ffwd-tunnel 0.1.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 5df1c67ae1513904503ff2db9e7071ec1fff649a
+  data.tar.gz: 07ec0e4930a3f2b8af7c850dd799d73775f83c08
+SHA512:
+  metadata.gz: e463d7728abf1f437ef965038f41267f4a93161617d9ed77ea4ebdee3b7018e374c12d29a9fb9d0c68624099b81c09487df74aafe2cbe199b0a82be15956e6ba
+  data.tar.gz: 21bfd3d35a7bbef9b6e979fe7b0ab9cbc7a2cc64b5990fe18f3d9a04b40f928a7d329ab454eaaed73fd77b7d62d4b764d6b34b55664c388e0e2c3b6aa7386bc1

data/bin/ffwd-tunnel-agent

@@ -0,0 +1,516 @@
+#!/usr/bin/env python
+"""A reference tunneling proxy for FFWD."""
+
+import time
+import json
+import asyncore
+import sys
+import socket
+import struct
+import logging
+import errno
+import argparse
+
+log = logging.getLogger(__name__)
+
+TEXT = object()
+BINARY = object()
+UDP = 'udp'
+TCP = 'tcp'
+RECV_MAX = 8192
+DEFAULT_PROTOCOL = "text"
+PROTOCOL_MAX_DATALEN = 2 ** 16
+DEFAULT_PORT = 9000
+
+
+class _BindUDP(asyncore.dispatcher):
+    def __init__(self, family, tunnel, bindaddress, bindport):
+        asyncore.dispatcher.__init__(self)
+        self.create_socket(family, socket.SOCK_DGRAM)
+        self.set_reuse_addr()
+        self.bind((bindaddress, bindport))
+
+        self._family = family
+        self._tunnel = tunnel
+        self._port = bindport
+
+    def writable(self):
+        return False
+
+    def handle_read(self):
+        """implement asyncore.dispatcher#handle_read"""
+        data, addr = self.recvfrom(RECV_MAX)
+
+        self._tunnel.client_data(
+            socket.SOCK_DGRAM, self._family, self._port, addr, data)
+
+    def receive_data(self, addr, data):
+        family, addr, port = addr
+        self.sendto(data, (addr, port))
+
+
+class _BindTCP(asyncore.dispatcher):
+    class Connection(asyncore.dispatcher_with_send):
+        def __init__(self, bind, sock, addr):
+            asyncore.dispatcher_with_send.__init__(self, sock)
+            self.bind = bind
+            self.addr = addr
+
+        def handle_close(self):
+            """implement asyncore.dispatcher_with_send#handle_close."""
+            self.bind.conn_handle_close(self.addr)
+
+        def handle_error(self):
+            """implement asyncore.dispatcher_with_send#handle_error."""
+
+        def handle_read(self):
+            """implement asyncore.dispatcher#handle_read."""
+            self.bind.conn_handle_data(self.addr, self.recv(RECV_MAX))
+
+    def __init__(self, family, tunnel, bindaddress, bindport):
+        asyncore.dispatcher.__init__(self)
+        self.create_socket(family, socket.SOCK_STREAM)
+        self.set_reuse_addr()
+        self.bind((bindaddress, bindport))
+        self.listen(5)
+
+        self._family = family
+        self._tunnel = tunnel
+        self._port = bindport
+        self._connections = dict()
+
+    def handle_close(self):
+        """implement asyncore.dispatcher#handle_close."""
+        self.close()
+
+    def handle_accept(self):
+        """implement asyncore.dispatcher#handle_accept."""
+        pair = self.accept()
+
+        if pair is not None:
+            sock, addr = pair
+            log.debug("open tcp/%d: %s:%d", self._port, addr[0], addr[1])
+            self._connections[addr] = self.Connection(self, sock, addr)
+            self.client_state(addr, Protocol.OPEN)
+
+    def conn_handle_data(self, addr, data):
+        """Receive data from TCP connections."""
