Saving the day with github.com/google/tcpproxy

A firewall change on our network was preventing access to a web service that I and other developers use daily. I remembered stumbling across google/tcpproxy a while back and thought I could use it to build a quick hack to solve my problem.

A few minutes later, I had written a three line program that used tcpproxy to listen on port 443 and forward to the server I couldn’t reach.

I spun up an EC2 instance on AWS and ran the three-liner in a tmux session on the EC2 host so I could disconnect and leave it running.Then I modified my /etc/hosts to add an entry for the domain that pointed at the EC2 host and it worked on the first try.

tcpproxy supports more advanced use cases than I needed (sniffing HTTP host headers and TLS SNI hostname info to do some of the stuff nginx/haproxy can do) but I was impressed to be able to go from idea to working implementation with it in under 10 minutes.

package main
  
import (
        "log"

        "github.com/google/tcpproxy"
)

func main() {
        var p tcpproxy.Proxy
        p.AddRoute(":443", tcpproxy.To("server.i.cant.reach:443"))
        log.Fatal(p.Run())
}