Refactoring

costinm · Sep 30, 2021 · 6fce9f7 · 6fce9f7
1 parent 61a99db
commit 6fce9f7
Show file tree

Hide file tree

Showing 50 changed files with 1,240 additions and 645 deletions.
diff --git a/.run/hboned.run.xml b/.run/hboned.run.xml
@@ -0,0 +1,11 @@
+<component name="ProjectRunConfigurationManager">
+  <configuration default="false" name="hboned" type="GoApplicationRunConfiguration" factoryName="Go Application">
+    <module name="dmesh" />
+    <working_directory value="$PROJECT_DIR$/../ugate/cmd/hboned/testdata" />
+    <kind value="PACKAGE" />
+    <package value="github.com/costinm/ugate/cmd/hboned" />
+    <directory value="$USER_HOME$/work" />
+    <filePath value="$PROJECT_DIR$/../ugate/cmd/hboned/hboned.go" />
+    <method v="2" />
+  </configuration>
+</component>
diff --git a/.run/ugate-alice.run.xml b/.run/ugate-alice.run.xml
@@ -9,7 +9,7 @@
     </envs>
     <kind value="DIRECTORY" />
     <package value="github.com/costinm/ugate/cmd/ugate" />
-    <directory value="$PROJECT_DIR$/../ugate/cmd/ugatex/" />
+    <directory value="$PROJECT_DIR$/../ugate/cmd/ugate/" />
     <filePath value="$PROJECT_DIR$/../ugate/cmd/ugate/ugate.go" />
     <method v="2" />
   </configuration>

diff --git a/.run/ugate-bob.run.xml b/.run/ugate-bob.run.xml
@@ -9,7 +9,7 @@
     </envs>
     <kind value="DIRECTORY" />
     <package value="github.com/costinm/ugate/cmd/ugate" />
-    <directory value="$PROJECT_DIR$/../ugate/cmd/ugatex/" />
+    <directory value="$PROJECT_DIR$/../ugate/cmd/ugate/" />
     <filePath value="$PROJECT_DIR$/../ugate/cmd/ugate/ugate.go" />
     <method v="2" />
   </configuration>

diff --git a/cmd/hbone/hbone.go b/cmd/hbone/hbone.go
@@ -2,36 +2,32 @@ package main
 
 import (
 	"flag"
-	"io"
 	"log"
-	"net/http"
+	"net"
 	"os"
 
-	"github.com/costinm/ugate"
 	"github.com/costinm/ugate/pkg/auth"
 	"github.com/costinm/ugate/pkg/ugatesvc"
 )
 
 
 var (
-	// WIP:
-	//	port = flag.Int("l", 0, "local port")
-	//debugPort = flag.Int("d", 0, "debug/status port")
+	port = flag.String("l", "", "local port")
+	tls = flag.Bool("s", false, "mTLS over hbone")
 )
 
 
-
-var hc *http.Client
-
 // Create a HBONE tunnel to a given URL.
 //
-// Current client is authenticated for HBONE using local credentials, or a kube.json file.
-// If no kube.json is found, one will be generated.
+// Current client is authenticated for HBONE using local credentials,
+// or a kube.json file. If no certs or kube.json is found, one will be generated.
 //
 // Example:
 // ssh -v -o ProxyCommand='hbone https://c1.webinf.info:443/dm/PZ5LWHIYFLSUZB7VHNAMGJICH7YVRU2CNFRT4TXFFQSXEITCJUCQ:22'  root@PZ5LWHIYFLSUZB7VHNAMGJICH7YVRU2CNFRT4TXFFQSXEITCJUCQ
+// ssh -v -o ProxyCommand='hbone https://%h:443/hbone/:22' [email protected]
+//
+// Note that SSH is converting %h to lowercase - the ID must be in this form
 //
-// Bug: %h:%p doesn't work, ssh uses lower case and confuses the map.
 func main() {
 	flag.Parse()
 
@@ -40,47 +36,34 @@ func main() {
 
 	ug := ugatesvc.New(config, authz, nil)
 
-	hc = &http.Client{
-		Transport: ug,
-	}
-
 	if len(flag.Args()) == 0 {
 		log.Fatal("Expecting URL")
 	}
 	url := flag.Arg(0)
-	err := Netcat(ug, url)
-	if err != nil {
-		log.Fatal(err)
-	}
-}
 