+        self.client_data(addr, data)
+
+    def conn_handle_close(self, addr):
+        """Remove the client connection associated with addr."""
+        log.debug("closed tcp/%d: %s:%d", self._port, addr[0], addr[1])
+
+        client = self._connections[addr]
+        client.close()
+
+        del self._connections[addr]
+        self.client_state(addr, Protocol.CLOSE)
+
+    def client_data(self, addr, data):
+        self._tunnel.client_data(
+            socket.SOCK_STREAM, self._family, self._port, addr, data)
+
+    def client_state(self, addr, state):
+        self._tunnel.client_state(
+            socket.SOCK_STREAM, self._family, self._port, addr, state)
+
+    def close(self):
+        for client in self._connections.values():
+            client.close()
+
+        self._connections = {}
+        asyncore.dispatcher.close(self)
+
+    def receive_data(self, addr, data):
+        try:
+            client = self._connections[addr]
+        except KeyError:
+            log.error("no such client: %s", addr)
+            self.close()
+            return
+
+        client.send(data)
+
+
+class _LineProtocol(object):
+    delimiter = '\n'
+
+    buffer_limit = 1048576
+
+    def __init__(self):
+        self._lp_buffer = ""
+        self._lp_size = 0
+        self._lp_limit = self.buffer_limit
+
+    def set_mode(self, size):
+        self._lp_size = size
+
+    def handle_read(self):
+        """implement asyncore.dispatcher#handle_read."""
+
+        data = self.recv(RECV_MAX)
+
+        if len(self._lp_buffer) + len(data) > self._lp_limit:
+            log.error("buffer limit reached, closing connection")
+            self.close()
+            return
+
+        if self._lp_size == 0:
+            self._handle_line(data)
+        else:
+            self._handle_text(data)
+
+    def _handle_line(self, data):
+        while True:
+            try:
+                i = data.index(self.delimiter)
+            except ValueError:
+                break
+
+            try:
+                self.receive_line(self._lp_buffer + data[:i])
+            except:
+                log.error("receive_line failed", exc_info=sys.exc_info())
+                self.close()
+                return
+
+            self._lp_buffer = ""
+            data = data[i + 2:]
+
+        if len(data) > 0:
+            self._lp_buffer += data
+
+    def _handle_text(self, data):
+        self._lp_buffer += data
+
+        while len(self._lp_buffer) >= self._lp_size:
+            size = self._lp_size
+            self._lp_size = 0
+
+            try:
+                self.receive_text(self._lp_buffer[:size])
+            except:
+                log.error("failed to receive text", exc_info=sys.exc_info())
+                self.close()
+                return
+
+            self._lp_buffer = self._lp_buffer[size:]
+
+    def send_line(self, line):
+        """Send a line of data using the specified delimiter."""
+        self.send(line + self.delimiter)
+
+
+BIND_PROTOCOLS = {
+    socket.SOCK_STREAM: _BindTCP,
+    socket.SOCK_DGRAM: _BindUDP,
+}
+
+
+class Protocol(object):
+    ST_HEADER = struct.Struct("!HHHBB")
+
+    ST_STATE = struct.Struct("!H")
+    ST_PEER_ADDR_AF_INET = struct.Struct("!4sH")
+    ST_PEER_ADDR_AF_INET6 = struct.Struct("!16sH")
+
+    STATE = 0x0000
+    DATA = 0x0001
+
+    OPEN = 0x0000
+    CLOSE = 0x0001
+
+    PACKET_TYPES = {
+        STATE: ST_STATE,
+        DATA: None,
+    }
+
+    def __init__(self, conn):
+        self._header = None
+        self._c = conn
+
+    def parse_st_addr(self, family):
+        if family == socket.AF_INET:
+            return self.ST_PEER_ADDR_AF_INET
+
+        if family == socket.AF_INET6:
+            return self.ST_PEER_ADDR_AF_INET6
+
+        raise Exception("Unsupported family: %d" % (family))
+
+    def peer_addr_pack(self, family, addr):
+        st_addr = self.parse_st_addr(family)
+        ip, port = addr
+        ip = socket.inet_pton(family, ip)
+        return st_addr.pack(ip, port), st_addr.size
+
+    def peer_addr_unpack(self, family, data):
+        st_addr = self.parse_st_addr(family)
+        ip, port = st_addr.unpack(data[:st_addr.size])
+        ip = socket.inet_ntop(family, ip)
+        return (ip, port), st_addr.size
+
+    def client_data(self, protocol, family, port, addr, data):
+        """Send client DATA."""
