fix(logger): Replace raw console logging calls with structured logger usage across certificate management, connection handling, and route processing for improved observability.
This commit is contained in:
@ -1,5 +1,6 @@
|
||||
import * as plugins from '../../plugins.js';
|
||||
import type { IConnectionRecord, ISmartProxyOptions } from './models/interfaces.js';
|
||||
import { logger } from '../../core/utils/logger.js';
|
||||
// Route checking functions have been removed
|
||||
import type { IRouteConfig, IRouteAction, IRouteContext } from './models/route-types.js';
|
||||
import { ConnectionManager } from './connection-manager.js';
|
||||
@ -83,7 +84,7 @@ export class RouteConnectionHandler {
|
||||
// Validate IP against rate limits and connection limits
|
||||
const ipValidation = this.securityManager.validateIP(remoteIP);
|
||||
if (!ipValidation.allowed) {
|
||||
console.log(`Connection rejected from ${remoteIP}: ${ipValidation.reason}`);
|
||||
logger.log('warn', `Connection rejected`, { remoteIP, reason: ipValidation.reason, component: 'route-handler' });
|
||||
socket.end();
|
||||
socket.destroy();
|
||||
return;
|
||||
@ -114,21 +115,35 @@ export class RouteConnectionHandler {
|
||||
} catch (err) {
|
||||
// Ignore errors - these are optional enhancements
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(`[${connectionId}] Enhanced TCP keep-alive settings not supported: ${err}`);
|
||||
logger.log('warn', `Enhanced TCP keep-alive settings not supported`, { connectionId, error: err, component: 'route-handler' });
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] New connection from ${remoteIP} on port ${localPort}. ` +
|
||||
`Keep-Alive: ${record.hasKeepAlive ? 'Enabled' : 'Disabled'}. ` +
|
||||
`Active connections: ${this.connectionManager.getConnectionCount()}`
|
||||
logger.log('info',
|
||||
`New connection from ${remoteIP} on port ${localPort}. ` +
|
||||
`Keep-Alive: ${record.hasKeepAlive ? 'Enabled' : 'Disabled'}. ` +
|
||||
`Active connections: ${this.connectionManager.getConnectionCount()}`,
|
||||
{
|
||||
connectionId,
|
||||
remoteIP,
|
||||
localPort,
|
||||
keepAlive: record.hasKeepAlive ? 'Enabled' : 'Disabled',
|
||||
activeConnections: this.connectionManager.getConnectionCount(),
|
||||
component: 'route-handler'
|
||||
}
|
||||
);
|
||||
} else {
|
||||
console.log(
|
||||
`New connection from ${remoteIP} on port ${localPort}. Active connections: ${this.connectionManager.getConnectionCount()}`
|
||||
logger.log('info',
|
||||
`New connection from ${remoteIP} on port ${localPort}. Active connections: ${this.connectionManager.getConnectionCount()}`,
|
||||
{
|
||||
remoteIP,
|
||||
localPort,
|
||||
activeConnections: this.connectionManager.getConnectionCount(),
|
||||
component: 'route-handler'
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
@ -147,14 +162,20 @@ export class RouteConnectionHandler {
|
||||
// Set an initial timeout for handshake data
|
||||
let initialTimeout: NodeJS.Timeout | null = setTimeout(() => {
|
||||
if (!initialDataReceived) {
|
||||
console.log(
|
||||
`[${connectionId}] Initial data warning (${this.settings.initialDataTimeout}ms) for connection from ${record.remoteIP}`
|
||||
);
|
||||
logger.log('warn', `No initial data received from ${record.remoteIP} after ${this.settings.initialDataTimeout}ms for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
timeout: this.settings.initialDataTimeout,
|
||||
remoteIP: record.remoteIP,
|
||||
component: 'route-handler'
|
||||
});
|
||||
|
||||
// Add a grace period
|
||||
setTimeout(() => {
|
||||
if (!initialDataReceived) {
|
||||
console.log(`[${connectionId}] Final initial data timeout after grace period`);
|
||||
