dan-v / awslambdaproxy Goto Github PK

View Code? Open in Web Editor NEW

765.0 21.0 103.0 42.36 MB

An AWS Lambda powered HTTP/SOCKS web proxy

License: MIT License

Makefile 1.97% Go 70.18% Dockerfile 0.79% Shell 1.11% HCL 25.95%

aws aws-lambda proxy proxy-server socks5 rotating-proxy web-traffic lambda-functions socks5-proxy tunnel

awslambdaproxy's Introduction

NOTICE: This project is no longer being maintained

Overview

awslambdaproxy is an AWS Lambda powered HTTP/SOCKS web proxy. It provides a constantly rotating IP address for your network traffic from all regions where AWS Lambda is available. The goal is to obfuscate your traffic and make it harder to track you as a user.

Features

HTTP/HTTPS/SOCKS5 proxy protocols support (including authentication).
No special client side software required. Just configure your system to use a proxy.
Each configured AWS Lambda region provides a large pool of constantly rotating IP address.
Configurable IP rotation frequency between multiple regions.
Mostly AWS free tier compatible (see FAQ below).

Project status

Current code status: proof of concept. This is the first Go application that I've ever written. It has no tests. It may not work. It may blow up. Use at your own risk.

How it works

At a high level, awslambdaproxy proxies TCP/UDP traffic through AWS Lambda regional endpoints. To do this, awslambdaproxy is setup on a publicly accessible host (e.g. EC2 instance) and it handles creating Lambda resources that run a proxy server (gost). Since Lambda does not allow you to connect to bound ports in executing functions, a reverse SSH tunnel is established from the Lambda function to the host running awslambdaproxy. Once a tunnel connection is established, all user traffic is forwarded through this reverse tunnel to the proxy server. Lambda functions have a max execution time of 15 minutes, so there is a goroutine that continuously executes Lambda functions to ensure there is always a live tunnel in place. If multiple regions are specified, user traffic will be routed in a round robin fashion across these regions.

Terraform

Clone repository and go to the deployment/terraform directory:

git clone [email protected]:dan-v/awslambdaproxy.git && cd awslambdaproxy/deployment/terraform

Install Terraform and configure your Terraform backend. Read more about Terraform backends here.
Create and fill in a variable definitions file (read more here) if you don't want to use default variables values defined in variables.tf.
Run these commands to init and apply configuration:

terraform init && terraform apply -auto-approve

It will create all dependent resources and run awslambdaproxy inside a Docker container. EC2 instance SSH key can be found in AWS Secret Manager in your AWS Management Console.

NOTE: Some AWS regions have a big list of IP CIDR blocks and they can exceed the default limits of security groups (read more). In that case, you'll need to make a limit increase request through the AWS Support Center by choosing Create Case and then choosing Service Limit Increase to prevent deployment issues.

Manual

Download a pre-built binary from the GitHub Releases page.
Copy awslambdaproxy binary to a publicly accessible linux host (e.g. EC2 instance, VPS instance, etc). You will need to open the following ports on this host:
- Port 22 - functions executing in AWS Lambda will open SSH connections back to the host running awslambdaproxy, so this port needs to be open to the world. The SSH key used here is dynamically generated at startup and added to the running users authorized_keys file.
- Port 8080 - the default configuration will start a HTTP/SOCKS proxy listener on this port with default user/password authentication. If you don't want to publicly expose the proxy server, one option is to setup your own VPN server (e.g. dosxvpn or algo), connect to it, and just run awslambdaproxy with the proxy listener only on localhost (-l localhost:8080).
Optional, but I'd highly recommend taking a look at the Minimal IAM Policies section below. This will allow you to setup minimal permissions required to setup and run the project. Otherwise, if you don't care about security you can always use an access key with full administrator privileges.
awslambdaproxy will need access to credentials for AWS in some form. This can be either through exporting environment variables (as shown below), shared credential file, or an IAM role if assigned to the instance you are running it on. See this for more details.
```
export AWS_ACCESS_KEY_ID=XXXXXXXXXX
export AWS_SECRET_ACCESS_KEY=YYYYYYYYYYYYYYYYYYYYYY
```
Run awslambdaproxy setup.
```
./awslambdaproxy setup
```

Run awslambdaproxy run.