+        addr, addr_size = self.peer_addr_pack(family, addr)
+
+        length = self.ST_HEADER.size + addr_size + len(data)
+
+        if length > PROTOCOL_MAX_DATALEN:
+            raise Exception("Maximum possible frame length exceeded")
+
+        header = self.ST_HEADER.pack(length, self.DATA, port, family, protocol)
+
+        frame = header + addr + data
+        self._c.send(frame)
+
+    def client_state(self, protocol, family, port, addr, state):
+        """Send a client STATE update."""
+        addr_data, addr_size = self.peer_addr_pack(family, addr)
+
+        length = self.ST_HEADER.size + addr_size + self.ST_STATE.size
+
+        if length > PROTOCOL_MAX_DATALEN:
+            raise Exception("Maximum possible frame length exceeded")
+
+        header_data = self.ST_HEADER.pack(
+            length, self.STATE, port, family, protocol)
+        state_data = self.ST_STATE.pack(state)
+
+        frame = header_data + addr_data + state_data
+        self._c.send(frame)
+
+    def setup(self):
+        self._c.set_mode(self.ST_HEADER.size)
+
+    def receive_line(self, line):
+        raise Exception("did not expect line")
+
+    def receive_text(self, data):
+        if self._header is None:
+            self._header = self.ST_HEADER.unpack(data)
+            self._c.set_mode(self._header[0] - self.ST_HEADER.size)
+            return
+
+        length, frame_type, port, family, protocol = self._header
+        addr, addr_size = self.peer_addr_unpack(family, data)
+        rest = data[addr_size:]
+
+        if frame_type == self.DATA:
+            tunnel_id = (family, protocol, port)
+            self._c.receive_data(tunnel_id, addr, rest)
+        else:
+            raise Exception("Unexpected frame type: %d" % (frame_type))
+
+        self._c.set_mode(self.ST_HEADER.size)
+        self._header = None
+
+
+class TunnelClient(_LineProtocol, asyncore.dispatcher_with_send):
+    def __init__(self, metadata, addr):
+        asyncore.dispatcher_with_send.__init__(self)
+        _LineProtocol.__init__(self)
+        self.create_socket(socket.AF_INET, socket.SOCK_STREAM)
+        self.connect(addr)
+
+        self._metadata = metadata
+        self._tunnels = dict()
+        self._protocol = None
+        self._addr = addr
+
+    def handle_error(self):
+        """implement asyncore.dispatcher#handle_error."""
+        exc_info = sys.exc_info()
+        e = exc_info[1]
+
+        if isinstance(e, socket.error):
+            if e.errno == errno.ECONNREFUSED:
+                log.warn("connection refused: %s", self._addr)
+                self.close()
+                return
+
+        log.error("error: %s", str(exc_info[1]), exc_info=exc_info)
+        self.close()
+
+    def handle_close(self):
+        """implement asyncore.dispatcher#handle_close."""