-// Netcat copies stdin/stdout to a HBONE stream.
-func Netcat(ug *ugatesvc.UGate, s string) error {
-	i, o := io.Pipe()
-	r, _ := http.NewRequest("POST", s, i)
-	res, err := ug.RoundTrip(r)
-	if err != nil {
-		return err
-	}
-	nc := ugate.NewStreamRequestOut(r, o, res, nil)
-	go func() {
-		b1 := make([]byte, 1024)
+	if *port != "" {
+		l, err := net.Listen("tcp", *port)
+		if err != nil {
+			panic(err)
+		}
 		for {
-			n, err := nc.Read(b1)
+			a, err := l.Accept()
 			if err != nil {
-				log.Fatal("Tun read err", err)
+				panic(err)
 			}
-			os.Stdout.Write(b1[0:n])
-		}
-	}()
-	b1 := make([]byte, 1024)
-	for {
-		n, err := os.Stdin.Read(b1)
-		if err != nil {
-			return err
+			go func() {
+				err := ugatesvc.HboneCat(ug, url, *tls, a, a)
+				if err != nil {
+					log.Println(err)
+				}
+			}()
 		}
-		nc.Write(b1[0:n])
 	}
-	return nil
+
+	err := ugatesvc.HboneCat(ug, url, *tls, os.Stdin, os.Stdout)
+	if err != nil {
+		log.Fatal(err)
+	}
 }
 
+
diff --git a/cmd/hboned/hboned.go b/cmd/hboned/hboned.go
@@ -0,0 +1,74 @@
+package main
+
+import (
+	"fmt"
+
+	"github.com/costinm/ugate"
+	"github.com/costinm/ugate/pkg/iptables"
+	"github.com/costinm/ugate/pkg/socks"
+	"github.com/costinm/ugate/pkg/ugatesvc"
+)
+
+
+//
+// WIP:
+// - Listens as H2C, using certs generated by krun
+// - Forwards /hbone/PORT to port
+// - Handles /hbone/mtls as mtls and forwards to 8080 as H2C
+// - intercepts egress with iptables, forwards to a gate.
+//
+func main() {
+	config := ugatesvc.NewConf(".", "./var/lib/dmesh",
+		"./var/run/secrets/istio.io", "/var/run/secrets/istio.io")
+
+	cfg := &ugate.GateCfg{
+		BasePort: 14000,
+	}
+
+	// Start a Gate. Basic H2 and H2R services enabled.
+	ug := ugatesvc.New(config, nil, cfg)
+
+	// Inbound path
+	// TODO: create reverse tunnel to ugate
+	// go ug.H2Handler.UpdateReverseAccept()
+
+	// Ingress using H2C, for example in CloudRun.
+	btscAddr := fmt.Sprintf("0.0.0.0:%d", cfg.BasePort+ugate.PORT_BTSC)
+	ug.StartListener(&ugate.Listener{
+		Address:  btscAddr,
+		Protocol: ugate.ProtoBTSC,
+	})
+
+	// WIP: egress side
+	// capture using iptables, socks, port
+	go iptables.IptablesCapture(ug, fmt.Sprintf("0.0.0.0:%d", cfg.BasePort + 1), false)
+	go iptables.IptablesCapture(ug, fmt.Sprintf("0.0.0.0:%d", cfg.BasePort + 6), true)
+	socks.New(ug)
+	ug.Config.Listeners[":10001"] = &ugate.Listener {
+		ForwardTo: "localhost:5201",
+	}
+	ug.Config.Listeners[":10002"] = &ugate.Listener {
+		ForwardTo: "localhost:8080",
+	}
+
+	//
+	// TODO: get out endpoints using a metadata server ( backed by pilot-agent )
+	// or XDS.
+	// TODO: configure an multi-network gateway, with SNI or BTS
+
+	// VIPs for iptables capture test. Redirect to local host, to bench
+	// 1-hop iptables capture, in TCP mode
+	ug.Config.Routes["10.1.1.2:8080"] = &ugate.Route {
+		ForwardTo: "localhost:8080",
+	}
+	ug.Config.Routes[":8081"] = &ugate.Route {
+		ForwardTo: "localhost:8080",
+	}
+	ug.Config.Routes["10.1.1.3:5201"] = &ugate.Route {
+		ForwardTo: "localhost:5201",
+	}
+
+	ug.Start()
+
+	select {}
+}
diff --git a/cmd/ugate/go.mod b/cmd/ugate/go.mod
@@ -10,6 +10,8 @@ replace github.com/costinm/ugate/ext/bootstrap => ../../ext/bootstrap
 
 replace github.com/costinm/ugate/ext/quic => ../../ext/quic
 
+replace github.com/costinm/ugate/ext/h2r => ../../ext/h2r
+
 replace github.com/costinm/ugate/ext/ssh => ../../ext/ssh
 