logger.log('warn', `Final initial data timeout after grace period for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
component: 'route-handler'
|
||||
});
|
||||
if (record.incomingTerminationReason === null) {
|
||||
record.incomingTerminationReason = 'initial_timeout';
|
||||
this.connectionManager.incrementTerminationStat('incoming', 'initial_timeout');
|
||||
@ -187,10 +208,11 @@ export class RouteConnectionHandler {
|
||||
|
||||
// Block non-TLS connections on port 443
|
||||
if (!this.tlsManager.isTlsHandshake(chunk) && localPort === 443) {
|
||||
console.log(
|
||||
`[${connectionId}] Non-TLS connection detected on port 443. ` +
|
||||
`Terminating connection - only TLS traffic is allowed on standard HTTPS port.`
|
||||
);
|
||||
logger.log('warn', `Non-TLS connection ${connectionId} detected on port 443. Terminating connection - only TLS traffic is allowed on standard HTTPS port.`, {
|
||||
connectionId,
|
||||
message: 'Terminating connection - only TLS traffic is allowed on standard HTTPS port.',
|
||||
component: 'route-handler'
|
||||
});
|
||||
if (record.incomingTerminationReason === null) {
|
||||
record.incomingTerminationReason = 'non_tls_blocked';
|
||||
this.connectionManager.incrementTerminationStat('incoming', 'non_tls_blocked');
|
||||
@ -223,7 +245,10 @@ export class RouteConnectionHandler {
|
||||
|
||||
// Check if we should reject connections without SNI
|
||||
if (!serverName && this.settings.allowSessionTicket === false) {
|
||||
console.log(`[${connectionId}] No SNI detected in TLS ClientHello; sending TLS alert.`);
|
||||
logger.log('warn', `No SNI detected in TLS ClientHello for connection ${connectionId}; sending TLS alert`, {
|
||||
connectionId,
|
||||
component: 'route-handler'
|
||||
});
|
||||
if (record.incomingTerminationReason === null) {
|
||||
record.incomingTerminationReason = 'session_ticket_blocked_no_sni';
|
||||
this.connectionManager.incrementTerminationStat(
|
||||
@ -245,7 +270,11 @@ export class RouteConnectionHandler {
|
||||
}
|
||||
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(`[${connectionId}] TLS connection with SNI: ${serverName || '(empty)'}`);
|
||||
logger.log('info', `TLS connection with SNI`, {
|
||||
connectionId,
|
||||
serverName: serverName || '(empty)',
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -278,12 +307,18 @@ export class RouteConnectionHandler {
|
||||
});
|
||||
|
||||
if (!routeMatch) {
|
||||
console.log(
|
||||
`[${connectionId}] No route found for ${serverName || 'connection'} on port ${localPort}`
|
||||
);
|
||||
logger.log('warn', `No route found for ${serverName || 'connection'} on port ${localPort} (connection: ${connectionId})`, {
|
||||
connectionId,
|
||||
serverName: serverName || 'connection',
|
||||
localPort,
|
||||
component: 'route-handler'
|
||||
});
|
||||
|
||||
// No matching route, use default/fallback handling
|
||||
console.log(`[${connectionId}] Using default route handling for connection`);
|
||||
logger.log('info', `Using default route handling for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
component: 'route-handler'
|
||||
});
|
||||
|
||||
// Check default security settings
|
||||
const defaultSecuritySettings = this.settings.defaults?.security;
|
||||
@ -296,7 +331,11 @@ export class RouteConnectionHandler {
|
||||
);
|
||||
|
||||
if (!isAllowed) {
|
||||
console.log(`[${connectionId}] IP ${remoteIP} not in default allowed list`);
|
||||
logger.log('warn', `IP ${remoteIP} not in default allowed list for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
remoteIP,
|
||||
component: 'route-handler'
|
||||
});
|
||||
socket.end();
|
||||
this.connectionManager.cleanupConnection(record, 'ip_blocked');
|
||||
return;
|
||||