+        log.info("closed")
+        self.close()
+
+    def close(self):
+        for tunnel in self._tunnels.values():
+            tunnel.close()
+
+        self._tunnels = dict()
+        self._protocol = None
+
+        asyncore.dispatcher_with_send.close(self)
+
+    def client_data(self, *args):
+        if self._protocol is None:
+            raise Exception("protocol is not configured")
+
+        self._protocol.client_data(*args)
+
+    def client_state(self, *args):
+        if self._protocol is None:
+            raise Exception("protocol is not configured")
+
+        self._protocol.client_state(*args)
+
+    def _receive_binary(self, protocol, bindport, addr, data):
+        family = addr[0]
+        ip = socket.inet_pton(addr[0], addr[1])
+        port = addr[2]
+        datasize = len(data)
+
+        if datasize > PROTOCOL_MAX_DATALEN:
+            raise Exception("Maximum data length exceeded")
+
+        header = self.ST_HEADER.pack(
+            protocol, bindport, family, ip, port, datasize)
+
+        frame = header + data
+        self.send(frame)
+
+    def handle_connect(self):
+        """implement asyncore.dispatcher#handle_connect."""
+        log.info("connected")
+        self.send_line(json.dumps(self._metadata))
+
+    def receive_line(self, line):
+        """implement _LineProtocol#receive_line."""
+
+        if self._protocol is not None:
+            raise Exception("protocol already configured")
+
+        try:
+            self._protocol = self.configure(line)
+        except:
+            log.error("failed to receive line", exc_info=sys.exc_info())
+            self.close()
+            return
+
+        try:
+            self._protocol.setup()
+        except:
+            log.error("failed to setup protocol", exc_info=sys.exc_info())
+            self.close()
+            return
+
+    def configure(self, line):
+        config = json.loads(line)
+        log.info("CONFIG: %s", repr(config))
+
+        if not self._bind_all(config):
+            self.close()
+            return
+
+        return Protocol(self)
+
+    def receive_text(self, data):
+        if self._protocol is None:
+            raise Exception("protocol is not configured")
+
+        try:
+            self._protocol.receive_text(data)
+        except:
+            log.error("failed to receive text", exc_info=sys.exc_info())
+            self.close()
+
+    def receive_data(self, tunnel_id, addr, data):
+        try:
+            tunnel = self._tunnels[tunnel_id]
+        except KeyError:
+            log.error("no such tunnel: %s", tunnel_id)
+            return
+
+        tunnel.receive_data(addr, data)
+
+    def _bind_all(self, config):
+        """Bind all protocol/port combinations from configuration."""
+        bind = config.get('bind', [])
+
+        for b in bind:
+            tunnel_id = (b['family'], b['protocol'], b['port'])
+
+            if tunnel_id in self._tunnels:
+                log.error("Already bound: %s", repr(tunnel_id))
+                continue
+
+            try:
+                family, protocol, port = tunnel_id
+                protocol = BIND_PROTOCOLS[protocol]
+                self._tunnels[tunnel_id] = protocol(
+                    family, self, '127.0.0.1', port)
+            except:
+                log.error("failed to bind: %s", repr(b),
+                          exc_info=sys.exc_info())
+                continue
+
+        if len(self._tunnels) != len(bind):
+            log.error("unable to bind everything: %s", repr(bind))
+            return False
+
+        log.info("ports bound")
+        return True
+
+
+def hostip(string):
+    if ':' not in string:
+        return (string, DEFAULT_PORT)
+
+    ip, port = string.split(':', 2)
+    return (ip, int(port))
+
+parser = argparse.ArgumentParser(sys.argv[0])
+
+parser.add_argument(
+    "-j", "--json-metadata", dest="json_metadata",
+    help="Load metadata from JSON file.", metavar="<file>")
+
+parser.add_argument(
+    "-d", "--debug", dest="debug", action="store_const", const=True,
+    default=False, help="Enable debugging.")
