fix aws-samples#45 Allowing localproxy source port exposure via docker

Motivation: To forward traffic from the host machine to the docker container, we need to expose the listening port, and bind the localproxy listener to 0.0.0.0 address since "localhost" address is only accessible from within the container. Modification: Updated the instructions to use the correct localproxy option to bind to 0.0.0.0 if the user needs to access localproxy from outside the container, And updated the docker-run.sh script to accept a port as an argument. Test: 1. Ran the localproxy using docker, confirmed it's binding to 0.0.0.0 and that I can SSH from outside the container (the host). 2. Ran the localproxy natively, confirmed it's binding to localhost and that I can SSH from the host.
charley-zhu · May 24, 2021 · c4d25d9 · c4d25d9
1 parent df23ee5
commit c4d25d9
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 3 deletions.
diff --git a/README.md b/README.md
@@ -23,7 +23,7 @@ This code enables tunneling of a single threaded TCP client / server socket inte
 `./docker-build.sh`
 
 After the Docker build completes, run `./docker-run.sh` to open a shell inside the container created in the
-previous step. Here you can find both the `localproxy` and `localproxytest` binaries.
+previous step, or you can run `./docker-run.sh -p <port_number>` to expose a port from the docker container. Here you can find both the `localproxy` and `localproxytest` binaries. Note that when the localproxy runs in source mode, it binds by default to `localhost`, If you want to access the localproxy from outside the container, make sure to use the option `-b 0.0.0.0` when you run the localproxy from the container so that it binds to `0.0.0.0` since `localhost` can not be access from outside the container.
 
 ---
 
@@ -511,4 +511,4 @@ If the tunnel multi-port feature is enabled, multiplexed tunnels have the same b
 There are limits on the maximum streams that can be multiplexed on a tunnel connection. This limit is mentioned in [AWS public doc](https://docs.aws.amazon.com/general/latest/gr/iot_device_management.html) section **AWS IoT Secure Tunneling**, row _Maximum services per tunnel_. If you need this limit increased, please reach out to AWS support and ask for a limit increase.	
 
 #### Load balancing in multiplexed streams  
-If more than one stream is transferred at the same time, local proxy will not load balance between these streams. If you have one stream that is dominating the bandwidth, the other streams sharing the same tunnel connection may see latency of data packet delivery. 
+If more than one stream is transferred at the same time, local proxy will not load balance between these streams. If you have one stream that is dominating the bandwidth, the other streams sharing the same tunnel connection may see latency of data packet delivery. 
diff --git a/docker-run.sh b/docker-run.sh
@@ -1,3 +1,16 @@
 #!/bin/bash
 
-docker run --name localproxy --rm -it aws-iot-securetunneling-localproxy:latest bash
+while getopts p: flag
+do
+    case "${flag}" in
+        p) port=${OPTARG};;
+    esac
+done
+
+if [ -z $port ]; then
+	docker run --name localproxy --rm -it aws-iot-securetunneling-localproxy:latest bash;
+else
+	echo Running the container with exposed port: $port
+	docker run --name localproxy --expose=$port -p $port:$port --rm -it aws-iot-securetunneling-localproxy:latest bash;
+fi
+