enhanced to be able to specify the service network for server-side peers

2024-12-05 18:24:42 +09:00 · 2024-12-05 18:24:42 +09:00 · e2d25cb53b
commit e2d25cb53b
parent cd5bbedc11
8 changed files with 181 additions and 100 deletions
--- a/client-ctl.go
+++ b/client-ctl.go
@ -30,6 +30,8 @@ type json_in_client_conn struct {

 type json_in_client_route struct {
 	ClientPeerAddr string `json:"client-peer-addr"`
+	ServerPeerNet string `json:"server-peer-net"` // allowed network in prefix notation
+	ServerPeerProto ROUTE_PROTO `json:"server-peer-proto"`
 }

 type json_out_client_conn_id struct {
@ -52,6 +54,8 @@ type json_out_client_route struct {
 	Id uint32 `json:"id"`
 	ClientPeerAddr string `json:"client-peer-addr"`
 	ServerPeerListenAddr string `json:"server-peer-listen-addr"`
+	ServerPeerNet string `json:"server-peer-net"`
+	ServerPeerProto ROUTE_PROTO `json:"server-peer-proto"`
 }

 type json_out_client_peer struct {
@ -123,6 +127,8 @@ func (ctl *client_ctl_client_conns) ServeHTTP(w http.ResponseWriter, req *http.R
 						Id: r.id,
 						ClientPeerAddr: r.peer_addr,
 						ServerPeerListenAddr: r.server_peer_listen_addr.String(),
+						ServerPeerNet: r.server_peer_net,
+						ServerPeerProto: r.server_peer_proto,
 					})
 				}
 				js = append(js, json_out_client_conn{
@ -233,6 +239,8 @@ func (ctl *client_ctl_client_conns_id) ServeHTTP(w http.ResponseWriter, req *htt
 					Id: r.id,
 					ClientPeerAddr: r.peer_addr,
 					ServerPeerListenAddr: r.server_peer_listen_addr.String(),
+					ServerPeerNet: r.server_peer_net,
+					ServerPeerProto: r.server_peer_proto,
 				})
 			}
 			js = &json_out_client_conn{
@ -309,6 +317,8 @@ func (ctl *client_ctl_client_conns_id_routes) ServeHTTP(w http.ResponseWriter, r
 					Id: r.id,
 					ClientPeerAddr: r.peer_addr,
 					ServerPeerListenAddr: r.server_peer_listen_addr.String(),
+					ServerPeerNet: r.server_peer_net,
+					ServerPeerProto: r.server_peer_proto,
 				})
 			}
 			cts.route_mtx.Unlock()
@ -326,7 +336,7 @@ func (ctl *client_ctl_client_conns_id_routes) ServeHTTP(w http.ResponseWriter, r
 				goto done
 			}

-			r, err = cts.AddNewClientRoute(jcr.ClientPeerAddr, ROUTE_PROTO_TCP) // TODO: configurable protocol
+			r, err = cts.AddNewClientRoute(jcr.ClientPeerAddr, jcr.ServerPeerNet, jcr.ServerPeerProto)
 			if err != nil {
 				status_code = http.StatusInternalServerError; w.WriteHeader(status_code)
 				if err = je.Encode(json_errmsg{Text: err.Error()}); err != nil { goto oops }
--- a/client.go
+++ b/client.go
@ -90,7 +90,8 @@ type ClientRoute struct {
 	id uint32
 	peer_addr string
 	server_peer_listen_addr *net.TCPAddr
-	proto ROUTE_PROTO
+	server_peer_net string
+	server_peer_proto ROUTE_PROTO

 	ptc_mtx        sync.Mutex
 	ptc_map        ClientPeerConnMap
@ -138,15 +139,16 @@ func (g *GuardedPacketStreamClient) Context() context.Context {
 }*/

 // --------------------------------------------------------------------
-func NewClientRoute(cts *ClientConn, id uint32, addr string, proto ROUTE_PROTO) *ClientRoute {
+func NewClientRoute(cts *ClientConn, id uint32, client_peer_addr string, server_peer_net string, server_peer_proto ROUTE_PROTO) *ClientRoute {
 	var r ClientRoute

 	r.cts = cts
 	r.id = id
 	r.ptc_map = make(ClientPeerConnMap)
 	r.ptc_cancel_map = make(ClientPeerCancelFuncMap)
-	r.proto = proto
-	r.peer_addr = addr
+	r.peer_addr = client_peer_addr // client-side peer
+	r.server_peer_net = server_peer_net // permitted network for server-side peer
+	r.server_peer_proto = server_peer_proto
 	r.stop_req.Store(false)
 	r.stop_chan = make(chan bool, 8)

