4. Start `go-proxy` with `docker compose up -d` or `make up`.
-
-5. (Optional) If you are using ufw with vpn that drop all inbound traffic except vpn, run below to allow docker containers to connect to `go-proxy`
-
-   In case the network of your container is in subnet `172.16.0.0/16` (bridge),
-   and vpn network is under `100.64.0.0/10` (i.e. tailscale)
-
-   `sudo ufw allow from 172.16.0.0/16 to 100.64.0.0/10`
-
-   You can also list CIDRs of all docker bridge networks by:
-
-   `docker network inspect $(docker network ls | awk '$3 == "bridge" { print $1}') | jq -r '.[] | .Name + " " + .IPAM.Config[0].Subnet' -`
-
-6. start your docker app, and visit <container_name>.y.z
-
-7. check the logs with `docker compose logs` or `make logs` to see if there is any error, check panel at [panel port] for active proxies
+3. Start editing config files
+   - with text editor (i.e. Visual Studio Code)
+   - or with web config editor by navigate to `ip:8080`
 
 ## Command-line args
 
@@ -130,7 +75,12 @@ In the examples domain `x.y.z` is used, replace them with your domain
 
 - empty: start proxy server
 - validate: validate config and exit
-- reload: force reload config and exit
+- reload: trigger a force reload of config
+
+Examples:
+
+- Binary: `go-proxy reload`
+- Docker: `docker exec -it go-proxy /app/go-proxy reload`
 
 ## Use JSON Schema in VSCode
 
@@ -165,7 +115,7 @@ See [compose.example.yml](compose.example.yml) for more
 
 - `proxy.*.<field>`: wildcard label for all aliases
 
-Below labels has a **`proxy.<alias>`** prefix (i.e. `proxy.nginx.scheme: http`)
+Below labels has a **`proxy.<alias>.`** prefix (i.e. `proxy.nginx.scheme: http`)
 
 - `scheme`: proxy protocol
   - default: `http`
@@ -201,7 +151,6 @@ Below labels has a **`proxy.<alias>`** prefix (i.e. `proxy.nginx.scheme: http`)
 ### Environment variables
 
 - `GOPROXY_DEBUG`: set to `1` or `true` to enable debug behaviors (i.e. output, etc.)
-- `GOPROXY_REDIRECT_HTTP`: set to `0` or `false` to disable http to https redirect (only when certs are located)
 
 ### Config File
 
@@ -226,7 +175,7 @@ See [config.example.yml](config.example.yml) for more
 
   values:
 
-  - `FROM_ENV`: value from environment
+  - `FROM_ENV`: value from environment (`DOCKER_HOST`)
   - full url to docker host (i.e. `tcp://host:2375`)
 
 - `file`: load reverse proxies from provider file
@@ -247,48 +196,12 @@ See [providers.example.yml](providers.example.yml) for examples
 
   Follow [this guide](https://cloudkul.com/blog/automcatic-renew-and-generate-ssl-on-your-website-using-lego-client/) to create a new token with `Zone.DNS` read and edit permissions
 
-To add more provider support (**CloudDNS** as an example):
-
-1. Fork this repo, modify [autocert.go](src/go-proxy/autocert.go#L305)
-
-   ```go
-   var providersGenMap = map[string]ProviderGenerator{
-     "cloudflare": providerGenerator(cloudflare.NewDefaultConfig, cloudflare.NewDNSProviderConfig),
-     // add here, i.e.
-     "clouddns": providerGenerator(clouddns.NewDefaultConfig, clouddns.NewDNSProviderConfig),
-   }
-   ```
-
-2. Go to [https://go-acme.github.io/lego/dns/clouddns](https://go-acme.github.io/lego/dns/clouddns/) and check for required config
-
-3. Build `go-proxy` with `make build`
-
-4. Set required config in `config.yml` `autocert` -> `options` section
-
-   ```shell
-   # From https://go-acme.github.io/lego/dns/clouddns/
-   CLOUDDNS_CLIENT_ID=bLsdFAks23429841238feb177a572aX \
-   CLOUDDNS_EMAIL=you@example.com \
-   CLOUDDNS_PASSWORD=b9841238feb177a84330f \
-   lego --email you@example.com --dns clouddns --domains my.example.org run
-   ```
-
-   Should turn into:
-
-   ```yaml
-   autocert:
-     ...
-     options:
-       client_id: bLsdFAks23429841238feb177a572aX
-       email: you@example.com
-       password: b9841238feb177a84330f
-   ```
-
-5. Run and test if it works
-6. Commit and create pull request
+To add more provider support, see [this](docs/add_dns_provider.md)
 
