Add custom listen address support (#6)

Author: weiiwang01

.github/workflows/integration-tests.yaml

@@ -22,7 +22,7 @@ jobs:
 
       - name: Configure Aproxy
         run: |
-          sudo snap set aproxy proxy=squid.internal:3128
+          sudo snap set aproxy proxy=squid.internal:3128 listen=:23403
           sudo nft -f - << EOF
           define default-ip = $(ip route get $(ip route show 0.0.0.0/0 | grep -oP 'via \K\S+') | grep -oP 'src \K\S+')
           define private-ips = { 10.0.0.0/8, 127.0.0.1/8, 172.16.0.0/12, 192.168.0.0/16 }
@@ -31,12 +31,12 @@ jobs:
           table ip aproxy {
                   chain prerouting {
                           type nat hook prerouting priority dstnat; policy accept;
-                          ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:8443
+                          ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:23403
                   }
 
                   chain output {
                           type nat hook output priority -100; policy accept;
-                          ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:8443
+                          ip daddr != \$private-ips tcp dport { 80, 443 } counter dnat to \$default-ip:23403
                   }
           }
           EOF

aproxy.go

@@ -23,7 +23,7 @@ import (
 	"golang.org/x/crypto/cryptobyte"
 )
 
-var version = "0.2.1"
+var version = "0.2.2"
 
 // PrereadConn is a wrapper around net.Conn that supports pre-reading from the underlying connection.
 // Any Read before the EndPreread can be undone and read again by calling the EndPreread function.
@@ -374,16 +374,17 @@ func HandleConn(conn net.Conn, proxy string) {
 
 func main() {
 	proxyFlag := flag.String("proxy", "", "upstream HTTP proxy address in the 'host:port' format")
+	listenFlag := flag.String("listen", ":8443", "the address and port on which the server will listen")
 	flag.Parse()
-	listenAddr := &net.TCPAddr{IP: net.ParseIP("0.0.0.0"), Port: 8443}
+	listenAddr := *listenFlag
 	ctx := context.Background()
 	signal.NotifyContext(ctx, os.Interrupt)
 	listenConfig := new(net.ListenConfig)
-	listener, err := listenConfig.Listen(ctx, "tcp", fmt.Sprintf(":8443"))
+	listener, err := listenConfig.Listen(ctx, "tcp", listenAddr)
 	if err != nil {
-		log.Fatalf("failed to listen on %s", listenAddr.String())
+		log.Fatalf("failed to listen on %#v", listenAddr)
 	}
-	slog.Info("start listening on 0.0.0.0:8443")
+	slog.Info(fmt.Sprintf("start listening on %s", listenAddr))
 	proxy := *proxyFlag
 	if proxy == "" {
 		log.Fatalf("no upstearm proxy specified")

snap/hooks/configure

@@ -1,8 +1,7 @@
 #!/bin/bash
 set -e
 
-mkdir -p $SNAP_COMMON/cert
-
+[ -z "$(snapctl get listen)" ] && snapctl set listen=":8443"
 
 validate_proxy() {
     local hostport="$1"
@@ -25,8 +24,8 @@ validate_proxy() {
     return 0
 }
 
-
 proxy="$(snapctl get proxy)"
+listen="$(snapctl get listen)"
 
 if [ -z "${proxy}" ]; then
     echo "set upstream proxy using \`snap set aproxy proxy=example:1234\`"
@@ -35,7 +34,7 @@ fi
 
 validate_proxy "$proxy"
 
-echo "--proxy $proxy" > $SNAP_DATA/args
+echo "--proxy $proxy --listen $listen" > $SNAP_DATA/args
 
 snapctl stop ${SNAP_NAME}.aproxy
 snapctl start ${SNAP_NAME}.aproxy --enable

snap/snapcraft.yaml

@@ -1,5 +1,5 @@
 name: aproxy
-version: 0.2.1
+version: 0.2.2
 summary: Transparent proxy for HTTP and HTTPS/TLS connections.
 description: |
   Aproxy is a transparent proxy for HTTP and HTTPS/TLS connections. By