 require (

diff --git a/cmd/ugate/go.sum b/cmd/ugate/go.sum
@@ -125,6 +125,7 @@ github.com/google/martian v2.1.0+incompatible h1:/CP5g8u/VJHijgedC/Legn3BAbAaWPg
 github.com/google/martian v2.1.0+incompatible/go.mod h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
 github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57 h1:eqyIo2HjKhKe/mJzTG8n4VqvLXIOEG+SLdDqX7xGtkY=
 github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
+github.com/google/uuid v1.1.2 h1:EVhdT+1Kseyi1/pUmXKaFxYsDNy9RQYkMWRH68J/W7Y=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.1.5/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.2.0 h1:qJYtXnJRWmpe7m/3XlyhrsLrEURqHRM2kxzoxXqyUDs=
@@ -189,16 +190,19 @@ github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86 h1:D6paGObi5Wu
 github.com/neelance/astrewrite v0.0.0-20160511093645-99348263ae86/go.mod h1:kHJEU3ofeGjhHklVoIGuVj85JJwZ6kWPaJwCIxgnFmo=
 github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab h1:eFXv9Nu1lGbrNbj619aWwZfVF5HBrm9Plte8aNptuTI=
 github.com/neelance/sourcemap v0.0.0-20151028013722-8c68805598ab/go.mod h1:Qr6/a/Q4r9LP1IltGz7tA7iOK1WonHEYhu1HRBA7ZiM=
+github.com/nxadm/tail v1.4.4 h1:DQuhQpB1tVlglWS2hLQ5OV6B5r8aGxSrPc5Qo6uTN78=
 github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
 github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
 github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
 github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
 github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
+github.com/onsi/ginkgo v1.14.0 h1:2mOpI4JVVPBN+WQRa0WKH2eXR+Ey+uK4n7Zj0aYpIQA=
 github.com/onsi/ginkgo v1.14.0/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
 github.com/onsi/ginkgo v1.14.2/go.mod h1:iSB4RoI2tjJc9BBv4NKIKWKya62Rps+oPG/Lv9klQyY=
 github.com/onsi/ginkgo v1.16.1 h1:foqVmeWDD6yYpK+Yz3fHyNIxFYNxswxqNFjSKe+vI54=
 github.com/onsi/ginkgo v1.16.1/go.mod h1:CObGmKUOKaSC0RjmoAK7tKyn4Azo5P2IWuoMnvwxz1E=
 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
+github.com/onsi/gomega v1.10.1 h1:o0+MgICZLuZ7xjH7Vx6zS/zcu93/BEp1VwkIW1mEXCE=
 github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
 github.com/onsi/gomega v1.10.3/go.mod h1:V9xEwhxec5O8UDM77eCW8vLymOMltsqPVYWrpDsH8xc=
 github.com/onsi/gomega v1.11.0 h1:+CqWgvj0OZycCaqclBD1pxKHAU+tOkHmQIWvDHq2aug=
@@ -256,6 +260,7 @@ github.com/pion/udp v0.1.1/go.mod h1:6AFo+CMdKQm7UiA0eUPA8/eVCTx8jBIITLZHc9DWX5M
 github.com/pion/webrtc/v3 v3.0.8/go.mod h1:C5uzSMa9sGCtfVPLA+pB0eWoW/exZ0OV0KW7JJbkvp0=
 github.com/pion/webrtc/v3 v3.0.25 h1:AOsku4YIegyrGD6CQFDDGvNeS1p8KnwWlnDWaY3yTTM=
 github.com/pion/webrtc/v3 v3.0.25/go.mod h1:Qx9zd4xvIeFTN1hygyJ77XVi/YbElyjVitL6KyCEIpE=
+github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@@ -330,6 +335,7 @@ github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+github.com/stretchr/testify v1.5.1 h1:nOGnQDM7FYENwehXlg/kFVnos3rEvtKTjRvOWSzb6H4=
 github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
 github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
@@ -354,6 +360,7 @@ golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20190313024323-a1f597ede03a/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200221231518-2aa609cf4a9d/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9 h1:psW17arqaxU48Z5kZ0CQnkZWQJsqcURM6tKiBApRjXI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201016220609-9e8e0b390897/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/crypto v0.0.0-20201221181555-eec23a3978ad/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
@@ -369,6 +376,7 @@ golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTk
 golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3 h1:XQyxROzUlZH+WIQwySDgnISgOivlhjIEwaQaJEJrrN0=
 golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
+golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5 h1:2M3HP5CCK1Si9FQhwnzYhXdG6DXeebvUHFpre8QvbyI=
 golang.org/x/lint v0.0.0-20201208152925-83fdc39ff7b5/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
 golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
@@ -481,6 +489,7 @@ golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roY
 golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
 golang.org/x/tools v0.0.0-20210106214847-113979e3529a h1:CB3a9Nez8M13wwlr/E2YtwoU+qYHKfC+JrDa45RXXoQ=
 golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
+golang.org/x/tools v0.1.0 h1:po9/4sTYwZU9lPhi1tOrb4hCv3qrhiQ77LZfGa2OjwY=
 golang.org/x/tools v0.1.0/go.mod h1:xkSsbof2nBLbhDlRMhhhyNLN/zl3eTqcnHD5viDpcZ0=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
@@ -529,6 +538,7 @@ google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp0
 google.golang.org/protobuf v1.26.0 h1:bxAC2xTBsZGibn2RTntX0oH50xLsqy1OxA9tTL3p/lk=
 google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY=
 gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15 h1:YR8cESwS4TdDjEe65xsg0ogRM/Nc3DYOhEAlW+xobZo=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -541,6 +551,7 @@ gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWD
 gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
 gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
 gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=