 ## Examples
 
+See [docker.md](docs/docker.md#docker-compose-example) for complete examples
+
 ### Single port configuration example
 
 ```yaml
@@ -345,7 +258,7 @@ go-proxy:
   ports:
     - 80:80
     ...
-    - 20000:20000/tcp
+    - <your desired port>:20000/tcp
     # or 20000-20010:20000-20010/tcp to declare large range at once
 
 # access app-db via <*>.y.z:20000
@@ -476,7 +389,7 @@ Local benchmark (client running wrk and `go-proxy` server are under same proxmox
 
 ## Known issues
 
-None
+UDP proxy does not work for PalWorld Dedicated Server
 
 ## Memory usage
 

compose.example.yml

@@ -1,18 +1,15 @@
 version: '3'
 services:
   app:
-    build: .
+    image: ghcr.io/yusing/go-proxy:latest
     container_name: go-proxy
     restart: always
     networks: # ^also add here
       - default
-    # environment:
-      # - GOPROXY_DEBUG=1 # (optional, enable only for debug)
-      # - GOPROXY_REDIRECT_HTTP=0 # (optional, uncomment to disable http redirect (http -> https))
     ports:
-      - 80:80 # http
-      # - 443:443 # optional, https
+      - 80:80 # http proxy
       - 8080:8080 # http panel
+      # - 443:443 # optional, https proxy
       # - 8443:8443 # optional, https panel
 
       # optional, if you declared any tcp/udp proxy, set a range you want to use

docs/add_dns_provider.md

@@ -0,0 +1,41 @@
+# Adding provider support
+
+## **CloudDNS** as an example
+
+1. Fork this repo, modify [autocert.go](../src/go-proxy/autocert.go#L305)
+
+   ```go
+   var providersGenMap = map[string]ProviderGenerator{
+     "cloudflare": providerGenerator(cloudflare.NewDefaultConfig, cloudflare.NewDNSProviderConfig),
+     // add here, i.e.
+     "clouddns": providerGenerator(clouddns.NewDefaultConfig, clouddns.NewDNSProviderConfig),
+   }
+   ```
+
+2. Go to [https://go-acme.github.io/lego/dns/clouddns](https://go-acme.github.io/lego/dns/clouddns/) and check for required config
+
+3. Build `go-proxy` with `make build`
+
+4. Set required config in `config.yml` `autocert` -> `options` section
+
+   ```shell
+   # From https://go-acme.github.io/lego/dns/clouddns/
+   CLOUDDNS_CLIENT_ID=bLsdFAks23429841238feb177a572aX \
+   CLOUDDNS_EMAIL=you@example.com \
+   CLOUDDNS_PASSWORD=b9841238feb177a84330f \
+   lego --email you@example.com --dns clouddns --domains my.example.org run
+   ```
+
+   Should turn into:
+
+   ```yaml
+   autocert:
+     ...
+     options:
+       client_id: bLsdFAks23429841238feb177a572aX
+       email: you@example.com
+       password: b9841238feb177a84330f
+   ```
+
+5. Run and test if it works
+6. Commit and create pull request

docs/binary.md

@@ -0,0 +1,59 @@
+# Getting started with `go-proxy` (binary)
+
+## Setup
+
+1. Install `bash`, `make` and `wget` if not already
+
+2. Run setup script
+
+   To specitfy a version _(optional)_
+
+   ```shell
+   export VERSION=latest # will be resolved into real version number
+   export VERSION=<version>
+   ```
+
+   If you don't need web config editor
+
+   ```shell
+   export SETUP_CODEMIRROR=0
+   ```
+
+   Setup
+
+   ```shell
+   wget -qO- https://6uo.me/go-proxy-setup-binary | sudo bash
+   ```
+
+   What it does:
+
+   - Download source file and binary into /opt/go-proxy/$VERSION
+   - Setup `config.yml` and `providers.yml`
+   - Setup `template/codemirror` which is a dependency for web config editor
+   - Create a systemd service (if available) in `/etc/systemd/system/go-proxy.service`
+   - Enable and start `go-proxy` service
+
+3. Start editing config files in `http://<ip>:8080`
+
+4. Check logs / status with `systemctl status go-proxy`
+
+## Setup (alternative method)
+
+1. Download the latest release and extract somewhere
+
+2. Run `make setup` and _(optional) `make setup-codemirror`_
+
+3. Enable HTTPS _(optional)_
+
+   - To use autocert feature
+
+     complete `autocert` in `config/config.yml`
+
+   - To use existing certificate
+
+     Prepare your wildcard (`*.y.z`) SSL cert in `certs/`
+
+     - cert / chain / fullchain: `certs/cert.crt`
+     - private key: `certs/priv.key`
+
+4. Run the binary `bin/go-proxy`

docs/docker.md

@@ -0,0 +1,124 @@
+# Getting started with `go-proxy` docker container