@ -232,10 +234,14 @@ func (r *ClientRoute) RunTask(wg *sync.WaitGroup) {
 	// most useful works are triggered by ReportEvent() and done by ConnectToPeer()
 	defer wg.Done()

-	r.cts.cli.log.Write(r.cts.sid, LOG_DEBUG, "Sending route_start for route(%d,%s) to %s", r.id, r.peer_addr, r.cts.remote_addr)
-	err = r.cts.psc.Send(MakeRouteStartPacket(r.id, r.proto, r.peer_addr))
+	r.cts.cli.log.Write(r.cts.sid, LOG_DEBUG,
+		"Sending route_start for route(%d,%s,%v,%v) to %s",
+		r.id, r.peer_addr, r.server_peer_proto, r.server_peer_net, r.cts.remote_addr)
+	err = r.cts.psc.Send(MakeRouteStartPacket(r.id, r.server_peer_proto, r.peer_addr, r.server_peer_net))
 	if err != nil {
-		r.cts.cli.log.Write(r.cts.sid, LOG_DEBUG, "Failed to send route_start for route(%d,%s) to %s", r.id, r.peer_addr, r.cts.remote_addr)
+		r.cts.cli.log.Write(r.cts.sid, LOG_DEBUG,
+			"Failed to send route_start for route(%d,%s,%v,%v) to %s",
+			r.id, r.peer_addr, r.server_peer_proto, r.server_peer_net, r.cts.remote_addr)
 		goto done
 	}

@ -251,8 +257,10 @@ done:
 	r.ReqStop()
 	r.ptc_wg.Wait() // wait for all peer tasks are finished

-	r.cts.cli.log.Write(r.cts.sid, LOG_DEBUG, "Sending route_stop for route(%d,%s) to %s", r.id, r.peer_addr, r.cts.remote_addr)
-	r.cts.psc.Send(MakeRouteStopPacket(r.id, r.proto, r.peer_addr))
+	r.cts.cli.log.Write(r.cts.sid, LOG_DEBUG,
+		"Sending route_stop for route(%d,%s,%v,%v) to %s",
+		r.id, r.peer_addr, r.server_peer_proto, r.server_peer_net, r.cts.remote_addr)
+	r.cts.psc.Send(MakeRouteStopPacket(r.id, r.server_peer_proto, r.peer_addr, r.server_peer_net))

 	r.cts.RemoveClientRoute(r)
 }
@ -386,6 +394,7 @@ func (r *ClientRoute) ReportEvent(pts_id uint32, event_type PACKET_KIND, event_d
 					r.ReqStop()
 				} else {
 					r.server_peer_listen_addr = addr
+					r.server_peer_net = rd.ServiceNetStr
 				}
 			}

@ -520,7 +529,7 @@ func NewClientConn(c *Client, cfg *ClientConfig) *ClientConn {
 	return &cts
 }

-func (cts *ClientConn) AddNewClientRoute(addr string, proto ROUTE_PROTO) (*ClientRoute, error) {
+func (cts *ClientConn) AddNewClientRoute(addr string, server_peer_net string, proto ROUTE_PROTO) (*ClientRoute, error) {
 	var r *ClientRoute
 	var id uint32
 	var ok bool
@ -538,7 +547,7 @@ func (cts *ClientConn) AddNewClientRoute(addr string, proto ROUTE_PROTO) (*Clien
 	//	cts.route_mtx.Unlock()
 	//	return nil, fmt.Errorf("existent route id - %d", route_id)
 	//}
-	r = NewClientRoute(cts, id, addr, proto)
+	r = NewClientRoute(cts, id, addr, server_peer_net, proto)
 	cts.route_map[id] = r
 	cts.route_mtx.Unlock()

@ -634,7 +643,7 @@ func (cts *ClientConn) AddClientRoutes(peer_addrs []string) error {
 	var err error

 	for _, v = range peer_addrs {
-		_, err = cts.AddNewClientRoute(v, ROUTE_PROTO_TCP)
+		_, err = cts.AddNewClientRoute(v, "", ROUTE_PROTO_TCP)
 		if err != nil {
 			return fmt.Errorf("unable to add client route for %s - %s", v, err.Error())
 		}
--- a/cmd/main.go
+++ b/cmd/main.go
@ -9,6 +9,8 @@ import "hodu"
 import "io"
 import "os"
 import "os/signal"
+import "path/filepath"
+import "runtime"
 import "strings"
 import "sync"
 import "syscall"
@ -57,6 +59,9 @@ func (l* AppLogger) Write(id string, level hodu.LogLevel, fmtstr string, args ..
 	var hdr string
 	var msg string
 	var lid string
+	var caller_file string
+	var caller_line int
+	var caller_ok bool