@ -321,7 +360,10 @@ export class RouteConnectionHandler {
|
||||
);
|
||||
} else {
|
||||
// No default target available, terminate the connection
|
||||
console.log(`[${connectionId}] No default target configured. Closing connection.`);
|
||||
logger.log('warn', `No default target configured for connection ${connectionId}. Closing connection`, {
|
||||
connectionId,
|
||||
component: 'route-handler'
|
||||
});
|
||||
socket.end();
|
||||
this.connectionManager.cleanupConnection(record, 'no_default_target');
|
||||
return;
|
||||
@ -332,11 +374,13 @@ export class RouteConnectionHandler {
|
||||
const route = routeMatch.route;
|
||||
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] Route matched: "${route.name || 'unnamed'}" for ${
|
||||
serverName || 'connection'
|
||||
} on port ${localPort}`
|
||||
);
|
||||
logger.log('info', `Route matched`, {
|
||||
connectionId,
|
||||
routeName: route.name || 'unnamed',
|
||||
serverName: serverName || 'connection',
|
||||
localPort,
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
|
||||
|
||||
@ -356,7 +400,11 @@ export class RouteConnectionHandler {
|
||||
return;
|
||||
|
||||
default:
|
||||
console.log(`[${connectionId}] Unknown action type: ${(route.action as any).type}`);
|
||||
logger.log('error', `Unknown action type '${(route.action as any).type}' for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
actionType: (route.action as any).type,
|
||||
component: 'route-handler'
|
||||
});
|
||||
socket.end();
|
||||
this.connectionManager.cleanupConnection(record, 'unknown_action');
|
||||
}
|
||||
@ -381,30 +429,36 @@ export class RouteConnectionHandler {
|
||||
|
||||
// Log the connection for monitoring purposes
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${record.id}] NFTables forwarding (kernel-level): ` +
|
||||
`${record.remoteIP}:${socket.remotePort} -> ${socket.localAddress}:${record.localPort}` +
|
||||
` (Route: "${route.name || 'unnamed'}", Domain: ${record.lockedDomain || 'n/a'})`
|
||||
);
|
||||
logger.log('info', `NFTables forwarding (kernel-level)`, {
|
||||
connectionId: record.id,
|
||||
source: `${record.remoteIP}:${socket.remotePort}`,
|
||||
destination: `${socket.localAddress}:${record.localPort}`,
|
||||
routeName: route.name || 'unnamed',
|
||||
domain: record.lockedDomain || 'n/a',
|
||||
component: 'route-handler'
|
||||
});
|
||||
} else {
|
||||
console.log(
|
||||
`[${record.id}] NFTables forwarding: ${record.remoteIP} -> port ${
|
||||
record.localPort
|
||||
} (Route: "${route.name || 'unnamed'}")`
|
||||
);
|
||||
logger.log('info', `NFTables forwarding`, {
|
||||
connectionId: record.id,
|
||||
remoteIP: record.remoteIP,
|
||||
localPort: record.localPort,
|
||||
routeName: route.name || 'unnamed',
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
|
||||
// Additional NFTables-specific logging if configured
|
||||
if (action.nftables) {
|
||||
const nftConfig = action.nftables;
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${record.id}] NFTables config: ` +
|
||||
`protocol=${nftConfig.protocol || 'tcp'}, ` +
|
||||
`preserveSourceIP=${nftConfig.preserveSourceIP || false}, ` +
|
||||
`priority=${nftConfig.priority || 'default'}, ` +
|
||||
`maxRate=${nftConfig.maxRate || 'unlimited'}`
|
||||
);
|
||||
logger.log('info', `NFTables config`, {
|
||||
connectionId: record.id,
|
||||
protocol: nftConfig.protocol || 'tcp',
|
||||
preserveSourceIP: nftConfig.preserveSourceIP || false,
|
||||
priority: nftConfig.priority || 'default',
|
||||
maxRate: nftConfig.maxRate || 'unlimited',
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
@ -419,7 +473,10 @@ export class RouteConnectionHandler {
|
||||
|
||||
// We should have a target configuration for forwarding