+
+## Setup
+
+1. Install `wget` if not already
+
+2. Run setup script
+
+   `bash <(wget -qO- https://6uo.me/go-proxy-setup-docker)`
+
+   What it does:
+
+   - Create required directories
+   - Setup `config.yml` and `compose.yml`
+
+3. Verify folder structure and then `cd go-proxy`
+
+    ```plain
+    go-proxy
+    ├── certs
+    ├── compose.yml
+    └── config
+        ├── config.yml
+        └── providers.yml
+    ```
+
+4. Enable HTTPs _(optional)_
+   - To use autocert feature
+     - completing `autocert` section in `config/config.yml`
+     - mount `certs/` to `/app/certs` to store obtained certs
+
+   - To use existing certificate
+
+     mount your wildcard (`*.y.z`) SSL cert
+
+     - cert / chain / fullchain -> `/app/certs/cert.crt`
+     - private key -> `/app/certs/priv.key`
+
+5. Modify `compose.yml` fit your needs
+
+    Add networks to make sure it is in the same network with other containers, or make sure `proxy.<alias>.host` is reachable
+
+6. Run `docker compose up -d` to start the container
+
+7. Start editing config files in `http://<ip>:8080`
+
+## Troubleshooting
+
+- Firewall issues
+
+    If you are using `ufw` with vpn that drop all inbound traffic except vpn, run below:
+
+    `sudo ufw allow from 172.16.0.0/16 to 100.64.0.0/10`
+
+    Explaination:
+
+    Docker network is usually `172.16.0.0/16`
+
+    Tailscale is used as an example, `100.64.0.0/10` will be the CIDR
+
+    You can also list CIDRs of all docker bridge networks by:
+
+    `docker network inspect $(docker network ls | awk '$3 == "bridge" { print $1}') | jq -r '.[] | .Name + " " + .IPAM.Config[0].Subnet' -`
+
+## Docker compose example
+
+```yaml
+volumes:
+  adg-work:
+  adg-conf:
+  mc-data:
+services:
+    adg:
+        image: adguard/adguardhome
+        restart: unless-stopped
+        labels:
+        - proxy.aliases=adg,adg-dns,adg-setup
+        - proxy.adg.port=80
+        - proxy.adg-setup.port=3000
+        - proxy.adg-dns.scheme=udp
+        - proxy.adg-dns.port=20000:dns
+        volumes:
+        - adg-work:/opt/adguardhome/work
+        - adg-conf:/opt/adguardhome/conf
+    mc:
+        image: itzg/minecraft-server
+        tty: true
+        stdin_open: true
+        container_name: mc
+        restart: unless-stopped
+        labels:
+        - proxy.mc.scheme=tcp
+        - proxy.mc.port=20001:25565
+        environment:
+        EULA: "TRUE"
+        volumes:
+        - mc-data:/data
+    go-proxy:
+        image: ghcr.io/yusing/go-proxy
+        container_name: go-proxy
+        restart: always
+        ports:
+        - 80:80 # http
+        - 443:443 # optional, https
+        - 8080:8080 # http panel
+        - 8443:8443 # optional, https panel
+
+        - 53:20000/udp # adguardhome
+        - 25565:20001/tcp # minecraft
+        volumes:
+        - ./config:/app/config
+        - /var/run/docker.sock:/var/run/docker.sock:ro
+        labels:
+        - proxy.aliases=gp
+        - proxy.panel.port=8080
+```
+
+### Services URLs
+
+- `gp.yourdomain.com`: go-proxy web panel
+- `adg-setup.yourdomain.com`: adguard setup (first time running)
+- `adg.yourdomain.com`: adguard dashboard
+- `yourdomain.com:53`: adguard dns
+- `yourdomain.com:25565`: minecraft server

go.mod

@@ -14,6 +14,7 @@ require (
 )
 
 require (
+	github.com/Azure/go-ansiterm v0.0.0-20210617225240-d185dfc1b5a1 // indirect
 	github.com/Microsoft/go-winio v0.6.1 // indirect
 	github.com/cenkalti/backoff/v4 v4.3.0 // indirect
 	github.com/cloudflare/cloudflare-go v0.92.0 // indirect
@@ -27,7 +28,9 @@ require (
 	github.com/go-logr/stdr v1.2.2 // indirect
 	github.com/goccy/go-json v0.10.2 // indirect
 	github.com/gogo/protobuf v1.3.2 // indirect
+	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
+	github.com/grpc-ecosystem/grpc-gateway/v2 v2.19.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
 	github.com/hashicorp/go-retryablehttp v0.7.5 // indirect
 	github.com/miekg/dns v1.1.58 // indirect
@@ -39,15 +42,21 @@ require (
 	github.com/pkg/errors v0.9.1 // indirect
 	go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.49.0 // indirect
