Merge current v2.9 into v3.0

pkg/muxer/http/mux_test.go

@@ -36,6 +36,20 @@ func TestMuxer(t *testing.T) {
 			rule:          "Host(example.com)",
 			expectedError: true,
 		},
+		{
+			desc: "Host IPv4",
+			rule: "Host(`127.0.0.1`)",
+			expected: map[string]int{
+				"http://127.0.0.1/foo": http.StatusOK,
+			},
+		},
+		{
+			desc: "Host IPv6",
+			rule: "Host(`10::10`)",
+			expected: map[string]int{
+				"http://10::10/foo": http.StatusOK,
+			},
+		},
 		{
 			desc: "Host and PathPrefix",
 			rule: "Host(`localhost`) && PathPrefix(`/css`)",

pkg/muxer/tcp/matcher.go

@@ -67,7 +67,7 @@ func clientIP(tree *matchersTree, clientIP ...string) error {
 	return nil
 }
 
-var almostFQDN = regexp.MustCompile(`^[[:alnum:]\.-]+$`)
+var hostOrIP = regexp.MustCompile(`^[[:alnum:]\.\-\:]+$`)
 
 // hostSNI checks if the SNI Host of the connection match the matcher host.
 func hostSNI(tree *matchersTree, hosts ...string) error {
@@ -80,7 +80,7 @@ func hostSNI(tree *matchersTree, hosts ...string) error {
 		return nil
 	}
 
-	if !almostFQDN.MatchString(host) {
+	if !hostOrIP.MatchString(host) {
 		return fmt.Errorf("invalid value for HostSNI matcher, %q is not a valid hostname", host)
 	}
 

pkg/muxer/tcp/mux_test.go

@@ -250,6 +250,16 @@ func Test_addTCPRoute(t *testing.T) {
 			serverName: "example.com",
 			matchErr:   true,
 		},
+		{
+			desc:       "Matching IPv4",
+			rule:       "HostSNI(`127.0.0.1`)",
+			serverName: "127.0.0.1",
+		},
+		{
+			desc:       "Matching IPv6",
+			rule:       "HostSNI(`10::10`)",
+			serverName: "10::10",
+		},
 	}
 
 	for _, test := range testCases {
@@ -332,6 +342,16 @@ func TestParseHostSNI(t *testing.T) {
 			expression: "hostsni(`example.com`)",
 			domain:     []string{"example.com"},
 		},
+		{
+			desc:       "HostSNI IPv4",
+			expression: "HostSNI(`127.0.0.1`)",
+			domain:     []string{"127.0.0.1"},
+		},
+		{
+			desc:       "HostSNI IPv6",
+			expression: "HostSNI(`10::10`)",
+			domain:     []string{"10::10"},
+		},
 		{
 			desc:       "No hostSNI rule",
 			expression: "ClientIP(`10.1`)",

pkg/provider/ecs/ecs.go

@@ -320,6 +320,11 @@ func (p *Provider) listInstances(ctx context.Context, client *awsClient) ([]ecsI
 
 				var mach *machine
 				if len(task.Attachments) != 0 {
+					if len(container.NetworkInterfaces) == 0 {
+						logger.Error().Msgf("Skip container %s: no network interfaces", aws.StringValue(container.Name))
+						continue
+					}
+
 					var ports []portMapping
 					for _, mapping := range containerDefinition.PortMappings {
 						if mapping != nil {

pkg/tcp/proxy.go

@@ -38,14 +38,14 @@ func (p *Proxy) ServeTCP(conn WriteCloser) {
 	log.Debug().
 		Str("address", p.address).
 		Str("remoteAddr", conn.RemoteAddr().String()).
-		Msg("Handling connection")
+		Msg("Handling TCP connection")
 
 	// needed because of e.g. server.trackedConnection
 	defer conn.Close()
 
 	connBackend, err := p.dialBackend()
 	if err != nil {
-		log.Error().Err(err).Msg("Error while connecting to backend")
+		log.Error().Err(err).Msg("Error while dialing backend")
 		return
 	}
 
@@ -56,7 +56,7 @@ func (p *Proxy) ServeTCP(conn WriteCloser) {
 	if p.proxyProtocol != nil && p.proxyProtocol.Version > 0 && p.proxyProtocol.Version < 3 {
 		header := proxyproto.HeaderProxyFromAddrs(byte(p.proxyProtocol.Version), conn.RemoteAddr(), conn.LocalAddr())
 		if _, err := header.WriteTo(connBackend); err != nil {
-			log.Error().Err(err).Msg("Error while writing proxy protocol headers to backend connection")
+			log.Error().Err(err).Msg("Error while writing TCP proxy protocol headers to backend connection")
 			return
 		}
 	}
@@ -70,9 +70,9 @@ func (p *Proxy) ServeTCP(conn WriteCloser) {
 		// This allows to not report an RST packet sent by the peer as an error,
 		// as it is an abrupt but possible end for the TCP session
 		if isReadConnResetError(err) {
-			log.Debug().Err(err).Msg("Error during connection")
+			log.Debug().Err(err).Msg("Error while handling TCP connection")
 		} else {
-			log.Error().Err(err).Msg("Error during connection")
+			log.Error().Err(err).Msg("Error while handling TCP connection")
 		}
 	}
 
@@ -101,7 +101,7 @@ func (p Proxy) connCopy(dst, src WriteCloser, errCh chan error) {
 		// In that case, logging the error is superfluous,
 		// as in the first place we should not have needed to call CloseWrite.
 		if !isSocketNotConnectedError(errClose) {
-			log.Debug().Err(errClose).Msg("Error while terminating connection")
+			log.Debug().Err(errClose).Msg("Error while terminating TCP connection")
 		}
 
 		return
@@ -110,7 +110,7 @@ func (p Proxy) connCopy(dst, src WriteCloser, errCh chan error) {
 	if p.dialer.TerminationDelay() >= 0 {
 		err := dst.SetReadDeadline(time.Now().Add(p.dialer.TerminationDelay()))
 		if err != nil {
-			log.Debug().Err(err).Msg("Error while setting deadline")
+			log.Debug().Err(err).Msg("Error while setting TCP connection deadline")
 		}
 	}
 }

pkg/udp/proxy.go

@@ -20,14 +20,14 @@ func NewProxy(address string) (*Proxy, error) {
 
 // ServeUDP implements the Handler interface.
 func (p *Proxy) ServeUDP(conn *Conn) {
-	log.Debug().Msgf("Handling connection from %s to %s", conn.rAddr, p.target)
+	log.Debug().Msgf("Handling UDP stream from %s to %s", conn.rAddr, p.target)
 
 	// needed because of e.g. server.trackedConnection
 	defer conn.Close()
 
 	connBackend, err := net.Dial("udp", p.target)
 	if err != nil {
-		log.Error().Err(err).Msg("Error while connecting to backend")
+		log.Error().Err(err).Msg("Error while dialing backend")
 		return
 	}
 
@@ -40,7 +40,7 @@ func (p *Proxy) ServeUDP(conn *Conn) {
 
 	err = <-errChan
 	if err != nil {
-		log.Error().Err(err).Msg("Error while serving UDP")
+		log.Error().Err(err).Msg("Error while handling UDP stream")
 	}
 
 	<-errChan
@@ -55,6 +55,6 @@ func connCopy(dst io.WriteCloser, src io.Reader, errCh chan error) {
 	errCh <- err
 
 	if err := dst.Close(); err != nil {
-		log.Debug().Err(err).Msg("Error while terminating connection")
+		log.Debug().Err(err).Msg("Error while terminating UDP stream")
 	}
 }