+
+parser.add_argument(
+    "-c", "--connect", dest="connect", default=('127.0.0.1', DEFAULT_PORT),
+    type=hostip, metavar="<host>[:port]", help="Connect to the specified ")
+
+
+def parse_args(args):
+    ns = parser.parse_args(args)
+
+    log_level = logging.INFO
+
+    if ns.debug:
+        log_level = logging.DEBUG
+
+    logging.basicConfig(level=log_level)
+
+    if ns.json_metadata:
+        with open(ns.json_metadata) as f:
+            ns.metadata = json.load(f)
+    else:
+        ns.metadata = dict()
+
+    log.info("Metadata: %s", repr(ns.metadata))
+
+    return ns
+
+
+def _main(args):
+    ns = parse_args(args)
+
+    reconnect_timeout = 1.0
+
+    while True:
+        TunnelClient(ns.metadata, ns.connect)
+        asyncore.loop()
+
+        log.info("reconnecting in %ds", reconnect_timeout)
+        time.sleep(reconnect_timeout)
+
+if __name__ == "__main__":
+    sys.exit(_main(sys.argv[1:]))

data/lib/ffwd/plugin/tunnel/binary_protocol.rb

@@ -0,0 +1,384 @@
+# $LICENSE
+# Copyright 2013-2014 Spotify AB. All rights reserved.
+#
+# The contents of this file are licensed under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations under
+# the License.
+
+require 'ffwd/core/emitter'
+require 'ffwd/core/interface'
+require 'ffwd/core/reporter'
+require 'ffwd/lifecycle'
+require 'ffwd/logging'
+require 'ffwd/plugin_channel'
+require 'ffwd/tunnel/plugin'
+require 'ffwd/utils'
+
+module FFWD::Plugin::Tunnel
+  class BinaryProtocol < FFWD::Tunnel::Plugin
+    class BindUDP
+      class Handle < FFWD::Tunnel::Plugin::Handle
+        attr_reader :addr
+
+        def initialize bind, addr
+          @bind = bind
+          @addr = addr
+        end
+
+        def send_data data
+          @bind.send_data @addr, data
+        end
+      end
+
+      def initialize port, family, tunnel, block
+        @port = port
+        @family = family
+        @tunnel = tunnel
+        @block = block
+      end
+
+      def send_data addr, data
+        @tunnel.send_data Socket::SOCK_DGRAM, @family, @port, addr, data
+      end
+
+      def data! addr, data
+        handle = Handle.new self, addr
+        @block.call handle, data
+      end
+    end
+
+    class BindTCP
+      class Handle < FFWD::Tunnel::Plugin::Handle
+        attr_reader :addr
+
+        def initialize bind, addr
+          @bind = bind
+          @addr = addr
+          @close = nil
+          @data = nil
+        end
+
+        def send_data data
+          @bind.send_data @addr, data
+        end
+
+        def close &block
+          @close = block
+        end
+
+        def data &block
+          @data = block
+        end
+
+        def recv_close
+          return if @close.nil?
+          @close.call
+          @close = nil
+          @data = nil
+        end
+
+        def recv_data data
+          return if @data.nil?