|
||||
if (!action.target) {
|
||||
console.log(`[${connectionId}] Forward action missing target configuration`);
|
||||
logger.log('error', `Forward action missing target configuration for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
component: 'route-handler'
|
||||
});
|
||||
socket.end();
|
||||
this.connectionManager.cleanupConnection(record, 'missing_target');
|
||||
return;
|
||||
@ -447,14 +504,18 @@ export class RouteConnectionHandler {
|
||||
try {
|
||||
targetHost = action.target.host(routeContext);
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] Dynamic host resolved to: ${
|
||||
Array.isArray(targetHost) ? targetHost.join(', ') : targetHost
|
||||
}`
|
||||
);
|
||||
logger.log('info', `Dynamic host resolved to ${Array.isArray(targetHost) ? targetHost.join(', ') : targetHost} for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
targetHost: Array.isArray(targetHost) ? targetHost.join(', ') : targetHost,
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
} catch (err) {
|
||||
console.log(`[${connectionId}] Error in host mapping function: ${err}`);
|
||||
logger.log('error', `Error in host mapping function for connection ${connectionId}: ${err}`, {
|
||||
connectionId,
|
||||
error: err,
|
||||
component: 'route-handler'
|
||||
});
|
||||
socket.end();
|
||||
this.connectionManager.cleanupConnection(record, 'host_mapping_error');
|
||||
return;
|
||||
@ -474,14 +535,21 @@ export class RouteConnectionHandler {
|
||||
try {
|
||||
targetPort = action.target.port(routeContext);
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] Dynamic port mapping: ${record.localPort} -> ${targetPort}`
|
||||
);
|
||||
logger.log('info', `Dynamic port mapping from ${record.localPort} to ${targetPort} for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
sourcePort: record.localPort,
|
||||
targetPort,
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
// Store the resolved target port in the context for potential future use
|
||||
routeContext.targetPort = targetPort;
|
||||
} catch (err) {
|
||||
console.log(`[${connectionId}] Error in port mapping function: ${err}`);
|
||||
logger.log('error', `Error in port mapping function for connection ${connectionId}: ${err}`, {
|
||||
connectionId,
|
||||
error: err,
|
||||
component: 'route-handler'
|
||||
});
|
||||
socket.end();
|
||||
this.connectionManager.cleanupConnection(record, 'port_mapping_error');
|
||||
return;
|
||||
@ -503,7 +571,12 @@ export class RouteConnectionHandler {
|
||||
case 'passthrough':
|
||||
// For TLS passthrough, just forward directly
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(`[${connectionId}] Using TLS passthrough to ${selectedHost}:${targetPort}`);
|
||||
logger.log('info', `Using TLS passthrough to ${selectedHost}:${targetPort} for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
targetHost: selectedHost,
|
||||
targetPort,
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
|
||||
return this.setupDirectConnection(
|
||||
@ -521,9 +594,11 @@ export class RouteConnectionHandler {
|
||||
// For TLS termination, use HttpProxy
|
||||
if (this.httpProxyBridge.getHttpProxy()) {
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] Using HttpProxy for TLS termination to ${action.target.host}`
|
||||
);
|
||||
logger.log('info', `Using HttpProxy for TLS termination to ${Array.isArray(action.target.host) ? action.target.host.join(', ') : action.target.host} for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
targetHost: action.target.host,
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
|
||||
// If we have an initial chunk with TLS data, start processing it
|
||||
@ -540,12 +615,18 @@ export class RouteConnectionHandler {
|
||||