./awslambdaproxy run -r us-west-2,us-west-1,us-east-1,us-east-2

Configure your web browser (or OS) to use the HTTP/SOCKS5 proxy on the publicly accessible host running awslambdaproxy on port 8080.

Minimal IAM Policies

This assumes you have the AWS CLI setup with an admin user
Create a user with proper permissions needed to run the setup command. This user can be removed after running the setup command.

aws iam create-user --user-name awslambdaproxy-setup
aws iam put-user-policy --user-name awslambdaproxy-setup --policy-name awslambdaproxy-setup --policy-document file://deployment/iam/setup.json
aws iam create-access-key --user-name awslambdaproxy-setup
{
    "AccessKey": {
        "UserName": "awslambdaproxy-setup",
        "Status": "Active",
        "CreateDate": "2017-04-17T06:15:18.858Z",
        "SecretAccessKey": "xxxxxxxxxxxxxxxxxxxxxxxxxxxx",
        "AccessKeyId": "xxxxxxxxxxxxxx"
    }
}

Create a user with proper permission needed to run the proxy.

aws iam create-user --user-name awslambdaproxy-run
aws iam put-user-policy --user-name awslambdaproxy-run --policy-name awslambdaproxy-run --policy-document file://deployment/iam/run.json
aws iam create-access-key --user-name awslambdaproxy-run
{
    "AccessKey": {
        "UserName": "awslambdaproxy-run",
        "Status": "Active",
        "CreateDate": "2017-04-17T06:18:27.531Z",
        "SecretAccessKey": "xxxxxxxxxxxxxxxxxxxxxxxxxxxx",
        "AccessKeyId": "xxxxxxxxxxxxxx"
    }
}

Examples

# execute proxy in four different regions with rotation happening every 60 seconds
./awslambdaproxy run -r us-west-2,us-west-1,us-east-1,us-east-2 -f 60s

# choose a different port and username/password for proxy and add another listener on localhost with no auth
./awslambdaproxy run -l "admin:admin@:8888,localhost:9090"

# bypass certain domains from using lambda proxy
./awslambdaproxy run -b "*.websocket.org,*.youtube.com"

# specify a dns server for the proxy server to use for dns lookups
./awslambdaproxy run -l "admin:awslambdaproxy@:8080?dns=1.1.1.1"

# increase function memory size for better network performance
./awslambdaproxy run -m 512

FAQ

Should I use awslambdaproxy? That's up to you. Use at your own risk.
Why did you use AWS Lambda for this? The primary reason for using AWS Lambda in this project is the vast pool of IP addresses available that automatically rotate.
How big is the pool of available IP addresses? This I don't know, but I do know I did not have a duplicate IP while running the proxy for a week.
Will this make me completely anonymous? No, absolutely not. The goal of this project is just to obfuscate your web traffic by rotating your IP address. All of your traffic is going through AWS which could be traced back to your account. You can also be tracked still with browser fingerprinting, etc. Your IP address may still leak due to WebRTC, Flash, etc.
How often will my external IP address change? I'm not positive as that's specific to the internals of AWS Lambda, and that can change at any time. However, I'll give an example, with 4 regions specified rotating every 5 minutes it resulted in around 15 unique IPs per hour.
How much does this cost? awslambdaproxy should be able to run mostly on the AWS free tier minus bandwidth costs. It can run on a t2.micro instance and the default 128MB Lambda function that is constantly running should also fall in the free tier usage. The bandwidth is what will cost you money; you will pay for bandwidth usage for both EC2 and Lambda.
Why does my connection drop periodically? AWS Lambda functions can currently only execute for a maximum of 15 minutes. In order to maintain an ongoing proxy a new function is executed and all new traffic is cut over to it. Any ongoing connections to the previous Lambda function will hard stop after a timeout period. You generally won't see any issues for normal web browsing as connections are very short lived, but for any long lived connections you will see issues. Consider using the --bypass flag to specify known domains that you know use persistent connections to avoid having your connection constantly dropping for these.

