main.go

// Copyright (C) 2021-2024 Shizun Ge
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
// GNU General Public License for more details.
//
// You should have received a copy of the GNU General Public License
// along with this program.  If not, see <https://www.gnu.org/licenses/>.
//

package main

import (
	"endlessh-go/client"
	"endlessh-go/geoip"
	"endlessh-go/metrics"
	"flag"
	"fmt"
	"net"
	"os"
	"strings"
	"time"

	"github.com/golang/glog"
	proxyproto "github.com/pires/go-proxyproto"
)

func startSending(maxClients int64, bannerMaxLength int64, records chan<- metrics.RecordEntry) chan *client.Client {
	clients := make(chan *client.Client, maxClients)
	go func() {
		for {
			c, more := <-clients
			if !more {
				return
			}
			go func() {
				bytesSent, err := c.Send(bannerMaxLength)
				remoteIpAddr := c.RemoteIpAddr()
				localPort := c.LocalPort()
				millisecondsSpent := c.MillisecondsSinceLast()
				if err != nil {
					c.Close()
					records <- metrics.RecordEntry{
						RecordType:        metrics.RecordEntryTypeStop,
						IpAddr:            remoteIpAddr,
						LocalPort:         localPort,
						MillisecondsSpent: millisecondsSpent,
					}
					return
				}
				clients <- c
				records <- metrics.RecordEntry{
					RecordType:        metrics.RecordEntryTypeSend,
					IpAddr:            remoteIpAddr,
					LocalPort:         localPort,
					MillisecondsSpent: millisecondsSpent,
					BytesSent:         bytesSent,
				}
			}()
		}
	}()
	return clients
}

func startAccepting(maxClients int64, connType, connHost, connPort string, interval time.Duration, clients chan<- *client.Client, records chan<- metrics.RecordEntry, proxyProtocolEnabled bool, proxyProtocolReadHeaderTimeout int) {
	go func() {
		l, err := net.Listen(connType, connHost+":"+connPort)
		if err != nil {
			glog.Errorf("Error listening: %v", err)
			os.Exit(1)
		}

		// Wrap the listener in a proxy protocol listener
		if proxyProtocolEnabled {
			l = &proxyproto.Listener{Listener: l, ReadHeaderTimeout: time.Duration(proxyProtocolReadHeaderTimeout) * time.Millisecond}
		}

		// Close the listener when the application closes.
		defer l.Close()

		glog.Infof("Listening on %v:%v", connHost, connPort)
		for {
			// Listen for an incoming connection.
			conn, err := l.Accept()
			if err != nil {
				glog.Errorf("Error accepting connection from port %v: %v", connPort, err)
				os.Exit(1)
			}
			c := client.NewClient(conn, interval, maxClients)
			remoteIpAddr := c.RemoteIpAddr()
			records <- metrics.RecordEntry{
				RecordType: metrics.RecordEntryTypeStart,
				IpAddr:     remoteIpAddr,
				LocalPort:  connPort,
			}
			clients <- c
		}
	}()
}

type arrayStrings []string

func (a *arrayStrings) String() string {
	return strings.Join(*a, ", ")
}

func (a *arrayStrings) Set(value string) error {
	*a = append(*a, value)
	return nil
}

const defaultPort = "2222"

var connPorts arrayStrings

func main() {
	intervalMs := flag.Int("interval_ms", 1000, "Message millisecond delay")
	bannerMaxLength := flag.Int64("line_length", 32, "Maximum banner line length")
	maxClients := flag.Int64("max_clients", 4096, "Maximum number of clients")
	connType := flag.String("conn_type", "tcp", "Connection type. Possible values are tcp, tcp4, tcp6")
	connHost := flag.String("host", "0.0.0.0", "SSH listening address")
	flag.Var(&connPorts, "port", fmt.Sprintf("SSH listening port. You may provide multiple -port flags to listen to multiple ports. (default %q)", defaultPort))
	prometheusEnabled := flag.Bool("enable_prometheus", false, "Enable prometheus")
	prometheusHost := flag.String("prometheus_host", "0.0.0.0", "The address for prometheus")
	prometheusPort := flag.String("prometheus_port", "2112", "The port for prometheus")
	prometheusEntry := flag.String("prometheus_entry", "metrics", "Entry point for prometheus")
	prometheusCleanUnseenSeconds := flag.Int("prometheus_clean_unseen_seconds", 0, "Remove series if the IP is not seen for the given time. Set to 0 to disable. (default 0)")
	geoipSupplier := flag.String("geoip_supplier", "off", "Supplier to obtain Geohash of IPs. Possible values are \"off\", \"ip-api\", \"max-mind-db\"")
	maxMindDbFileName := flag.String("max_mind_db", "", "Path to the MaxMind DB file.")
	proxyProtocolEnabled := flag.Bool("proxy_protocol_enabled", false, "Enable PROXY protocol support. This causes the server to expect PROXY protocol headers on incoming connections.")
	proxyProtocolReadHeaderTimeout := flag.Int("proxy_protocol_read_header_timeout_ms", 200, "Timeout for reading the PROXY protocol header in milliseconds. If the connection does not send a valid PROXY protocol header in this time, the header is ignored.")