}
|
||||
|
||||
// This shouldn't normally happen - we should have TLS data at this point
|
||||
console.log(`[${connectionId}] TLS termination route without TLS data`);
|
||||
logger.log('error', `TLS termination route without TLS data for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
component: 'route-handler'
|
||||
});
|
||||
socket.end();
|
||||
this.connectionManager.cleanupConnection(record, 'tls_error');
|
||||
return;
|
||||
} else {
|
||||
console.log(`[${connectionId}] HttpProxy not available for TLS termination`);
|
||||
logger.log('error', `HttpProxy not available for TLS termination for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
component: 'route-handler'
|
||||
});
|
||||
socket.end();
|
||||
this.connectionManager.cleanupConnection(record, 'no_http_proxy');
|
||||
return;
|
||||
@ -558,9 +639,11 @@ export class RouteConnectionHandler {
|
||||
if (isHttpProxyPort && this.httpProxyBridge.getHttpProxy()) {
|
||||
// Forward non-TLS connections to HttpProxy if configured
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] Using HttpProxy for non-TLS connection on port ${record.localPort}`
|
||||
);
|
||||
logger.log('info', `Using HttpProxy for non-TLS connection ${connectionId} on port ${record.localPort}`, {
|
||||
connectionId,
|
||||
port: record.localPort,
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
|
||||
this.httpProxyBridge.forwardToHttpProxy(
|
||||
@ -575,9 +658,12 @@ export class RouteConnectionHandler {
|
||||
} else {
|
||||
// Basic forwarding
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] Using basic forwarding to ${action.target.host}:${action.target.port}`
|
||||
);
|
||||
logger.log('info', `Using basic forwarding to ${Array.isArray(action.target.host) ? action.target.host.join(', ') : action.target.host}:${action.target.port} for connection ${connectionId}`, {
|
||||
connectionId,
|
||||
targetHost: action.target.host,
|
||||
targetPort: action.target.port,
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
|
||||
// Get the appropriate host value
|
||||
@ -633,7 +719,10 @@ export class RouteConnectionHandler {
|
||||
): void {
|
||||
// For TLS connections, we can't do redirects at the TCP level
|
||||
if (record.isTLS) {
|
||||
console.log(`[${record.id}] Cannot redirect TLS connection at TCP level`);
|
||||
logger.log('warn', `Cannot redirect TLS connection ${record.id} at TCP level`, {
|
||||
connectionId: record.id,
|
||||
component: 'route-handler'
|
||||
});
|
||||
socket.end();
|
||||
this.connectionManager.cleanupConnection(record, 'tls_redirect_error');
|
||||
return;
|
||||
@ -658,9 +747,11 @@ export class RouteConnectionHandler {
|
||||
const connectionId = record.id;
|
||||
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] Blocking connection based on route "${route.name || 'unnamed'}"`
|
||||
);
|
||||
logger.log('info', `Blocking connection ${connectionId} based on route '${route.name || 'unnamed'}'`, {
|
||||
connectionId,
|
||||
routeName: route.name || 'unnamed',
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
|
||||
// Simply close the connection
|
||||
@ -699,8 +790,16 @@ export class RouteConnectionHandler {
|
||||
targetSocket.once('error', (err) => {
|
||||
// This handler runs only once during the initial connection phase
|
||||
const code = (err as any).code;
|
||||
console.log(
|
||||
`[${connectionId}] Connection setup error to ${finalTargetHost}:${finalTargetPort}: ${err.message} (${code})`
|
||||
logger.log('error',
|
||||
`Connection setup error for ${connectionId} to ${finalTargetHost}:${finalTargetPort}: ${err.message} (${code})`,
|
||||
{
|
||||
connectionId,
|
||||
targetHost: finalTargetHost,
|
||||
targetPort: finalTargetPort,
|
||||
