From 3fd3471799a30b1bb233f13c6916eb839888e640 Mon Sep 17 00:00:00 2001 From: Simon Ser Date: Thu, 26 Jan 2023 11:43:59 +0100 Subject: [PATCH] Silence connection errors by default Often times the connection-level errors clutter the logs, for instance with failed TLS handshakes or unknown hostname. --- cmd/tlstunnel/main.go | 4 ++++ server.go | 7 +++++-- 2 files changed, 9 insertions(+), 2 deletions(-) diff --git a/cmd/tlstunnel/main.go b/cmd/tlstunnel/main.go index 9a1ecc6..578cd11 100644 --- a/cmd/tlstunnel/main.go +++ b/cmd/tlstunnel/main.go @@ -17,6 +17,8 @@ import ( var ( configPath = "config" certDataPath = "" + + debug = false ) func newServer() (*tlstunnel.Server, error) { @@ -26,6 +28,7 @@ func newServer() (*tlstunnel.Server, error) { } srv := tlstunnel.NewServer() + srv.Debug = debug loggerCfg := zap.Config{ Level: zap.NewAtomicLevelAt(zap.InfoLevel), @@ -68,6 +71,7 @@ func bumpOpenedFileLimit() error { func main() { flag.StringVar(&configPath, "config", configPath, "path to configuration file") + flag.BoolVar(&debug, "debug", false, "enable debug logging") flag.Parse() if err := bumpOpenedFileLimit(); err != nil { diff --git a/server.go b/server.go index dfc99ca..2d1eab4 100644 --- a/server.go +++ b/server.go @@ -38,6 +38,7 @@ func newACMECache() *acmeCache { type Server struct { Listeners map[string]*Listener // indexed by listening address Frontends []*Frontend + Debug bool ManagedNames []string UnmanagedCerts []tls.Certificate @@ -256,8 +257,10 @@ func (ln *Listener) serve() error { } go func() { - if err := ln.handle(conn); err != nil { - log.Printf("listener %q: %v", ln.Address, err) + err := ln.handle(conn) + srv := ln.atomic.Load().(*listenerHandles).Server + if err != nil && srv.Debug { + log.Printf("listener %q: connection %q: %v", ln.Address, conn.RemoteAddr(), err) } }() }