+          @data.call data
+        end
+      end
+
+      def initialize port, family, tunnel, block
+        @port = port
+        @family = family
+        @tunnel = tunnel
+        @block = block
+        @handles = {}
+      end
+
+      def open addr
+        raise "Already open: #{addr}" if @handles[addr]
+        handle = @handles[addr] = Handle.new self, addr
+        @block.call handle
+      end
+
+      def close addr
+        raise "Not open: #{addr}" unless handle = @handles[addr]
+        handle.recv_close
+        @handles.delete addr
+      end
+
+      def data addr, data
+        unless handle = @handles[addr]
+          raise "Not available: #{addr}"
+        end
+
+        handle.recv_data data
+      end
+
+      def send_data addr, data
+        @tunnel.send_data Socket::SOCK_STREAM, @family, @port, addr, data
+      end
+    end
+
+    include FFWD::Logging
+    include FFWD::Lifecycle
+
+    Header = Struct.new(:length, :type, :port, :family, :protocol)
+    HeaderFormat = 'nnnCC'
+    HeaderSize = 8
+
+    PeerAddrAfInet = Struct.new(:ip, :port)
+    PeerAddrAfInetFormat = "a4n"
+    PeerAddrAfInetSize = 6
+
+    PeerAddrAfInet6 = Struct.new(:ip, :port)
+    PeerAddrAfInet6Format = "a16n"
+    PeerAddrAfInet6Size = 18
+
+    State = Struct.new(:state)
+    StateFormat = 'n'
+    StateSize = 2
+
+    STATE = 0x0000
+    DATA = 0x0001
+
+    OPEN = 0x0000
+    CLOSE = 0x0001
+
+    def initialize core, c
+      @c = c
+      @tcp_bind = {}
+      @udp_bind = {}
+      @input = FFWD::PluginChannel.build 'tunnel_input'
+
+      @metadata = nil
+      @processor = nil
+      @channel_id = nil
+      @statistics_id = nil
+      @header = nil
+
+      starting do
+        raise "no metadata" if @metadata.nil?
+
+        if host = @metadata[:host]
+          @statistics_id = "tunnel/#{host}"
+          @channel_id = "tunnel.input/#{host}"
+        else
+          @statistics_id = "tunnel/#{@c.get_peer}"
+          @channel_id = "tunnel.input/#{@c.get_peer}"
+        end
+
+        # setup a small core
+        emitter = FFWD::Core::Emitter.build @core.output, @metadata
+        @processor = FFWD::Core::Processor.build @input, emitter, @core.processors
+
+        @reporter = FFWD::Core::Reporter.new [@input, @processor]
+
+        if @core.debug
+          @core.debug.monitor @channel_id, @input, FFWD::Debug::Input
+        end
+
+        if @core.statistics
+          @core.statistics.register @statistics_id, @reporter
+        end
+      end
+
+      stopping do
+        if @core.statistics and @statistics_id
+          @core.statistics.unregister @statistics_id
+          @statistics_id = nil
+        end
+
+        @metadata = nil
+        @processor = nil
+        @channel_id = nil
+        @tcp_bind = {}
+        @udp_bind = {}
+      end
+
+      @core = core.reconnect @input
+
+      @core.tunnel_plugins.each do |t|
+        instance = t.setup @core, self
+        instance.depend_on self
+      end
+
+      @input.depend_on self
+      @core.depend_on self
+    end
+
+    def tcp port, &block
+      @tcp_bind[[port, Socket::AF_INET]] = BindTCP.new(
+        port, Socket::AF_INET, self, block)
+    end
+
+    def udp port, &block
+      @udp_bind[[port, Socket::AF_INET]] = BindUDP.new(
+        port, Socket::AF_INET, self, block)
+    end
+
+    def read_metadata data
+      d = {}
+
+      d[:tags] = FFWD.merge_sets @core.tags, data["tags"]
+      d[:attributes] = FFWD.merge_sets @core.attributes, data["attributes"]
+
+      if host = data["host"]
+        d[:host] = host
+      end
+
+      if ttl = data["ttl"]
+        d[:ttl] = ttl
+      end
+
+      d
+    end
+
+    def send_config
+      response = {}
+
+      tcp = @tcp_bind.keys.map{|port, family|
+        {:protocol => Socket::SOCK_STREAM,
+         :family => family,
+         :port => port}}