errorMessage: err.message,
|
||||
errorCode: code,
|
||||
component: 'route-handler'
|
||||
}
|
||||
);
|
||||
|
||||
// Resume the incoming socket to prevent it from hanging
|
||||
@ -708,29 +807,57 @@ export class RouteConnectionHandler {
|
||||
|
||||
// Log specific error types for easier debugging
|
||||
if (code === 'ECONNREFUSED') {
|
||||
console.log(
|
||||
`[${connectionId}] Target ${finalTargetHost}:${finalTargetPort} refused connection. ` +
|
||||
`Check if the target service is running and listening on that port.`
|
||||
logger.log('error',
|
||||
`Connection ${connectionId}: Target ${finalTargetHost}:${finalTargetPort} refused connection. Check if the target service is running and listening on that port.`,
|
||||
{
|
||||
connectionId,
|
||||
targetHost: finalTargetHost,
|
||||
targetPort: finalTargetPort,
|
||||
recommendation: 'Check if the target service is running and listening on that port.',
|
||||
component: 'route-handler'
|
||||
}
|
||||
);
|
||||
} else if (code === 'ETIMEDOUT') {
|
||||
console.log(
|
||||
`[${connectionId}] Connection to ${finalTargetHost}:${finalTargetPort} timed out. ` +
|
||||
`Check network conditions, firewall rules, or if the target is too far away.`
|
||||
logger.log('error',
|
||||
`Connection ${connectionId} to ${finalTargetHost}:${finalTargetPort} timed out. Check network conditions, firewall rules, or if the target is too far away.`,
|
||||
{
|
||||
connectionId,
|
||||
targetHost: finalTargetHost,
|
||||
targetPort: finalTargetPort,
|
||||
recommendation: 'Check network conditions, firewall rules, or if the target is too far away.',
|
||||
component: 'route-handler'
|
||||
}
|
||||
);
|
||||
} else if (code === 'ECONNRESET') {
|
||||
console.log(
|
||||
`[${connectionId}] Connection to ${finalTargetHost}:${finalTargetPort} was reset. ` +
|
||||
`The target might have closed the connection abruptly.`
|
||||
logger.log('error',
|
||||
`Connection ${connectionId} to ${finalTargetHost}:${finalTargetPort} was reset. The target might have closed the connection abruptly.`,
|
||||
{
|
||||
connectionId,
|
||||
targetHost: finalTargetHost,
|
||||
targetPort: finalTargetPort,
|
||||
recommendation: 'The target might have closed the connection abruptly.',
|
||||
component: 'route-handler'
|
||||
}
|
||||
);
|
||||
} else if (code === 'EHOSTUNREACH') {
|
||||
console.log(
|
||||
`[${connectionId}] Host ${finalTargetHost} is unreachable. ` +
|
||||
`Check DNS settings, network routing, or firewall rules.`
|
||||
logger.log('error',
|
||||
`Connection ${connectionId}: Host ${finalTargetHost} is unreachable. Check DNS settings, network routing, or firewall rules.`,
|
||||
{
|
||||
connectionId,
|
||||
targetHost: finalTargetHost,
|
||||
recommendation: 'Check DNS settings, network routing, or firewall rules.',
|
||||
component: 'route-handler'
|
||||
}
|
||||
);
|
||||
} else if (code === 'ENOTFOUND') {
|
||||
console.log(
|
||||
`[${connectionId}] DNS lookup failed for ${finalTargetHost}. ` +
|
||||
`Check your DNS settings or if the hostname is correct.`
|
||||
logger.log('error',
|
||||
`Connection ${connectionId}: DNS lookup failed for ${finalTargetHost}. Check your DNS settings or if the hostname is correct.`,
|
||||
{
|
||||
connectionId,
|
||||
targetHost: finalTargetHost,
|
||||
recommendation: 'Check your DNS settings or if the hostname is correct.',
|
||||
component: 'route-handler'
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
@ -779,9 +906,12 @@ export class RouteConnectionHandler {
|
||||
record.targetPort = finalTargetPort;
|
||||
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] Setting up direct connection to ${finalTargetHost}:${finalTargetPort}`
|
||||
);
|
||||