	flag.Usage = func() {
		fmt.Fprintf(flag.CommandLine.Output(), "Usage of %v \n", os.Args[0])
		flag.PrintDefaults()
	}
	flag.Parse()

	if *prometheusEnabled {
		if *connType == "tcp6" && *prometheusHost == "0.0.0.0" {
			*prometheusHost = "[::]"
		}
		metrics.InitPrometheus(*prometheusHost, *prometheusPort, *prometheusEntry)
	}

	records := metrics.StartRecording(*maxClients, *prometheusEnabled, *prometheusCleanUnseenSeconds,
		geoip.GeoOption{
			GeoipSupplier:     *geoipSupplier,
			MaxMindDbFileName: *maxMindDbFileName,
		})
	clients := startSending(*maxClients, *bannerMaxLength, records)

	interval := time.Duration(*intervalMs) * time.Millisecond
	// Listen for incoming connections.
	if *connType == "tcp6" && *connHost == "0.0.0.0" {
		*connHost = "[::]"
	}
	if len(connPorts) == 0 {
		connPorts = append(connPorts, defaultPort)
	}
	for _, connPort := range connPorts {
		startAccepting(*maxClients, *connType, *connHost, connPort, interval, clients, records, *proxyProtocolEnabled, *proxyProtocolReadHeaderTimeout)
	}
	for {
		if *prometheusCleanUnseenSeconds <= 0 {
			time.Sleep(time.Duration(1<<63 - 1))
		} else {
			time.Sleep(time.Second * time.Duration(60))
			records <- metrics.RecordEntry{
				RecordType: metrics.RecordEntryTypeClean,
			}
		}
	}
}
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`// Copyright (C) 2021-2024 Shizun Ge`
fix crash when prometheus is disable 2021-10-27 00:34:18 -07:00			`//`
			`// This program is free software: you can redistribute it and/or modify`
			`// it under the terms of the GNU General Public License as published by`
			`// the Free Software Foundation, either version 3 of the License, or`
			`// (at your option) any later version.`
			`//`
			`// This program is distributed in the hope that it will be useful,`
			`// but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`// GNU General Public License for more details.`
			`//`
			`// You should have received a copy of the GNU General Public License`
			`// along with this program. If not, see <https://www.gnu.org/licenses/>.`
			`//`

Create endlessh in golang 2021-10-12 00:55:13 -07:00			`package main`

			`import (`
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`"endlessh-go/client"`
			`"endlessh-go/geoip"`
			`"endlessh-go/metrics"`
Create endlessh in golang 2021-10-12 00:55:13 -07:00			`"flag"`
			`"fmt"`
			`"net"`
			`"os"`
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`"strings"`
Create endlessh in golang 2021-10-12 00:55:13 -07:00			`"time"`
initial push to github 2021-10-26 21:33:55 -07:00
			`"github.com/golang/glog"`
Add PROXY protocol support 2025-09-10 19:52:59 +02:00			`proxyproto "github.com/pires/go-proxyproto"`
Create endlessh in golang 2021-10-12 00:55:13 -07:00			`)`