+      udp = @udp_bind.keys.map{|port, family|
+        {:protocol => Socket::SOCK_DGRAM,
+         :family => family,
+         :port => port}}
+
+      response[:bind] = tcp + udp
+
+      response = JSON.dump(response)
+      @c.send_data "#{response}\n"
+    end
+
+    def receive_metadata data
+      @metadata = read_metadata data
+      start
+      send_config
+    end
+
+    def receive_line line
+      raise "already have metadata" if @metadata
+      receive_metadata JSON.load(line)
+      @c.set_text_mode HeaderSize
+    end
+
+    def parse_addr_format family
+      if family == Socket::AF_INET
+        return PeerAddrAfInetFormat, PeerAddrAfInetSize
+      end
+
+      if family == Socket::AF_INET6
+        return PeerAddrAfInet6Format, PeerAddrAfInet6Size
+      end
+
+      raise "Unsupported address family: #{family}"
+    end
+
+    def peer_addr_pack family, addr
+      format, size = parse_addr_format family
+      return addr.pack(format), size
+    end
+
+    def peer_addr_unpack family, data
+      format, size = parse_addr_format family
+      return data[0,size].unpack(format), size
+    end
+
+    def receive_frame header, addr, data
+      if header.type == DATA
+        tunnel_data header, addr, data
+        return
+      end
+
+      if header.type == STATE
+        state = data.unpack(StateFormat)[0]
+        tunnel_state header, addr, state
+        return
+      end
+    end
+
+    def receive_binary_data data
+      if @header
+        addr, addr_size = peer_addr_unpack @header.family, data
+        data = data[addr_size,data.size - addr_size]
+        receive_frame @header, addr, data
+        @header = nil
+        @c.set_text_mode HeaderSize
+        return
+      end
+
+      fields = data.unpack HeaderFormat
+      @header = Header.new(*fields)
+      rest = @header.length - HeaderSize
+      @c.set_text_mode rest
+    end
+
+    def send_data protocol, family, port, addr, data
+      addr_data, addr_size = peer_addr_pack family, addr
+      length = HeaderSize + addr_size + data.size
+      # Struct.new(:length, :type, :port, :family, :protocol)
+      header_data = [
+        length, DATA, port, family, protocol].pack HeaderFormat
+      frame = header_data + addr_data + data
+      @c.send_data frame
+    end
+
+    def tunnel_data header, addr, data
+      if header.protocol == Socket::SOCK_DGRAM
+        if udp = @udp_bind[[header.port, header.family]]
+          udp.data! addr, data
+        end
+
+        return
+      end
+
+      if header.protocol == Socket::SOCK_STREAM
+        unless bind = @tcp_bind[[header.port, header.family]]
+          log.error "Nothing listening on tcp/#{header.port}"
+          return
+        end
+
+        bind.data addr, data
+        return
+      end
+
+      log.error "DATA: Unsupported protocol: #{header.protocol}"
+    end
+
+    def tunnel_state header, addr, state
+      if header.protocol == Socket::SOCK_DGRAM
+        # ignored
+        log.error "UDP does not handle: #{state}"
+        return
+      end
+
+      if header.protocol == Socket::SOCK_STREAM
+        unless bind = @tcp_bind[[header.port, header.family]]
+          log.error "Nothing listening on tcp/#{header.port}"
+          return
+        end
+
+        if state == OPEN
+          bind.open addr
+          return
+        end
+
+        if state == CLOSE
+          bind.close addr
+          return
+        end
+
+        log.error "Unknown state: #{state}"
+        return
+      end
+
+      log.error "STATE: Unsupported protocol: #{header.protocol}"
+    end
+  end
+end

data/lib/ffwd/plugin/tunnel/connection_tcp.rb

@@ -0,0 +1,62 @@
+# $LICENSE
+# Copyright 2013-2014 Spotify AB. All rights reserved.
+#
+# The contents of this file are licensed under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations under
+# the License.