logger.log('info', `Setting up direct connection ${connectionId} to ${finalTargetHost}:${finalTargetPort}`, {
|
||||
connectionId,
|
||||
targetHost: finalTargetHost,
|
||||
targetPort: finalTargetPort,
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
|
||||
// Setup connection options
|
||||
@ -826,9 +956,11 @@ export class RouteConnectionHandler {
|
||||
} catch (err) {
|
||||
// Ignore errors - these are optional enhancements
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] Enhanced TCP keep-alive not supported for outgoing socket: ${err}`
|
||||
);
|
||||
logger.log('warn', `Enhanced TCP keep-alive not supported for outgoing socket on connection ${connectionId}: ${err}`, {
|
||||
connectionId,
|
||||
error: err,
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -848,22 +980,23 @@ export class RouteConnectionHandler {
|
||||
socket.on('timeout', () => {
|
||||
// For keep-alive connections, just log a warning instead of closing
|
||||
if (record.hasKeepAlive) {
|
||||
console.log(
|
||||
`[${connectionId}] Timeout event on incoming keep-alive connection from ${
|
||||
record.remoteIP
|
||||
} after ${plugins.prettyMs(
|
||||
this.settings.socketTimeout || 3600000
|
||||
)}. Connection preserved.`
|
||||
);
|
||||
logger.log('warn', `Timeout event on incoming keep-alive connection ${connectionId} from ${record.remoteIP} after ${plugins.prettyMs(this.settings.socketTimeout || 3600000)}. Connection preserved.`, {
|
||||
connectionId,
|
||||
remoteIP: record.remoteIP,
|
||||
timeout: plugins.prettyMs(this.settings.socketTimeout || 3600000),
|
||||
status: 'Connection preserved',
|
||||
component: 'route-handler'
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
// For non-keep-alive connections, proceed with normal cleanup
|
||||
console.log(
|
||||
`[${connectionId}] Timeout on incoming side from ${
|
||||
record.remoteIP
|
||||
} after ${plugins.prettyMs(this.settings.socketTimeout || 3600000)}`
|
||||
);
|
||||
logger.log('warn', `Timeout on incoming side for connection ${connectionId} from ${record.remoteIP} after ${plugins.prettyMs(this.settings.socketTimeout || 3600000)}`, {
|
||||
connectionId,
|
||||
remoteIP: record.remoteIP,
|
||||
timeout: plugins.prettyMs(this.settings.socketTimeout || 3600000),
|
||||
component: 'route-handler'
|
||||
});
|
||||
if (record.incomingTerminationReason === null) {
|
||||
record.incomingTerminationReason = 'timeout';
|
||||
this.connectionManager.incrementTerminationStat('incoming', 'timeout');
|
||||
@ -874,22 +1007,23 @@ export class RouteConnectionHandler {
|
||||
targetSocket.on('timeout', () => {
|
||||
// For keep-alive connections, just log a warning instead of closing
|
||||
if (record.hasKeepAlive) {
|
||||
console.log(
|
||||
`[${connectionId}] Timeout event on outgoing keep-alive connection from ${
|
||||
record.remoteIP
|
||||
} after ${plugins.prettyMs(
|
||||
this.settings.socketTimeout || 3600000
|
||||
)}. Connection preserved.`
|
||||
);
|
||||
logger.log('warn', `Timeout event on outgoing keep-alive connection ${connectionId} from ${record.remoteIP} after ${plugins.prettyMs(this.settings.socketTimeout || 3600000)}. Connection preserved.`, {
|
||||
connectionId,
|
||||
remoteIP: record.remoteIP,
|
||||
timeout: plugins.prettyMs(this.settings.socketTimeout || 3600000),
|
||||
status: 'Connection preserved',
|
||||
component: 'route-handler'
|
||||
});
|
||||
return;
|
||||
}
|
||||
|
||||
// For non-keep-alive connections, proceed with normal cleanup
|
||||
console.log(
|
||||
`[${connectionId}] Timeout on outgoing side from ${
|
||||
record.remoteIP
|
||||
} after ${plugins.prettyMs(this.settings.socketTimeout || 3600000)}`
|
||||
);
|
||||