 	go.opentelemetry.io/otel v1.24.0 // indirect
+	go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.24.0 // indirect
 	go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.24.0 // indirect
 	go.opentelemetry.io/otel/metric v1.24.0 // indirect
 	go.opentelemetry.io/otel/sdk v1.24.0 // indirect
 	go.opentelemetry.io/otel/trace v1.24.0 // indirect
+	go.opentelemetry.io/proto/otlp v1.1.0 // indirect
 	golang.org/x/crypto v0.21.0 // indirect
 	golang.org/x/mod v0.16.0 // indirect
 	golang.org/x/sys v0.18.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
 	golang.org/x/time v0.5.0 // indirect
 	golang.org/x/tools v0.19.0 // indirect
+	google.golang.org/genproto/googleapis/api v0.0.0-20240102182953-50ed04b92917 // indirect
+	google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 // indirect
+	google.golang.org/grpc v1.61.1 // indirect
+	google.golang.org/protobuf v1.32.0 // indirect
 	gotest.tools/v3 v3.5.1 // indirect
 )

go.sum

@@ -40,9 +40,11 @@ github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
 github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
 github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q=
+github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
 github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
 github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
 github.com/google/go-cmp v0.5.2/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
+github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
 github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-querystring v1.1.0 h1:AnCroh3fv4ZBgVIf1Iwtovgjaw/GiKJo8M8yD/fhyJ8=
@@ -134,6 +136,7 @@ golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210616094352-59db8d763f22/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
 golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
@@ -160,6 +163,8 @@ google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917 h1:
 google.golang.org/genproto/googleapis/rpc v0.0.0-20240102182953-50ed04b92917/go.mod h1:xtjpI3tXFPP051KaWnhvxkiubL/6dJ18vLVf7q2pTOU=
 google.golang.org/grpc v1.61.1 h1:kLAiWrZs7YeDM6MumDe7m3y4aM6wacLzM1Y/wiLP9XY=
 google.golang.org/grpc v1.61.1/go.mod h1:VUbo7IFqmF1QtCAstipjG0GIoq49KvMe9+h1jFLBNJs=
+google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
+google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 google.golang.org/protobuf v1.32.0 h1:pPC6BG5ex8PDFnkbrGU3EixyhKcQ2aDuBS36lqK/C7I=
 google.golang.org/protobuf v1.32.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=

setup-binary.sh

@@ -0,0 +1,114 @@
+#!/bin/bash
+set -e
+REPO_URL=https://github.com/yusing/go-proxy
+BIN_URL="${REPO_URL}/releases/download/${VERSION}/go-proxy"
+SRC_URL="${REPO_URL}/archive/refs/tags/${VERSION}.tar.gz"
+APP_ROOT="/opt/go-proxy/${VERSION}"
+LOG_FILE="/tmp/go-proxy-setup.log"
+
+if [ -z "$VERSION" ] || [ "$VERSION" = "latest" ]; then
+    VERSION_URL="${REPO_URL}/raw/main/version.txt"
+    VERSION=$(wget -qO- "$VERSION_URL")
+fi
+
+if [ -d "$APP_ROOT" ]; then
+    echo "$APP_ROOT already exists"
+    exit 1
+fi
+
+# check if wget exists
+if ! [ -x "$(command -v wget)" ]; then
+    echo "wget is not installed"
+    exit 1
+fi
+
+# check if make exists
+if ! [ -x "$(command -v make)" ]; then
+    echo "make is not installed"
+    exit 1
+fi
+
+dl_source() {
+    cd /tmp
+    echo "Downloading go-proxy source ${VERSION}"
+    wget -c "${SRC_URL}" -O go-proxy.tar.gz &> $LOG_FILE
+    if [ $? -gt 0 ]; then
+        echo "Source download failed, check your internet connection and version number"
+        exit 1
+    fi
+    echo "Done"
+    echo "Extracting go-proxy source ${VERSION}"
+    tar xzf go-proxy.tar.gz &> $LOG_FILE
+    if [ $? -gt 0 ]; then
+        echo "failed to untar go-proxy.tar.gz"
+        exit 1
+    fi
+    rm go-proxy.tar.gz
+    mkdir -p "$(dirname "${APP_ROOT}")"
+    mv "go-proxy-${VERSION}" "$APP_ROOT"
+    cd "$APP_ROOT"
+    echo "Done"
+}
+dl_binary() {
+    mkdir -p bin
+    echo "Downloading go-proxy binary ${VERSION}"
+    wget -c "${BIN_URL}" -O bin/go-proxy &> $LOG_FILE
+    if [ $? -gt 0 ]; then
+        echo "Binary download failed, check your internet connection and version number"