+
+require 'ffwd/connection'
+
+module FFWD::Plugin::Tunnel
+  class ConnectionTCP < FFWD::Connection
+    include FFWD::Logging
+    include EM::Protocols::LineText2
+
+    def self.plugin_type
+      "tunnel_in_tcp"
+    end
+
+    def initialize bind, core, tunnel_protocol
+      @bind = bind
+      @core = core
+      @tunnel_protocol = tunnel_protocol
+      @protocol_instance = nil
+    end
+
+    def receive_line line
+      @protocol_instance.receive_line line
+    end
+
+    def receive_binary_data data
+      @protocol_instance.receive_binary_data data
+    end
+
+    def get_peer
+      peer = get_peername
+      port, ip = Socket.unpack_sockaddr_in(peer)
+      "#{ip}:#{port}"
+    end
+
+    def post_init
+      @protocol_instance = @tunnel_protocol.new @core, self
+    end
+
+    def unbind
+      log.info "Shutting down tunnel connection"
+      @protocol_instance.stop
+      @protocol_instance = nil
+    end
+
+    def metadata?
+      not @metadata.nil?
+    end
+  end
+end

data/lib/ffwd/plugin/tunnel/version.rb

@@ -0,0 +1,22 @@
+# $LICENSE
+# Copyright 2013-2014 Spotify AB. All rights reserved.
+#
+# The contents of this file are licensed under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations under
+# the License.
+
+module FFWD
+  module Plugin
+    module Tunnel
+      VERSION = "0.1.0"
+    end
+  end
+end

data/lib/ffwd/plugin/tunnel.rb

@@ -0,0 +1,57 @@
+# $LICENSE
+# Copyright 2013-2014 Spotify AB. All rights reserved.
+#
+# The contents of this file are licensed under the Apache License, Version 2.0
+# (the "License"); you may not use this file except in compliance with the
+# License. You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations under
+# the License.
+
+require 'eventmachine'
+require 'base64'
+
+require_relative 'tunnel/connection_tcp'
+require_relative 'tunnel/binary_protocol'
+
+require 'ffwd/logging'
+require 'ffwd/plugin'
+require 'ffwd/protocol'
+
+module FFWD::Plugin::Tunnel
+  include FFWD::Plugin
+  include FFWD::Logging
+
+  register_plugin "tunnel"
+
+  DEFAULT_HOST = 'localhost'
+  DEFAULT_PORT = 9000
+  DEFAULT_PROTOCOL = 'tcp'
+  DEFAULT_PROTOCOL_TYPE = 'text'
+
+  CONNECTIONS = {
+    :tcp => ConnectionTCP
+  }
+
+  def self.setup_input opts, core
+    opts[:host] ||= DEFAULT_HOST
+    opts[:port] ||= DEFAULT_PORT
+    protocol = FFWD.parse_protocol(opts[:protocol] || DEFAULT_PROTOCOL)
+    protocol_type = opts[:protocol_type] || DEFAULT_PROTOCOL_TYPE
+
+    unless connection = CONNECTIONS[protocol.family]
+      raise "No connection for protocol family: #{protocol.family}"
+    end
+
+    if core.tunnel_plugins.empty?
+      raise "Nothing requires tunneling"
+    end
+
+    protocol.bind opts, core, log, connection, BinaryProtocol
+  end
+end

metadata

@@ -0,0 +1,92 @@
+--- !ruby/object:Gem::Specification
+name: ffwd-tunnel
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- John-John Tedro
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2014-02-25 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: ffwd
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec-mocks
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - '>='
+      - !ruby/object:Gem::Version
+        version: '0'
+description: 
+email:
+- udoprog@spotify.com
+executables:
+- ffwd-tunnel-agent
+extensions: []
+extra_rdoc_files: []
+files:
+- bin/ffwd-tunnel-agent
+- lib/ffwd/plugin/tunnel.rb
+- lib/ffwd/plugin/tunnel/binary_protocol.rb
+- lib/ffwd/plugin/tunnel/version.rb
+- lib/ffwd/plugin/tunnel/connection_tcp.rb
+homepage: https://github.com/spotify/ffwd
+licenses:
+- Apache 2.0
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - '>='
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.0.3
+signing_key: 
+specification_version: 4
+summary: Simple tunneling support for FFWD.
+test_files: []