Contributors

yurymkomarov - streamlined the entire deployment process with Terraform.
unixfox - contributed the Docker image for awslambdaproxy.

Powered by

gost - A simple security tunnel written in Golang.
yamux - Golang connection multiplexing library.
goad - Code was borrowed from this project to handle AWS Lambda zip creation and function upload.

Build From Source

Install Go and go-bindata
Fetch the project with git clone:

git clone [email protected]:dan-v/awslambdaproxy.git && cd awslambdaproxy

Run make to build awslambdaproxy. You'll find your awslambdaproxy binary in the artifacts folder.

make

awslambdaproxy's People

Contributors

Stargazers

Watchers

Forkers

liuyanghejerry joonhochoi guitmz u20024804 cotyb andriipetruk geoffdutton daidokoro cloudtracer devonneburger xi1314 karthiksekars lzbgt jieseattle qingyuan0o0 stickh leoshan scottjpack cncoder surereddy gpsbird nomadwarrior qsdj ro9ueadmin xbeark zhangminchao bbhunter orehunt mikeball amoyquantum houey ryankomodo cryptokr yurymkomarov dreamprototype 3m3x rajivraj 5l1v3r1 abhishekgahlot maivanteo nativecode-dev acsaki evrobert lyuji282 vcoder4c suenot superuser5 bghimire2 metastable ncolyer lgs buddisattva hjswust whn09 shinoby92 edward-02020 em429 bitpan timbru31 dassx3 qiuxuewen ahmetkurukose ravidhu ccakmak60 motaword reboare thinkplus knguyen0125 cuibuaa meloos puneet-mehta syaiful6 raintears2 binlabnet winzeler gregnawawi newmoneybigbucks taducquang m4rvxpn tbrains nicoandmee iwaduarte rinainfotec righteousgambit pvbhanuteja causasui0605 datacrunchwizard crypaus catataw boysusu ronkorland nk113 youyong123 krustyhack zlocate bit-rocket silentzhang mellonaut dzwiedzmin twigatech

awslambdaproxy's Issues

Connection not stable

Excellent concept! I think it's a great idea.

Within 15 mins I kept on getting disconnected with error ERR_TUNNEL_CONNECTION_FAILED

Different Ip for each request ?

Hey, can we have a different IP for each request?

Maximising diversity but with reliable startup

Hi, Thanks very much for this, which is pretty much exactly what I was looking for.

I am trying to reliably run lambda proxies with as much diversity as possible. However, I find that with a fairly long list of regions there is always one or more regions which fail to start (not always the same ones). If one fails, the whole startup fails.

It would be really great if there was an option to ignore any errors, as long as at least one region had started. Ideally with a clear and unambiguous summary of which were set up once the startup has completed.

I have tried dropping the least reliable regions but the list of regions which have never failed to start is getting quite short now :-(

Of course, a dynamic approach, with attempts to restart failed regions and tolerate all errors as long as at least one proxy is usable, would be ideal but it isn't needed for my use case, at least. I tend to run the service for a day or so and am more concerned about reliable startup, as diversely as possible, than with long term usage.

Too many garbage in authorized_keys

Prerequisites

I am running the latest version of awslambdaproxy (version 13 tested, couldn't install version 14)
I am have read the README instructions and the FAQ

Description

I have some version of this project on a server. I noticed it created 6000 .ssh/authorized_keys. I don't know how to check the version, the command prompt doesn't seem to give me that info. I also installed version 13 on a new instance. So far it created 2 keys.

Steps to Reproduce

Probably running with low -f param or running the server under supervisor and periodically restart the daemon increase the amount of left over keys.

Expected behavior: I guess this package should safely clear the keys after it is done with them.

Actual behavior: Over time authorized_keys will get huge.