logger.log('warn', `Timeout on outgoing side for connection ${connectionId} from ${record.remoteIP} after ${plugins.prettyMs(this.settings.socketTimeout || 3600000)}`, {
|
||||
connectionId,
|
||||
remoteIP: record.remoteIP,
|
||||
timeout: plugins.prettyMs(this.settings.socketTimeout || 3600000),
|
||||
component: 'route-handler'
|
||||
});
|
||||
if (record.outgoingTerminationReason === null) {
|
||||
record.outgoingTerminationReason = 'timeout';
|
||||
this.connectionManager.incrementTerminationStat('outgoing', 'timeout');
|
||||
@ -909,9 +1043,12 @@ export class RouteConnectionHandler {
|
||||
// Wait for the outgoing connection to be ready before setting up piping
|
||||
targetSocket.once('connect', () => {
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] Connection established to target: ${finalTargetHost}:${finalTargetPort}`
|
||||
);
|
||||
logger.log('info', `Connection ${connectionId} established to target ${finalTargetHost}:${finalTargetPort}`, {
|
||||
connectionId,
|
||||
targetHost: finalTargetHost,
|
||||
targetPort: finalTargetPort,
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
|
||||
// Clear the initial connection error handler
|
||||
@ -933,7 +1070,11 @@ export class RouteConnectionHandler {
|
||||
// Write pending data immediately
|
||||
targetSocket.write(combinedData, (err) => {
|
||||
if (err) {
|
||||
console.log(`[${connectionId}] Error writing pending data to target: ${err.message}`);
|
||||
logger.log('error', `Error writing pending data to target for connection ${connectionId}: ${err.message}`, {
|
||||
connectionId,
|
||||
error: err.message,
|
||||
component: 'route-handler'
|
||||
});
|
||||
return this.connectionManager.initiateCleanupOnce(record, 'write_error');
|
||||
}
|
||||
});
|
||||
@ -954,15 +1095,17 @@ export class RouteConnectionHandler {
|
||||
});
|
||||
|
||||
// Log successful connection
|
||||
console.log(
|
||||
logger.log('info',
|
||||
`Connection established: ${record.remoteIP} -> ${finalTargetHost}:${finalTargetPort}` +
|
||||
`${
|
||||
serverName
|
||||
? ` (SNI: ${serverName})`
|
||||
: record.lockedDomain
|
||||
? ` (Domain: ${record.lockedDomain})`
|
||||
: ''
|
||||
}`
|
||||
`${serverName ? ` (SNI: ${serverName})` : record.lockedDomain ? ` (Domain: ${record.lockedDomain})` : ''}`,
|
||||
{
|
||||
remoteIP: record.remoteIP,
|
||||
targetHost: finalTargetHost,
|
||||
targetPort: finalTargetPort,
|
||||
sni: serverName || undefined,
|
||||
domain: !serverName && record.lockedDomain ? record.lockedDomain : undefined,
|
||||
component: 'route-handler'
|
||||
}
|
||||
);
|
||||
|
||||
// Add TLS renegotiation handler if needed
|
||||
@ -990,17 +1133,21 @@ export class RouteConnectionHandler {
|
||||
socket.on('data', renegotiationHandler);
|
||||
|
||||
if (this.settings.enableDetailedLogging) {
|
||||
console.log(
|
||||
`[${connectionId}] TLS renegotiation handler installed for SNI domain: ${serverName}`
|
||||
);
|
||||
logger.log('info', `TLS renegotiation handler installed for connection ${connectionId} with SNI ${serverName}`, {
|
||||
connectionId,
|
||||
serverName,
|
||||
component: 'route-handler'
|
||||
});
|
||||
}
|
||||
}
|
||||
|
||||
// Set connection timeout
|
||||
record.cleanupTimer = this.timeoutManager.setupConnectionTimeout(record, (record, reason) => {
|
||||
console.log(
|
||||
`[${connectionId}] Connection from ${record.remoteIP} exceeded max lifetime, forcing cleanup.`
|
||||
);
|
||||
logger.log('warn', `Connection ${connectionId} from ${record.remoteIP} exceeded max lifetime, forcing cleanup`, {
|
||||
connectionId,
|
||||
remoteIP: record.remoteIP,
|
||||
component: 'route-handler'
|
||||
});
|
||||
this.connectionManager.initiateCleanupOnce(record, reason);
|
||||
});
|
||||
|
||||
|
||||
Reference in New Issue
Block a user