diff options
Diffstat (limited to 'wgengine/netstack/netstack.go')
| -rw-r--r-- | wgengine/netstack/netstack.go | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/wgengine/netstack/netstack.go b/wgengine/netstack/netstack.go index aa79a275c..4adb14894 100644 --- a/wgengine/netstack/netstack.go +++ b/wgengine/netstack/netstack.go @@ -554,9 +554,8 @@ func (ns *Impl) shouldProcessInbound(p *packet.Parsed, t *tstun.Wrapper) bool { if dport == peerAPIPort { return true } - - // Also handle SSH connections, if enabled. - if dport == 22 && ns.lb.ShouldRunSSH() { + // Also handle SSH connections, webserver, etc, if enabled: + if ns.lb.ShouldInterceptTCPPort(dport) { return true } } @@ -894,6 +893,14 @@ func (ns *Impl) acceptTCP(r *tcp.ForwarderRequest) { ns.lb.HandleQuad100Port80Conn(c) return } + if ns.lb.ShouldInterceptTCPPort(reqDetails.LocalPort) && ns.isLocalIP(dialIP) { + c := createConn() + if c == nil { + return + } + ns.lb.HandleInterceptedTCPConn(c) + return + } } if ns.ForwardTCPIn != nil { |