Environment

# version 13
awslambdaproxy run -r us-west-2,us-west-1,us-east-1,us-east-2,ca-central-1,eu-central-1,eu-west-1,eu-west-2,eu-west-3 -f 360s

reddit.com slow page load time

Need to track down root cause of slow loading time specifically for reddit.com. Can take up to 10s to load, while other websites do not see this behavior.

Username and password

What is the username and the password that the proxy server asks for after setting up everything?

command executes successfully. But proxy doesn't work

The file descriptor (socket) is leaking.

Prerequisites

I am running the latest version of awslambdaproxy
I am have read the README instructions and the FAQ

Description

[bidirectionalCopy has no timeout]

Expected behavior: [What you expected to happen]

Actual behavior: [What actually happened]

Environment

If you are using CLI, get the version and specify the full command you are using.

./awslambdaproxy version
awslambdaproxy version 0.0.12
./awslambdaproxy -r us-west-2,us-west-1 -f 60

If you are using Docker, get the version and specify the full command you are using.

docker run -it --rm --entrypoint /app/awslambdaproxy vdan/awslambdaproxy -v
awslambdaproxy version 0.0.12
docker run -d vdan/awslambdaproxy -r us-west-2,us-west-1 -f 60

The following is the modified code, it works well.

func waitTimeout(wg *sync.WaitGroup, timeout time.Duration) bool {
        done := make(chan struct{})
        go func() {
                wg.Wait()
                close(done)
        }()

        select {
        case <-done:
                return false
        case <-time.After(timeout):
                return true
        }
}

func bidirectionalCopy(src io.ReadWriteCloser, dst io.ReadWriteCloser, timeout_S float64) bool {
        defer dst.Close()
        defer src.Close()

        var wg sync.WaitGroup
        wg.Add(1)
        go func() {
                io.Copy(dst, src)
                wg.Done()
        }()

        wg.Add(1)
        go func() {
                io.Copy(src, dst)
                wg.Done()
        }()
        //wg.Wait()
        return !waitTimeout(&wg, time.Duration(timeout_S)*time.Second)
}

2020/04/25 06:36:41 tunnelconnection.go:226: Waiting for tunnel to be established..

I'm trying to run during startup. What does this mean?

2020/04/25 06:36:05 gost.go:657: auto://:8080 on [::]:8080
2020/04/25 06:36:06 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:07 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:08 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:09 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:10 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:11 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:12 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:13 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:14 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:15 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:16 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:17 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:18 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:19 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:20 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:21 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:22 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:23 tunnelconnection.go:226: Waiting for tunnel to be established..
2020/04/25 06:36:24 tunnelconnection.go:226: Waiting for tunnel to be established..

The maximum number of rules per security group has been reached

Hello, trying to install via Terraform but hitting The maximum number of rules per security group has been reached. I've increased my Inbound or outbound rules per security group rules from 60 to 120 but still hitting the limit, is this the correct quota to be adjusting here?

╷
│ Error: error updating Security Group (sg-059c85e095c49e44a): error authorizing Security Group (ingress) rules: RulesPerSecurityGroupLimitExceeded: The maximum number of rules per security group has been reached.
│ 	status code: 400, request id: a6c1c40f-23ae-423f-a67b-f0a90161b43e
│
│   with aws_security_group.this["us-east-1"],
│   on main.tf line 157, in resource "aws_security_group" "this":
│  157: resource "aws_security_group" "this" {
│
╵
╷
│ Error: error updating Security Group (sg-0d8c094457070a035): error authorizing Security Group (ingress) rules: RulesPerSecurityGroupLimitExceeded: The maximum number of rules per security group has been reached.
│ 	status code: 400, request id: 1b7ed22a-9d3e-48cb-95a2-437242a4cdcd
│
│   with aws_security_group.this["us-west-2"],
│   on main.tf line 157, in resource "aws_security_group" "this":
│  157: resource "aws_security_group" "this" {
│
╵

Setup failed

-sh-4.2$ ./awslambdaproxy setup
Failed to run setup for awslambdaproxy: NoCredentialProviders: no valid providers in chain. Deprecated.
For verbose messaging see aws.Config.CredentialsChainVerboseErrors-sh-4.2$ ^C

Can I use an EC2 IAM attached role?