diff --git a/cmd/ugate/ugate_test.go b/cmd/ugate/ugate_test.go
@@ -18,7 +18,7 @@ func TestFull(t *testing.T) {
 	if err != nil {
 		t.Fatal(err)
 	}
-	alice.Add(&ugate.Listener{
+	alice.StartListener(&ugate.Route{
 		Address:   fmt.Sprintf("0.0.0.0:%d", 14011),
 		Protocol:  "tls",
 		Handler:   &ugatesvc.EchoHandler{},
@@ -29,7 +29,7 @@ func TestFull(t *testing.T) {
 	bob, err := Run(config, &ugate.GateCfg{
 		BasePort: 14100,
 	})
-	bob.Add(&ugate.Listener{
+	bob.StartListener(&ugate.Route{
 		Address:   fmt.Sprintf("0.0.0.0:%d", 14111),
 		Protocol:  "tls",
 		Handler:   &ugatesvc.EchoHandler{},

diff --git a/cmd/ugatemin/ugatemin.go b/cmd/ugatemin/ugatemin.go
@@ -35,7 +35,7 @@ func main() {
 	}
 
 	// direct TCP connect to local iperf3 and fortio (or HTTP on default port)
-	ug.Add(&ugate.Listener{
+	ug.StartListener(&ugate.Route{
 		Address: ":12011",
 		ForwardTo: "localhost:5201",
 	})

diff --git a/dns/dns.go b/dns/dns.go
@@ -297,11 +297,11 @@ func (s *DmDns) DNSOverTCP(in io.ReadCloser, out io.Writer) error {
 //
 // Wrapps the real process method with stats gathering and builds a reverse map of IP to names
 func (s *DmDns) Process(req *dns.Msg) *dns.Msg {
-	//ClientMetrics.Total.Add(1)
+	//ClientMetrics.Total.StartListener(1)
 	if len(req.Question) == 0 {
 		m := new(dns.Msg)
 		m.SetRcode(req, dns.RcodeServerFailure)
-		//ClientMetrics.Errors.Add(1)
+		//ClientMetrics.Errors.StartListener(1)
 		return m
 	}
 
@@ -341,12 +341,12 @@ func (s *DmDns) Process(req *dns.Msg) *dns.Msg {
 		if d > 1*time.Second {
 			log.Println("DNS: ", req.Question[0].Name, d, res.Answer)
 		}
-		//ClientMetrics.Latency.Add(time.Since(t0).Seconds())
+		//ClientMetrics.Latency.StartListener(time.Since(t0).Seconds())
 	}
 	if res == nil {
 		m := new(dns.Msg)
 		m.SetRcode(req, dns.RcodeServerFailure)
-		//ClientMetrics.Errors.Add(1)
+		//ClientMetrics.Errors.StartListener(1)
 		return res
 	}
 
@@ -428,7 +428,7 @@ func (s *DmDns) process(req *dns.Msg) *dns.Msg {
 	}
 
 	//log.Printf("DNSE: '%s' %v", name, err)
-	//ClientMetrics.Errors.Add(1)
+	//ClientMetrics.Errors.StartListener(1)
 
 	m := new(dns.Msg)
 	m.SetRcode(req, dns.RcodeServerFailure)