Begin performing Stubby handshake inspection in the prod --> off-net direction.

For now, all prod --> off-net Stubby connections will be inspected, logged, and then accepted. Once we fill out the qbone.acl with acceptable on-net clients, we can begin enforcing the ACL by flipping the qbone_enforce_acl_for_on_net_clients flag.

This change includes a renaming of the enum QbonePacketProcessor::Direction::FROM_CLIENT to FROM_OFF_NETWORK along with several other replacements of peer --> on-net and client --> off-net. These values are in reference to the direction of the packets through the tunnel, *not* in reference to the client/server roles in the TCP connection being inspected through the tunnel.

For tracking the client/server roles in each TCP connection, a new QboneTcpHandshakeInspector::Party enum has been introduced to track which side of the TCP connection is currently being inspected.

gfe-relnote: n/a (QBONE-only change)
PiperOrigin-RevId: 284260144
Change-Id: I820fcbdd9b37620fa33afcd13d5e36d8a5cac90e
4 files changed
tree: 3f87f810825c9844fb7c8f78798ff1594d7fc4a5
  1. common/
  2. epoll_server/
  3. http2/
  4. quic/
  5. spdy/
  6. CONTRIBUTING.md
  7. LICENSE
  8. README.md
README.md

QUICHE

QUICHE (QUIC, Http/2, Etc) is Google‘s implementation of QUIC and related protocols. It powers Chromium as well as Google’s QUIC servers and some other projects.