When I run:

awslambdaproxy run us-west-1,us-west-2,us-east-1,us-east-2

Getting:

Must specify environment variable AWS_ACCESS_KEY_ID

The EC2 instance should already have the policies needed via the attachd IAM role.

error closing connection message on v0.0.13

This error has always been occurring, but it just happens to be logged now:
error closing connection for connectionID=127.0.0.1:47858: close tcp 127.0.0.1:8081->127.0.0.1:47858: use of closed network connection

Document how to use Docker image

Right now there aren't any instructions in the README.

Can we open multiple connections in the same region?

Describe the solution you'd like
I want to have a single PC but running multiple tasks with different IP addresses.
In this case, I will connect to lambda functions and all the request maintains the same IP until after a certain amount of time.

Describe alternatives you've considered
Perhaps running ./awslambdaproxy multiple times? However, it will still go through the ec2 instance.

Terraform edit

It seems like terraform does not require

experiments = [variable_validation]

at the first line of variables from newer versions.
Maybe it's just me using the new version?

Secondly
Terraform was able to SSL into the instance, but after that, it ended with

aws_instance.this (remote-exec): Redirecting to /bin/systemctl start docker.service
aws_instance.this: Creation complete after 58s [id=i-0e5499b175a1bd304]
aws_eip_association.this: Creating...
aws_eip_association.this: Creation complete after 1s [id=eipassoc-06475599cbfbc3c6a]
null_resource.start_awslambdaproxy: Creating...
null_resource.start_awslambdaproxy: Provisioning with 'remote-exec'...
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)
null_resource.start_awslambdaproxy (remote-exec): (output suppressed due to sensitive value in config)

 Error: error executing "/tmp/terraform_1852503017.sh": Process exited with status 127

I have no idea what is happening because the log is blocked, but assuming this is after "start docker.service",
there is something wrong with the docker setups?

tested by default settings given in repo.
Thanks btw, wish to contribute, but I don't know jack s*** about terraform.

socks5 connection errors

Prerequisites

I am running the latest version of awslambdaproxy
I am have read the README instructions and the FAQ

Description

When I test the socks proxy using curl, I see it randomly fails:

curl -x socks5://user:password@localhost:8080 https://google.com -v

*   Trying 127.0.0.1:8080...
* TCP_NODELAY set
* SOCKS5 communication to google.com:443
* SOCKS5 connect to IPv4 *.*.*.*:443 (locally resolved)
* Can't complete SOCKS5 connection to *.*.*.*:443. (4)
* Closing connection 0
curl: (7) Can't complete SOCKS5 connection to *.*.*.*:443. (4)

Steps to Reproduce

Run curl command with -x option as said above a until it fails.

Expected behavior: [What you expected to happen]
No failure
Actual behavior: [What actually happened]
Connection errors

Environment

If you are using CLI, get the version and specify the full command you are using.

./awslambdaproxy --version
awslambdaproxy version 0.0.14
./awslambdaproxy run -r us-west-2,us-west-1,us-east-1,us-east-2,ca-central-1,eu-central-1,eu-west-1,eu-west-2,eu-west-3 -f 360s