+        exit 1
+    fi
+    chmod +x bin/go-proxy
+    echo "Done"
+}
+setup() {
+    make setup &> $LOG_FILE
+    if [ $? -gt 0 ]; then
+        echo "make setup failed"
+        exit 1
+    fi
+    # SETUP_CODEMIRROR = 1
+    if [ "$SETUP_CODEMIRROR" != "0" ]; then
+        make setup-codemirror &> $LOG_FILE || echo "make setup-codemirror failed, ignored"
+    fi
+}
+
+dl_source
+dl_binary
+setup
+
+# setup systemd
+
+# check if systemctl exists
+if ! command -v systemctl is-system-running > /dev/null 2>&1; then
+    echo "systemctl not found, skipping systemd setup"
+    exit 0
+fi
+systemctl_failed() {
+    echo "Failed to enable and start go-proxy"
+    systemctl status go-proxy
+    exit 1
+}
+echo "Setting up systemd service"
+cat <<EOF > /etc/systemd/system/go-proxy.service
+[Unit]
+Description=go-proxy reverse proxy
+After=network-online.target
+Wants=network-online.target systemd-networkd-wait-online.service
+[Service]
+Type=simple
+ExecStart=${APP_ROOT}/bin/go-proxy
+WorkingDirectory=${APP_ROOT}
+Environment="IS_SYSTEMD=1"
+Restart=on-failure
+RestartSec=1s
+KillMode=process
+KillSignal=SIGINT
+TimeoutStartSec=5s
+TimeoutStopSec=5s
+[Install]
+WantedBy=multi-user.target
+EOF
+systemctl daemon-reload &>$LOG_FILE || systemctl_failed
+systemctl enable --now go-proxy &>$LOG_FILE || systemctl_failed
+echo "Done"
+echo "Setup complete"

setup-docker.sh

@@ -0,0 +1,14 @@
+#!/bin/sh
+
+set -e
+if [ -z "$BRANCH" ]; then
+    BRANCH="main"
+fi
+BASE_URL="https://github.com/yusing/go-proxy/raw/${BRANCH}"
+mkdir -p go-proxy
+cd go-proxy
+mkdir -p config
+mkdir -p certs
+[ -f compose.yml ] || wget -cO - ${BASE_URL}/compose.example.yml > compose.yml
+[ -f config/config.yml ] || wget -cO - ${BASE_URL}/config.example.yml > config/config.yml
+[ -f config/providers.yml ] || touch config/providers.yml

src/go-proxy/constants.go

@@ -175,3 +175,8 @@ var logLevel = func() logrus.Level {
 	}
 	return logrus.GetLevel()
 }()
+
+var isRunningAsService = func() bool {
+	v := os.Getenv("IS_SYSTEMD")
+	return v == "1"
+}()

src/go-proxy/docker_provider.go

@@ -61,7 +61,7 @@ func (p *Provider) getContainerProxyConfigs(container *types.Container, clientIP
 			}
 		}
 		if config.Port == "" {
-			config.Port = fmt.Sprintf("%d", selectPort(container))
+			config.Port = fmt.Sprintf("%d", selectPort(container, isRemote))
 		}
 		if config.Port == "0" {
 			l.Infof("no ports exposed, ignored")
@@ -196,8 +196,8 @@ func getImageName(c *types.Container) string {
 func getPublicPort(p types.Port) uint16  { return p.PublicPort }
 func getPrivatePort(p types.Port) uint16 { return p.PrivatePort }
 
-func selectPort(c *types.Container) uint16 {
-	if c.HostConfig.NetworkMode == "host" {
+func selectPort(c *types.Container, isRemote bool) uint16 {
+	if isRemote || c.HostConfig.NetworkMode == "host" {
 		return selectPortInternal(c, getPublicPort)
 	}
 	return selectPortInternal(c, getPrivatePort)

src/go-proxy/file_reader.go

@@ -1,23 +0,0 @@
-package main
-
-import "os"
-
-type Reader interface {
-	Read() ([]byte, error)
-}
-
-type FileReader struct {
-	Path string
-}
-
-func (r *FileReader) Read() ([]byte, error) {
-	return os.ReadFile(r.Path)
-}
-
-type ByteReader struct {
-	Data []byte
-}
-
-func (r *ByteReader) Read() ([]byte, error) {
-	return r.Data, nil
-}

src/go-proxy/io.go

@@ -2,13 +2,37 @@ package main
 
 import (
 	"context"
+	"errors"
+	"fmt"
 	"io"
-	"sync"
+	"os"
+	"sync/atomic"
 )
 
+type Reader interface {
+	Read() ([]byte, error)
+}
+
+type FileReader struct {
+	Path string
+}
+
+func (r *FileReader) Read() ([]byte, error) {
+	return os.ReadFile(r.Path)
+}
+
+type ByteReader struct {
+	Data []byte
+}
+
+func (r *ByteReader) Read() ([]byte, error) {
+	return r.Data, nil
+}
+
 type ReadCloser struct {
-	ctx context.Context
-	r   io.ReadCloser
+	ctx    context.Context
+	r      io.ReadCloser
+	closed atomic.Bool
 }
 
 func (r *ReadCloser) Read(p []byte) (int, error) {
@@ -21,13 +45,16 @@ func (r *ReadCloser) Read(p []byte) (int, error) {
 }
 
 func (r *ReadCloser) Close() error {
+	if r.closed.Load() {
+		return nil
+	}
+	r.closed.Store(true)
 	return r.r.Close()
