Log external req ip and host

evervault · Jan 3, 2025 · ae2ef06 · ae2ef06
1 parent b856aea
commit ae2ef06
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 0 deletions.
diff --git a/control-plane/src/egressproxy.rs b/control-plane/src/egressproxy.rs
@@ -2,6 +2,7 @@ use crate::error::{Result, ServerError};
 use shared::rpc::request::ExternalRequest;
 use shared::server::egress::check_ip_allow_list;
 use shared::server::egress::EgressDestinations;
+use shared::server::sni::get_hostname;
 use shared::server::CID::Parent;
 use shared::server::{get_vsock_server, Listener};
 use shared::utils::pipe_streams;
@@ -76,6 +77,17 @@ impl EgressProxy {
             log::info!("Blocking request to ip: {:?}  - {err}", external_request.ip);
             return Ok(());
         };
+        let hostname = get_hostname(external_request.data.clone())?; 
+        log::info!(
+            "{}",
+            serde_json::json!({
+                "message": "Connecting to external host",
+                "ip": external_request.ip,
+                "port": external_request.port,
+                "hostname": hostname
+            })
+            .to_string()
+        );
         let mut remote_stream =
             TcpStream::connect((external_request.ip, external_request.port)).await?;
         remote_stream.write_all(&external_request.data).await?;

diff --git a/control-plane/src/error.rs b/control-plane/src/error.rs
@@ -1,3 +1,4 @@
+use shared::server::sni::SNIError;
 use thiserror::Error;
 use trust_dns_resolver::error::ResolveError;
 
@@ -38,6 +39,8 @@ pub enum ServerError {
     AcmeError(#[from] shared::acme::error::AcmeError),
     #[error("Invalid DNS Config provided - at least 2 valid DNS Servers must be provided")]
     InvalidDnsConfig,
+    #[error(transparent)]
+    SNIError(#[from] SNIError),
 }
 
 pub type Result<T> = std::result::Result<T, ServerError>;