Error Output

2020/11/21 15:12:42 tunnelconnection.go:125: 2 Unique Lambda IPs used so far
2020/11/21 15:12:42 tunnelconnection.go:126: ---------------
2020/11/21 15:13:01 tunnelconnection.go:196: Delayed cleanup now running for  127.0.0.1:57746
2020/11/21 15:13:01 tunnelconnection.go:200: Removing tunnel 127.0.0.1:57746
2020/11/21 15:13:01 tunnelconnection.go:171: error closing connection for connectionID=127.0.0.1:57746: close tcp 127.0.0.1:8081->127.0.0.1:57746: use of closed network connection
2020/11/21 15:18:40 lambdaexecution.go:54: Executing Lambda function in region us-east-1
2020/11/21 15:18:40 lambdaexecution.go:65: Setting invoke configuration maximumRetryAttempts=0 maximumEventAgeInSeconds=1800
2020/11/21 15:18:40 lambdaexecution.go:95: Invoking Lambda function with UUID=***
2020/11/21 15:18:41 tunnelconnection.go:81: Accepted tunnel connection from 127.0.0.1:38564
2020/11/21 15:18:41 tunnelconnection.go:89: Established session to 127.0.0.1:38564
2020/11/21 15:18:41 tunnelconnection.go:192: Tunnel '127.0.0.1:33912' that is being closed still has 916 open streams. Delaying cleanup for 20s.
2020/11/21 15:18:42 tunnelconnection.go:110: ---------------
2020/11/21 15:18:42 tunnelconnection.go:111: Current Lambda IP Address:  *.*.*.*
2020/11/21 15:18:42 tunnelconnection.go:112: Active Lambda tunnel count:  2
2020/11/21 15:18:42 tunnelconnection.go:115: Lambda Tunnel #1
2020/11/21 15:18:42 tunnelconnection.go:116: 	Connection ID: 127.0.0.1:38564
2020/11/21 15:18:42 tunnelconnection.go:117: 	Start Time: 2020-11-21T15:18:41
2020/11/21 15:18:42 tunnelconnection.go:118: 	Active Streams: 1
2020/11/21 15:18:42 tunnelconnection.go:115: Lambda Tunnel #2
2020/11/21 15:18:42 tunnelconnection.go:116: 	Connection ID: 127.0.0.1:33912
2020/11/21 15:18:42 tunnelconnection.go:117: 	Start Time: 2020-11-21T15:12:41
2020/11/21 15:18:42 tunnelconnection.go:118: 	Active Streams: 916
2020/11/21 15:18:42 tunnelconnection.go:125: 3 Unique Lambda IPs used so far
2020/11/21 15:18:42 tunnelconnection.go:126: ---------------
2020/11/21 15:19:01 tunnelconnection.go:196: Delayed cleanup now running for  127.0.0.1:33912
2020/11/21 15:19:01 tunnelconnection.go:200: Removing tunnel 127.0.0.1:33912
2020/11/21 15:19:01 tunnelconnection.go:171: error closing connection for connectionID=127.0.0.1:33912: close tcp 127.0.0.1:8081->127.0.0.1:33912: use of closed network connection
2020/11/21 15:24:40 lambdaexecution.go:54: Executing Lambda function in region us-east-2
2020/11/21 15:24:40 lambdaexecution.go:65: Setting invoke configuration maximumRetryAttempts=0 maximumEventAgeInSeconds=1800
2020/11/21 15:24:40 lambdaexecution.go:95: Invoking Lambda function with UUID=***
2020/11/21 15:24:41 tunnelconnection.go:192: Tunnel '127.0.0.1:38564' that is being closed still has 872 open streams. Delaying cleanup for 20s.
2020/11/21 15:24:42 tunnelconnection.go:81: Accepted tunnel connection from 127.0.0.1:42924
2020/11/21 15:24:42 tunnelconnection.go:89: Established session to 127.0.0.1:42924
2020/11/21 15:24:42 tunnelconnection.go:110: ---------------
2020/11/21 15:24:42 tunnelconnection.go:111: Current Lambda IP Address:  18.191.212.184
2020/11/21 15:24:42 tunnelconnection.go:112: Active Lambda tunnel count:  2
2020/11/21 15:24:42 tunnelconnection.go:115: Lambda Tunnel #1
2020/11/21 15:24:42 tunnelconnection.go:116: 	Connection ID: 127.0.0.1:42924
2020/11/21 15:24:42 tunnelconnection.go:117: 	Start Time: 2020-11-21T15:24:42
2020/11/21 15:24:42 tunnelconnection.go:118: 	Active Streams: 2
2020/11/21 15:24:42 tunnelconnection.go:115: Lambda Tunnel #2
2020/11/21 15:24:42 tunnelconnection.go:116: 	Connection ID: 127.0.0.1:38564
2020/11/21 15:24:42 tunnelconnection.go:117: 	Start Time: 2020-11-21T15:18:41
2020/11/21 15:24:42 tunnelconnection.go:118: 	Active Streams: 872
2020/11/21 15:24:42 tunnelconnection.go:125: 4 Unique Lambda IPs used so far
2020/11/21 15:24:42 tunnelconnection.go:126: ---------------
2020/11/21 15:25:01 tunnelconnection.go:49: Failed to accept user connection
2020/11/21 15:25:01 tunnelconnection.go:196: Delayed cleanup now running for  127.0.0.1:38564
2020/11/21 15:25:01 tunnelconnection.go:200: Removing tunnel 127.0.0.1:38564
2020/11/21 15:25:01 tunnelconnection.go:171: error closing connection for connectionID=127.0.0.1:38564: close tcp 127.0.0.1:8081->127.0.0.1:38564: use of closed network connection