 }
 
 type Pipe struct {
 	r      ReadCloser
 	w      io.WriteCloser
-	wg     sync.WaitGroup
 	ctx    context.Context
 	cancel context.CancelFunc
 }
@@ -35,32 +62,24 @@ type Pipe struct {
 func NewPipe(ctx context.Context, r io.ReadCloser, w io.WriteCloser) *Pipe {
 	ctx, cancel := context.WithCancel(ctx)
 	return &Pipe{
-		r:      ReadCloser{ctx, r},
+		r:      ReadCloser{ctx: ctx, r: r},
 		w:      w,
 		ctx:    ctx,
 		cancel: cancel,
 	}
 }
 
-func (p *Pipe) Start() {
-	p.wg.Add(1)
-	go func() {
-		Copy(p.ctx, p.w, &p.r)
-		p.wg.Done()
-	}()
+func (p *Pipe) Start() error {
+	return Copy(p.ctx, p.w, &p.r)
 }
 
-func (p *Pipe) Stop() {
+func (p *Pipe) Stop() error {
 	p.cancel()
-	p.wg.Wait()
+	return errors.Join(fmt.Errorf("read: %w", p.r.Close()), fmt.Errorf("write: %w", p.w.Close()))
 }
 
-func (p *Pipe) Close() (error, error) {
-	return p.r.Close(), p.w.Close()
-}
-
-func (p *Pipe) Wait() {
-	p.wg.Wait()
+func (p *Pipe) Write(b []byte) (int, error) {
+	return p.w.Write(b)
 }
 
 type BidirectionalPipe struct {
@@ -75,26 +94,34 @@ func NewBidirectionalPipe(ctx context.Context, rw1 io.ReadWriteCloser, rw2 io.Re
 	}
 }
 
-func (p *BidirectionalPipe) Start() {
-	p.pSrcDst.Start()
-	p.pDstSrc.Start()
+func NewBidirectionalPipeIntermediate(ctx context.Context, listener io.ReadCloser, client io.ReadWriteCloser, target io.ReadWriteCloser) *BidirectionalPipe {
+	return &BidirectionalPipe{
+		pSrcDst: *NewPipe(ctx, listener, client),
+		pDstSrc: *NewPipe(ctx, client, target),
+	}
 }
 
-func (p *BidirectionalPipe) Stop() {
-	p.pSrcDst.Stop()
-	p.pDstSrc.Stop()
+func (p *BidirectionalPipe) Start() error {
+	errCh := make(chan error, 2)
+	go func() {
+		errCh <- p.pSrcDst.Start()
+	}()
+	go func() {
+		errCh <- p.pDstSrc.Start()
+	}()
+	for err := range errCh {
+		if err != nil {
+			return err
+		}
+	}
+	return nil
 }
 
-func (p *BidirectionalPipe) Close() (error, error) {
-	return p.pSrcDst.Close()
-}
-
-func (p *BidirectionalPipe) Wait() {
-	p.pSrcDst.Wait()
-	p.pDstSrc.Wait()
+func (p *BidirectionalPipe) Stop() error {
+	return errors.Join(p.pSrcDst.Stop(), p.pDstSrc.Stop())
 }
 
 func Copy(ctx context.Context, dst io.WriteCloser, src io.ReadCloser) error {
-	_, err := io.Copy(dst, &ReadCloser{ctx, src})
+	_, err := io.Copy(dst, &ReadCloser{ctx: ctx, r: src})
 	return err
 }

src/go-proxy/main.go

@@ -19,12 +19,21 @@ func main() {
 
 	args := getArgs()
 
-	logrus.SetFormatter(&logrus.TextFormatter{
-		ForceColors:     true,
-		DisableColors:   false,
-		FullTimestamp:   true,
-		TimestampFormat: "01-02 15:04:05",
-	})
+	if isRunningAsService {
+		logrus.SetFormatter(&logrus.TextFormatter{
+			DisableColors:    true,
+			DisableTimestamp: true,
+			DisableSorting:   true,
+		})
+	} else {
+		logrus.SetFormatter(&logrus.TextFormatter{
+			ForceColors:     true,
+			DisableColors:   false,
+			DisableSorting:  true,
+			FullTimestamp:   true,
+			TimestampFormat: "01-02 15:04:05",
+		})
+	}
 
 	if args.Command == CommandReload {
 		err := utils.reloadServer()

src/go-proxy/route.go

@@ -15,7 +15,6 @@ func NewRoute(cfg *ProxyConfig) (Route, error) {
 		if err != nil {
 			return nil, NewNestedErrorFrom(err).Subject(cfg.Alias)
 		}
-		streamRoutes.Set(id, route)
 		return route, nil
 	} else {
 		httpRoutes.Ensure(cfg.Alias)

src/go-proxy/stream_route.go

@@ -83,6 +83,10 @@ func newStreamRouteBase(config *ProxyConfig) (*StreamRouteBase, error) {
 		dstScheme = config.Scheme
 	}
 
+	if srcScheme != dstScheme {
+		return nil, NewNestedError("unsupported").Subjectf("%v -> %v", srcScheme, dstScheme)
+	}
+
 	return &StreamRouteBase{
 		Alias:           config.Alias,
 		Type:            streamType,
@@ -106,14 +110,19 @@ func newStreamRouteBase(config *ProxyConfig) (*StreamRouteBase, error) {
 }
 
 func NewStreamRoute(config *ProxyConfig) (StreamRoute, error) {
+	base, err := newStreamRouteBase(config)
+	if err != nil {
+		return nil, err
+	}
 	switch config.Scheme {
 	case StreamType_TCP:
-		return NewTCPRoute(config)
+		base.StreamImpl = NewTCPRoute(base)
 	case StreamType_UDP:
-		return NewUDPRoute(config)
+		base.StreamImpl = NewUDPRoute(base)
 	default:
