Documentation ¶
Index ¶
Constants ¶
const ( // ActionReject reject the connection ActionReject = iota // ActionAccept accept the connection ActionAccept )
Variables ¶
This section is empty.
Functions ¶
func ListenAndServe ¶
ListenAndServe listen and start proxying connections
func LoadRuleset ¶
LoadRuleset load the rule set supplied by configuration
Need to rejig this to return a list of errors as it will be a pain for larger rule sets.
Types ¶
type CurveID ¶
type CurveID uint16
CurveID is the type of a TLS identifier for an elliptic curve. See http://www.iana.org/assignments/tls-parameters/tls-parameters.xml#tls-parameters-8
type Rule ¶
type Rule struct { Name string Match string Action string Enabled bool // contains filtered or unexported fields }
Rule a filter rule for hosts
type Session ¶
Session state for a client
func (*Session) Start ¶
func (s *Session) Start()
Start processing data through the proxied connection
This will attempt to parse the SSL handshake client hello and retrieve the hostname out of the SNI attribute to use as the endpoint for connection.
It will pass this hostname to the rule matcher and take the action returned, or if nil is the result reject the connection.
type TLSHandler ¶
type TLSHandler struct { }
TLSHandler pulls apart and proxies TLS connections using the client hello SNI field.
func (*TLSHandler) ProxyConnection ¶
func (tlsh *TLSHandler) ProxyConnection(cin *net.TCPConn)
ProxyConnection proxy a TLS connection