re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`func startSending(maxClients int64, bannerMaxLength int64, records chan<- metrics.RecordEntry) chan *client.Client {`
			`clients := make(chan *client.Client, maxClients)`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`go func() {`
			`for {`
			`c, more := <-clients`
			`if !more {`
			`return`
			`}`
			`go func() {`
			`bytesSent, err := c.Send(bannerMaxLength)`
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`remoteIpAddr := c.RemoteIpAddr()`
			`localPort := c.LocalPort()`
Prometheus roundup the trapped time to the interval. In the old way, if the connection is broken less than an interval, the trapped time won't be reported. With this fix, the prometheus should report the same value as the log. 2024-01-27 23:26:39 -08:00			`millisecondsSpent := c.MillisecondsSinceLast()`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`if err != nil {`
			`c.Close()`
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`records <- metrics.RecordEntry{`
Prometheus roundup the trapped time to the interval. In the old way, if the connection is broken less than an interval, the trapped time won't be reported. With this fix, the prometheus should report the same value as the log. 2024-01-27 23:26:39 -08:00			`RecordType: metrics.RecordEntryTypeStop,`
			`IpAddr: remoteIpAddr,`
			`LocalPort: localPort,`
			`MillisecondsSpent: millisecondsSpent,`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`}`
			`return`
			`}`
			`clients <- c`
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`records <- metrics.RecordEntry{`
			`RecordType: metrics.RecordEntryTypeSend,`
			`IpAddr: remoteIpAddr,`
			`LocalPort: localPort,`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`MillisecondsSpent: millisecondsSpent,`
Prometheus roundup the trapped time to the interval. In the old way, if the connection is broken less than an interval, the trapped time won't be reported. With this fix, the prometheus should report the same value as the log. 2024-01-27 23:26:39 -08:00			`BytesSent: bytesSent,`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`}`
			`}()`
			`}`
			`}()`
			`return clients`
			`}`

Add PROXY protocol support 2025-09-10 19:52:59 +02:00			`func startAccepting(maxClients int64, connType, connHost, connPort string, interval time.Duration, clients chan<- *client.Client, records chan<- metrics.RecordEntry, proxyProtocolEnabled bool, proxyProtocolReadHeaderTimeout int) {`
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`go func() {`
			`l, err := net.Listen(connType, connHost+":"+connPort)`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`if err != nil {`
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`glog.Errorf("Error listening: %v", err)`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`os.Exit(1)`
			`}`
Add PROXY protocol support 2025-09-10 19:52:59 +02:00
			`// Wrap the listener in a proxy protocol listener`
			`if proxyProtocolEnabled {`
			`l = &proxyproto.Listener{Listener: l, ReadHeaderTimeout: time.Duration(proxyProtocolReadHeaderTimeout) * time.Millisecond}`
			`}`

re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`// Close the listener when the application closes.`
			`defer l.Close()`
Add PROXY protocol support 2025-09-10 19:52:59 +02:00
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`glog.Infof("Listening on %v:%v", connHost, connPort)`
			`for {`
			`// Listen for an incoming connection.`
			`conn, err := l.Accept()`
			`if err != nil {`
			`glog.Errorf("Error accepting connection from port %v: %v", connPort, err)`
			`os.Exit(1)`
			`}`
			`c := client.NewClient(conn, interval, maxClients)`
			`remoteIpAddr := c.RemoteIpAddr()`
			`records <- metrics.RecordEntry{`
			`RecordType: metrics.RecordEntryTypeStart,`
			`IpAddr: remoteIpAddr,`
			`LocalPort: connPort,`
			`}`
			`clients <- c`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`}`
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`}()`
			`}`

			`type arrayStrings []string`

			`func (a *arrayStrings) String() string {`
			`return strings.Join(*a, ", ")`
			`}`

			`func (a *arrayStrings) Set(value string) error {`
			`a = append(a, value)`
			`return nil`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`}`

re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`const defaultPort = "2222"`