Docker image

Hello I made a Docker image for awslambdaproxy with an OpenSSH server built in: https://github.com/unixfox/awslambdaproxy-docker

Would you like to integrate it into the official awslambdaproxy repository?

failed established tunnel on different vpc

Prerequisites

I am running the latest version of awslambdaproxy
I am have read the README instructions and the FAQ

Description

[Description of the issue]

Steps to Reproduce

created an ec2 under a specific vpc instead of default vpc
follow readme as specified

Expected behavior: [What you expected to happen]
2020/10/26 09:57:19 tunnelconnection.go:81: Accepted tunnel connection from 127.0.0.1:39214
2020/10/26 09:57:19 tunnelconnection.go:89: Established session to 127.0.0.1:39214
2020/10/26 09:57:20 tunnelconnection.go:110: ---------------
2020/10/26 09:57:20 tunnelconnection.go:111: Current Lambda IP Address: 13.229.136.52
2020/10/26 09:57:20 tunnelconnection.go:112: Active Lambda tunnel count: 1
2020/10/26 09:57:20 tunnelconnection.go:115: Lambda Tunnel #1
2020/10/26 09:57:20 tunnelconnection.go:116: Connection ID: 127.0.0.1:39214
2020/10/26 09:57:20 tunnelconnection.go:117: Start Time: 2020-10-26T09:57:19
2020/10/26 09:57:20 tunnelconnection.go:118: Active Streams: 1
2020/10/26 09:57:20 tunnelconnection.go:125: 1 Unique Lambda IPs used so far
2020/10/26 09:57:20 tunnelconnection.go:126: ---------------

Actual behavior: [What actually happened]
2020/10/26 10:04:34 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:04:35 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:04:36 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:04:37 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:04:38 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:04:39 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:04:40 tunnelconnection.go:235: Waiting for tunnel to be established..

Environment

If you are using CLI, get the version and specify the full command you are using.

./awslambdaproxy -v
awslambdaproxy version 0.0.14
./awslambdaproxy run -r ap-southeast-1