 		return nil, NewNestedError("invalid stream type").Subject(config.Scheme)
 	}
+	return base, nil
 }
 
 func (route *StreamRouteBase) ListeningUrl() string {
@@ -134,6 +143,7 @@ func (route *StreamRouteBase) Start() {
 		route.l.Errorf("failed to setup: %v", err)
 		return
 	}
+	streamRoutes.Set(route.id, route)
 	route.started = true
 	route.wg.Add(2)
 	go route.grAcceptConnections()

src/go-proxy/tcp_route.go

@@ -4,6 +4,7 @@ import (
 	"context"
 	"fmt"
 	"net"
+	"sync"
 	"time"
 )
 
@@ -14,21 +15,16 @@ type Pipes []*BidirectionalPipe
 type TCPRoute struct {
 	*StreamRouteBase
 	listener net.Listener
+	pipe     Pipes
+	mu       sync.Mutex
 }
 
-func NewTCPRoute(config *ProxyConfig) (StreamRoute, error) {
-	base, err := newStreamRouteBase(config)
-	if err != nil {
-		return nil, NewNestedErrorFrom(err).Subject(config.Alias)
-	}
-	if base.TargetScheme != StreamType_TCP {
-		return nil, NewNestedError("unsupported").Subjectf("tcp -> %s", base.TargetScheme)
-	}
-	base.StreamImpl = &TCPRoute{
+func NewTCPRoute(base *StreamRouteBase) StreamImpl {
+	return &TCPRoute{
 		StreamRouteBase: base,
 		listener:        nil,
+		pipe:            make(Pipes, 0),
 	}
-	return base, nil
 }
 
 func (route *TCPRoute) Setup() error {
@@ -44,11 +40,10 @@ func (route *TCPRoute) Accept() (interface{}, error) {
 	return route.listener.Accept()
 }
 
-func (route *TCPRoute) HandleConnection(c interface{}) error {
+func (route *TCPRoute) Handle(c interface{}) error {
 	clientConn := c.(net.Conn)
 
 	defer clientConn.Close()
-	defer route.wg.Done()
 
 	ctx, cancel := context.WithTimeout(context.Background(), tcpDialTimeout)
 	defer cancel()
@@ -66,11 +61,12 @@ func (route *TCPRoute) HandleConnection(c interface{}) error {
 		<-route.stopCh
 		pipeCancel()
 	}()
+
+	route.mu.Lock()
 	pipe := NewBidirectionalPipe(pipeCtx, clientConn, serverConn)
-	pipe.Start()
-	pipe.Wait()
-	pipe.Close()
-	return nil
+	route.pipe = append(route.pipe, pipe)
+	route.mu.Unlock()
+	return pipe.Start()
 }
 
 func (route *TCPRoute) CloseListeners() {
@@ -79,4 +75,9 @@ func (route *TCPRoute) CloseListeners() {
 	}
 	route.listener.Close()
 	route.listener = nil
+	for _, pipe := range route.pipe {
+		if err := pipe.Stop(); err != nil {
+			route.l.Error(err)
+		}
+	}
 }

src/go-proxy/udp_route.go

@@ -1,62 +1,55 @@
 package main
 
 import (
+	"context"
 	"fmt"
 	"io"
 	"net"
 	"sync"
-
-	"github.com/sirupsen/logrus"
 )
 
 type UDPRoute struct {
 	*StreamRouteBase
 
-	connMap      map[net.Addr]net.Conn
+	connMap      UDPConnMap
 	connMapMutex sync.Mutex
 
 	listeningConn *net.UDPConn
-	targetConn    *net.UDPConn
+	targetAddr    *net.UDPAddr
 }
 
 type UDPConn struct {
-	remoteAddr    net.Addr
-	buffer        []byte
-	bytesReceived []byte
-	nReceived     int
+	src *net.UDPConn
+	dst *net.UDPConn
+	*BidirectionalPipe
 }
 
-func NewUDPRoute(config *ProxyConfig) (StreamRoute, error) {
-	base, err := newStreamRouteBase(config)
-	if err != nil {
-		return nil, err
-	}
+type UDPConnMap map[net.Addr]*UDPConn
 
-	if base.TargetScheme != StreamType_UDP {
-		return nil, NewNestedError("unsupported").Subjectf("udp->%s", base.TargetScheme)
-	}
-
-	base.StreamImpl = &UDPRoute{
+func NewUDPRoute(base *StreamRouteBase) StreamImpl {
+	return &UDPRoute{
 		StreamRouteBase: base,
-		connMap:         make(map[net.Addr]net.Conn),
+		connMap:         make(UDPConnMap),
 	}
-	return base, nil
 }
 
 func (route *UDPRoute) Setup() error {
-	source, err := net.ListenPacket(route.ListeningScheme, fmt.Sprintf(":%v", route.ListeningPort))
+	laddr, err := net.ResolveUDPAddr(route.ListeningScheme, fmt.Sprintf(":%v", route.ListeningPort))
 	if err != nil {
 		return err
 	}
-
-	target, err := net.Dial(route.TargetScheme, fmt.Sprintf("%s:%v", route.TargetHost, route.TargetPort))
+	source, err := net.ListenUDP(route.ListeningScheme, laddr)
+	if err != nil {
+		return err
+	}
+	raddr, err := net.ResolveUDPAddr(route.TargetScheme, fmt.Sprintf("%s:%v", route.TargetHost, route.TargetPort))
 	if err != nil {
 		source.Close()
 		return err
 	}
 
-	route.listeningConn = source.(*net.UDPConn)
-	route.targetConn = target.(*net.UDPConn)
+	route.listeningConn = source