			`var connPorts arrayStrings`

Create endlessh in golang 2021-10-12 00:55:13 -07:00			`func main() {`
			`intervalMs := flag.Int("interval_ms", 1000, "Message millisecond delay")`
			`bannerMaxLength := flag.Int64("line_length", 32, "Maximum banner line length")`
			`maxClients := flag.Int64("max_clients", 4096, "Maximum number of clients")`
			`connType := flag.String("conn_type", "tcp", "Connection type. Possible values are tcp, tcp4, tcp6")`
allow bind prometheus to a different interface than the ssh one. 2022-07-11 18:41:57 -07:00			`connHost := flag.String("host", "0.0.0.0", "SSH listening address")`
update documents about multiple ports 2024-01-16 21:53:00 -08:00			`flag.Var(&connPorts, "port", fmt.Sprintf("SSH listening port. You may provide multiple -port flags to listen to multiple ports. (default %q)", defaultPort))`
fix crash when prometheus is disable 2021-10-27 00:34:18 -07:00			`prometheusEnabled := flag.Bool("enable_prometheus", false, "Enable prometheus")`
allow bind prometheus to a different interface than the ssh one. 2022-07-11 18:41:57 -07:00			`prometheusHost := flag.String("prometheus_host", "0.0.0.0", "The address for prometheus")`
initial push to github 2021-10-26 21:33:55 -07:00			`prometheusPort := flag.String("prometheus_port", "2112", "The port for prometheus")`
			`prometheusEntry := flag.String("prometheus_entry", "metrics", "Entry point for prometheus")`
clean metrics, remove series if the ip is not seen for a while. 2024-01-18 22:13:20 -08:00			`prometheusCleanUnseenSeconds := flag.Int("prometheus_clean_unseen_seconds", 0, "Remove series if the IP is not seen for the given time. Set to 0 to disable. (default 0)")`
remove freegeoip.live as a provider 2023-02-10 22:22:32 -08:00			`geoipSupplier := flag.String("geoip_supplier", "off", "Supplier to obtain Geohash of IPs. Possible values are \"off\", \"ip-api\", \"max-mind-db\"")`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`maxMindDbFileName := flag.String("max_mind_db", "", "Path to the MaxMind DB file.")`
Add PROXY protocol support 2025-09-10 19:52:59 +02:00			`proxyProtocolEnabled := flag.Bool("proxy_protocol_enabled", false, "Enable PROXY protocol support. This causes the server to expect PROXY protocol headers on incoming connections.")`
			`proxyProtocolReadHeaderTimeout := flag.Int("proxy_protocol_read_header_timeout_ms", 200, "Timeout for reading the PROXY protocol header in milliseconds. If the connection does not send a valid PROXY protocol header in this time, the header is ignored.")`
initial push to github 2021-10-26 21:33:55 -07:00
Create endlessh in golang 2021-10-12 00:55:13 -07:00			`flag.Usage = func() {`
			`fmt.Fprintf(flag.CommandLine.Output(), "Usage of %v \n", os.Args[0])`
			`flag.PrintDefaults()`
			`}`
			`flag.Parse()`

fix crash when prometheus is disable 2021-10-27 00:34:18 -07:00			`if *prometheusEnabled {`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`if connType == "tcp6" && prometheusHost == "0.0.0.0" {`
			`*prometheusHost = "[::]"`
			`}`
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`metrics.InitPrometheus(prometheusHost, prometheusPort, *prometheusEntry)`
initial push to github 2021-10-26 21:33:55 -07:00			`}`

clean metrics, remove series if the ip is not seen for a while. 2024-01-18 22:13:20 -08:00			`records := metrics.StartRecording(maxClients, prometheusEnabled, *prometheusCleanUnseenSeconds,`
			`geoip.GeoOption{`
			`GeoipSupplier: *geoipSupplier,`
			`MaxMindDbFileName: *maxMindDbFileName,`
			`})`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`clients := startSending(maxClients, bannerMaxLength, records)`

Create endlessh in golang 2021-10-12 00:55:13 -07:00			`interval := time.Duration(intervalMs) time.Millisecond`
			`// Listen for incoming connections.`
initial push to github 2021-10-26 21:33:55 -07:00			`if connType == "tcp6" && connHost == "0.0.0.0" {`
			`*connHost = "[::]"`
			`}`
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`if len(connPorts) == 0 {`
			`connPorts = append(connPorts, defaultPort)`
			`}`
			`for _, connPort := range connPorts {`
Add PROXY protocol support 2025-09-10 19:52:59 +02:00			`startAccepting(maxClients, connType, connHost, connPort, interval, clients, records, proxyProtocolEnabled, *proxyProtocolReadHeaderTimeout)`
re-org files into packages. update copyright. accept multiple ports. 2024-01-16 21:06:03 -08:00			`}`
refactor: move prometheus outside client class 2024-01-16 20:16:27 -08:00			`for {`
clean metrics, remove series if the ip is not seen for a while. 2024-01-18 22:13:20 -08:00			`if *prometheusCleanUnseenSeconds <= 0 {`
			`time.Sleep(time.Duration(1<<63 - 1))`
			`} else {`
			`time.Sleep(time.Second * time.Duration(60))`
			`records <- metrics.RecordEntry{`
			`RecordType: metrics.RecordEntryTypeClean,`
			`}`
			`}`
Create endlessh in golang 2021-10-12 00:55:13 -07:00			`}`
			`}`