Error Output

INFO[0000] server has been configured with the following values  bypass= debug=false lambdaExecutionFrequency=14m20s lambdaIamRole=awslambdaproxy-role lambdaMemory=128 lambdaName=awslambdaproxy lambdaRegions="[ap-southeast-1]" lambdaTimeoutSeconds=890 proxyDebug=false proxyListeners="[admin:awslambdaproxy@:8080]" publicIPClient="http://checkip.amazonaws.com/" reverseTunnelSSHPort=22 reverseTunnelSSHUser=ec2-user
INFO[0000] setting up lambda infrastructure
2020/10/26 10:06:18 infrastructure.go:115: Setting up Lambda function in region: ap-southeast-1
INFO[0002] starting ssh tunnel manager
2020/10/26 10:06:19 ssh.go:93: Generated SSH key:  ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCvHO88vzF/xIgGG2B4ZCQYFQAGuz4A36IWRWpGOWcfYBwTBShxDD0aURs6yCMkFM3lPGEQ+4QTE5bvHA6n3X4RmIJMa449Q3PXdj6eMlJnm6/M1aJuftMyhjv9nuvS7we4yHWRkESEusxiXIMz/wqfmsPNyT76sZlf7lqL1zvENhe8/qCdQ9BVtTvwpvUpW0DkzRD3B4auGg0osQc8HTQ4NvfgzBDzlw(*deleted some of it)
2020/10/26 10:06:19 ssh.go:99: Added entry to authorized keys file  /home/ec2-user/.ssh/authorized_keys
INFO[0002] starting local proxy
INFO[0002] starting connection manager
2020/10/26 10:06:19 tunnelconnection.go:291: Started user listener on port 8082
2020/10/26 10:06:19 tunnelconnection.go:280: Started tunnel listener on port 8081
INFO[0002] starting lambda execution manager
INFO[0002] #######################################
INFO[0002] proxy ip address:  54.169.124.179
INFO[0002] listeners:  [admin:awslambdaproxy@:8080]
INFO[0002] #######################################
2020/10/26 10:06:19 lambdaexecution.go:34: Using public IP 54.169.124.179
2020/10/26 10:06:19 lambdaexecution.go:35: Lambda execution frequency 14m20s
2020/10/26 10:06:19 lambdaexecution.go:54: Executing Lambda function in region ap-southeast-1
2020/10/26 10:06:19 lambdaexecution.go:65: Setting invoke configuration maximumRetryAttempts=0 maximumEventAgeInSeconds=1800
2020/10/26 10:06:19 lambdaexecution.go:95: Invoking Lambda function with UUID=e4dc9ae5-1772-11eb-becb-06e7a13d5fbc
2020/10/26 10:06:20 gost.go:658: auto://:8080 on [::]:8080
2020/10/26 10:06:20 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:06:21 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:06:22 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:06:23 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:06:24 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:06:25 tunnelconnection.go:235: Waiting for tunnel to be established..
2020/10/26 10:06:26 tunnelconnection.go:235: Waiting for tunnel to be established..

im not fairly good with aws. but as i know for now.
i created an ec2 on a default vpc and run the command like readme it is working fine and i also got the result like what expected to happen at the top

but when i try to create an ec2 on another vpc it would not work
even when i have already open port 22 and 8080

fatal error: concurrent map writes

Prerequisites

[ yes ] I am running the latest version of awslambdaproxy
[ yes ] I am have read the README instructions and the FAQ

Description

I sent recursive 100 parallel requests and got panic error in 10 seconds.

Steps to Reproduce

Download or compile the awesome software
Run it (I used the next keys ./awslambdaproxy run -r us-west-2,us-west-1,us-east-1,us-east-2 -l "cL3Rjea6E:uQ06OWgdr@:8080" -m 512 -f 10m --debug)
Run 100 recursive, parallel requests
Wait up to 10 seconds

Expected behavior: [What you expected to happen]

I expect, that awslmbdaproxy will work

Actual behavior: [What actually happened]

I got panic error

Environment

awslambdaproxy 0.0.13 and 0.0.14
Linux service 4.19.0-8-amd64 #1 SMP Debian 4.19.98-1 (2020-01-26) x86_64 GNU/Linux

Error Output

Error log is too big. I've attached it.
awslambdaproxy.log

dan-v / awslambdaproxy Goto Github PK

awslambdaproxy's Introduction

NOTICE: This project is no longer being maintained

Overview

Features

Project status

How it works

Installation

Terraform

Manual

Minimal IAM Policies

Examples

FAQ

Contributors

Powered by

Build From Source

awslambdaproxy's People

Contributors

Stargazers

Watchers

Forkers

awslambdaproxy's Issues

Prerequisites

Description

Steps to Reproduce

Environment

Prerequisites

Description

Environment

The following is the modified code, it works well.

Prerequisites

Description

Steps to Reproduce

Environment

Error Output

Prerequisites

Description

Steps to Reproduce

Environment

Error Output

Prerequisites

Description

Steps to Reproduce

Environment

Error Output

Recommend Projects

Recommend Topics

Recommend Org