 // TODO: do something with level
 	now = time.Now()
@ -70,6 +75,8 @@ func (l* AppLogger) Write(id string, level hodu.LogLevel, fmtstr string, args ..
 	hdr = fmt.Sprintf("%04d-%02d-%02d %02d:%02d:%02d %+03d%02d ",
 		now.Year(), now.Month(), now.Day(), now.Hour(), now.Minute(), now.Second(), off_h, off_m)

+	_, caller_file, caller_line, caller_ok = runtime.Caller(1)
+
 // TODO: add pid?
 	msg = fmt.Sprintf(fmtstr, args...)
 	if id == "" {
@ -80,6 +87,9 @@ func (l* AppLogger) Write(id string, level hodu.LogLevel, fmtstr string, args ..

 	l.mtx.Lock()
 	l.out.Write([]byte(hdr))
+	if caller_ok {
+		l.out.Write([]byte(fmt.Sprintf("[%s:%d] ", filepath.Base(caller_file), caller_line)))
+	}
 	if lid != "" { l.out.Write([]byte(lid)) }
 	l.out.Write([]byte(msg))
 	if msg[len(msg) - 1] != '\n' { l.out.Write([]byte("\n")) }
--- a/hodu.pb.go
+++ b/hodu.pb.go
@ -198,8 +198,8 @@ type RouteDesc struct {
 	unknownFields protoimpl.UnknownFields

 	RouteId       uint32      `protobuf:"varint,1,opt,name=RouteId,proto3" json:"RouteId,omitempty"`
-	Proto         ROUTE_PROTO `protobuf:"varint,2,opt,name=Proto,proto3,enum=ROUTE_PROTO" json:"Proto,omitempty"`
-	TargetAddrStr string      `protobuf:"bytes,3,opt,name=TargetAddrStr,proto3" json:"TargetAddrStr,omitempty"`
+	TargetAddrStr string      `protobuf:"bytes,2,opt,name=TargetAddrStr,proto3" json:"TargetAddrStr,omitempty"`
+	ServiceProto  ROUTE_PROTO `protobuf:"varint,3,opt,name=ServiceProto,proto3,enum=ROUTE_PROTO" json:"ServiceProto,omitempty"`
 	ServiceNetStr string      `protobuf:"bytes,4,opt,name=ServiceNetStr,proto3" json:"ServiceNetStr,omitempty"`
 }

@ -240,13 +240,6 @@ func (x *RouteDesc) GetRouteId() uint32 {
 	return 0
 }

-func (x *RouteDesc) GetProto() ROUTE_PROTO {
-	if x != nil {
-		return x.Proto
-	}
-	return ROUTE_PROTO_TCP
-}
-
 func (x *RouteDesc) GetTargetAddrStr() string {
 	if x != nil {
 		return x.TargetAddrStr
@ -254,6 +247,13 @@ func (x *RouteDesc) GetTargetAddrStr() string {
 	return ""
 }