+	route.targetAddr = raddr
 	return nil
 }
 
@@ -74,71 +67,39 @@ func (route *UDPRoute) Accept() (interface{}, error) {
 		return nil, io.ErrShortBuffer
 	}
 
-	conn := &UDPConn{
-		remoteAddr:    srcAddr,
-		buffer:        buffer,
-		bytesReceived: buffer[:nRead],
-		nReceived:     nRead,
-	}
-	return conn, nil
-}
+	conn, ok := route.connMap[srcAddr]
 
-func (route *UDPRoute) HandleConnection(c interface{}) error {
-	var err error
-
-	conn := c.(*UDPConn)
-	srcConn, ok := route.connMap[conn.remoteAddr]
 	if !ok {
 		route.connMapMutex.Lock()
-		srcConn, err = net.DialUDP("udp", nil, conn.remoteAddr.(*net.UDPAddr))
+		srcConn, err := net.DialUDP("udp", nil, srcAddr)
 		if err != nil {
-			return err
+			return nil, err
 		}
-		route.connMap[conn.remoteAddr] = srcConn
+		dstConn, err := net.DialUDP("udp", nil, route.targetAddr)
+		if err != nil {
+			srcConn.Close()
+			return nil, err
+		}
+		pipeCtx, pipeCancel := context.WithCancel(context.Background())
+		go func() {
+			<-route.stopCh
+			pipeCancel()
+		}()
+		conn = &UDPConn{
+			srcConn,
+			dstConn,
+			NewBidirectionalPipe(pipeCtx, sourceRWCloser{in, dstConn}, sourceRWCloser{in, srcConn}),
+		}
+		route.connMap[srcAddr] = conn
 		route.connMapMutex.Unlock()
 	}
 
-	var forwarder func(*UDPConn, net.Conn) error
+	_, err = conn.dst.Write(buffer[:nRead])
+	return conn, err
+}
 
-	if logLevel == logrus.DebugLevel {
-		forwarder = route.forwardReceivedDebug
-	} else {
-		forwarder = route.forwardReceivedReal
-	}
-
-	// initiate connection to target
-	err = forwarder(conn, route.targetConn)
-	if err != nil {
-		return err
-	}
-
-	for {
-		select {
-		case <-route.stopCh:
-			return nil
-		default:
-			// receive from target
-			conn, err = route.readFrom(route.targetConn, conn.buffer)
-			if err != nil {
-				return err
-			}
-			// forward to source
-			err = forwarder(conn, srcConn)
-			if err != nil {
-				return err
-			}
-			// read from source
-			conn, err = route.readFrom(srcConn, conn.buffer)
-			if err != nil {
-				continue
-			}
-			// forward to target
-			err = forwarder(conn, route.targetConn)
-			if err != nil {
-				return err
-			}
-		}
-	}
+func (route *UDPRoute) Handle(c interface{}) error {
+	return c.(*UDPConn).Start()
 }
 
 func (route *UDPRoute) CloseListeners() {
@@ -146,50 +107,28 @@ func (route *UDPRoute) CloseListeners() {
 		route.listeningConn.Close()
 		route.listeningConn = nil
 	}
-	if route.targetConn != nil {
-		route.targetConn.Close()
-		route.targetConn = nil
-	}
 	for _, conn := range route.connMap {
-		conn.(*net.UDPConn).Close() // TODO: change on non udp target
+		if err := conn.dst.Close(); err != nil {
+			route.l.Error(err)
+		}
 	}
-	route.connMap = make(map[net.Addr]net.Conn)
+	route.connMap = make(UDPConnMap)
 }
 
-func (route *UDPRoute) readFrom(src net.Conn, buffer []byte) (*UDPConn, error) {
-	nRead, err := src.Read(buffer)
-
-	if err != nil {
-		return nil, err
-	}
-
-	if nRead == 0 {
-		return nil, io.ErrShortBuffer
-	}
-
-	return &UDPConn{
-		remoteAddr:    src.RemoteAddr(),
-		buffer:        buffer,
-		bytesReceived: buffer[:nRead],
-		nReceived:     nRead,
-	}, nil
+type sourceRWCloser struct {
+	server *net.UDPConn
+	target *net.UDPConn
 }
 
-func (route *UDPRoute) forwardReceivedReal(receivedConn *UDPConn, dest net.Conn) error {
-	nWritten, err := dest.Write(receivedConn.bytesReceived)
-
-	if nWritten != receivedConn.nReceived {
-		err = io.ErrShortWrite
-	}
-
-	return err
+func (w sourceRWCloser) Read(p []byte) (int, error) {
+	n, _, err := w.target.ReadFrom(p)
+	return n, err
 }
 
-func (route *UDPRoute) forwardReceivedDebug(receivedConn *UDPConn, dest net.Conn) error {
-	route.l.WithField("size", receivedConn.nReceived).Debugf(
-		"forwarding from %s to %s",
-		receivedConn.remoteAddr.String(),
-		dest.RemoteAddr().String(),
-	)
-	return route.forwardReceivedReal(receivedConn, dest)
+func (w sourceRWCloser) Write(p []byte) (int, error) {
+	return w.server.WriteToUDP(p, w.target.RemoteAddr().(*net.UDPAddr)) // TODO: support non udp
+}
+
+func (w sourceRWCloser) Close() error {
+	return w.target.Close()
 }

version.txt

@@ -0,0 +1 @@
+0.4.5