+func (x *RouteDesc) GetServiceProto() ROUTE_PROTO {
+	if x != nil {
+		return x.ServiceProto
+	}
+	return ROUTE_PROTO_TCP
+}
+
 func (x *RouteDesc) GetServiceNetStr() string {
 	if x != nil {
 		return x.ServiceNetStr
@ -499,59 +499,60 @@ var file_hodu_proto_rawDesc = []byte{
 	0x53, 0x65, 0x65, 0x64, 0x12, 0x18, 0x0a, 0x07, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x18,
 	0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x07, 0x56, 0x65, 0x72, 0x73, 0x69, 0x6f, 0x6e, 0x12, 0x14,
 	0x0a, 0x05, 0x46, 0x6c, 0x61, 0x67, 0x73, 0x18, 0x02, 0x20, 0x01, 0x28, 0x04, 0x52, 0x05, 0x46,
-	0x6c, 0x61, 0x67, 0x73, 0x22, 0x95, 0x01, 0x0a, 0x09, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x44, 0x65,
+	0x6c, 0x61, 0x67, 0x73, 0x22, 0xa3, 0x01, 0x0a, 0x09, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x44, 0x65,
 	0x73, 0x63, 0x12, 0x18, 0x0a, 0x07, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x49, 0x64, 0x18, 0x01, 0x20,
-	0x01, 0x28, 0x0d, 0x52, 0x07, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x49, 0x64, 0x12, 0x22, 0x0a, 0x05,
-	0x50, 0x72, 0x6f, 0x74, 0x6f, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x0c, 0x2e, 0x52, 0x4f,
-	0x55, 0x54, 0x45, 0x5f, 0x50, 0x52, 0x4f, 0x54, 0x4f, 0x52, 0x05, 0x50, 0x72, 0x6f, 0x74, 0x6f,
-	0x12, 0x24, 0x0a, 0x0d, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x41, 0x64, 0x64, 0x72, 0x53, 0x74,
-	0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x41,
-	0x64, 0x64, 0x72, 0x53, 0x74, 0x72, 0x12, 0x24, 0x0a, 0x0d, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63,
-	0x65, 0x4e, 0x65, 0x74, 0x53, 0x74, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x53,
-	0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4e, 0x65, 0x74, 0x53, 0x74, 0x72, 0x22, 0x86, 0x01, 0x0a,
-	0x08, 0x50, 0x65, 0x65, 0x72, 0x44, 0x65, 0x73, 0x63, 0x12, 0x18, 0x0a, 0x07, 0x52, 0x6f, 0x75,
-	0x74, 0x65, 0x49, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x07, 0x52, 0x6f, 0x75, 0x74,
-	0x65, 0x49, 0x64, 0x12, 0x16, 0x0a, 0x06, 0x50, 0x65, 0x65, 0x72, 0x49, 0x64, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x0d, 0x52, 0x06, 0x50, 0x65, 0x65, 0x72, 0x49, 0x64, 0x12, 0x24, 0x0a, 0x0d, 0x52,
-	0x65, 0x6d, 0x6f, 0x74, 0x65, 0x41, 0x64, 0x64, 0x72, 0x53, 0x74, 0x72, 0x18, 0x03, 0x20, 0x01,
-	0x28, 0x09, 0x52, 0x0d, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x41, 0x64, 0x64, 0x72, 0x53, 0x74,
-	0x72, 0x12, 0x22, 0x0a, 0x0c, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x41, 0x64, 0x64, 0x72, 0x53, 0x74,
-	0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x41, 0x64,
-	0x64, 0x72, 0x53, 0x74, 0x72, 0x22, 0x50, 0x0a, 0x08, 0x50, 0x65, 0x65, 0x72, 0x44, 0x61, 0x74,
-	0x61, 0x12, 0x18, 0x0a, 0x07, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x49, 0x64, 0x18, 0x01, 0x20, 0x01,
-	0x28, 0x0d, 0x52, 0x07, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x49, 0x64, 0x12, 0x16, 0x0a, 0x06, 0x50,
-	0x65, 0x65, 0x72, 0x49, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x50, 0x65, 0x65,
-	0x72, 0x49, 0x64, 0x12, 0x12, 0x0a, 0x04, 0x44, 0x61, 0x74, 0x61, 0x18, 0x03, 0x20, 0x01, 0x28,
-	0x0c, 0x52, 0x04, 0x44, 0x61, 0x74, 0x61, 0x22, 0x95, 0x01, 0x0a, 0x06, 0x50, 0x61, 0x63, 0x6b,
-	0x65, 0x74, 0x12, 0x20, 0x0a, 0x04, 0x4b, 0x69, 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e,
-	0x32, 0x0c, 0x2e, 0x50, 0x41, 0x43, 0x4b, 0x45, 0x54, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x52, 0x04,
-	0x4b, 0x69, 0x6e, 0x64, 0x12, 0x22, 0x0a, 0x05, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x18, 0x02, 0x20,
-	0x01, 0x28, 0x0b, 0x32, 0x0a, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x44, 0x65, 0x73, 0x63, 0x48,
-	0x00, 0x52, 0x05, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x1f, 0x0a, 0x04, 0x50, 0x65, 0x65, 0x72,
-	0x18, 0x03, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x09, 0x2e, 0x50, 0x65, 0x65, 0x72, 0x44, 0x65, 0x73,
-	0x63, 0x48, 0x00, 0x52, 0x04, 0x50, 0x65, 0x65, 0x72, 0x12, 0x1f, 0x0a, 0x04, 0x44, 0x61, 0x74,
-	0x61, 0x18, 0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x09, 0x2e, 0x50, 0x65, 0x65, 0x72, 0x44, 0x61,
-	0x74, 0x61, 0x48, 0x00, 0x52, 0x04, 0x44, 0x61, 0x74, 0x61, 0x42, 0x03, 0x0a, 0x01, 0x55, 0x2a,
-	0x2a, 0x0a, 0x0b, 0x52, 0x4f, 0x55, 0x54, 0x45, 0x5f, 0x50, 0x52, 0x4f, 0x54, 0x4f, 0x12, 0x07,
-	0x0a, 0x03, 0x54, 0x43, 0x50, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x54, 0x43, 0x50, 0x34, 0x10,
-	0x01, 0x12, 0x08, 0x0a, 0x04, 0x54, 0x43, 0x50, 0x36, 0x10, 0x02, 0x2a, 0xb5, 0x01, 0x0a, 0x0b,
-	0x50, 0x41, 0x43, 0x4b, 0x45, 0x54, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x12, 0x0c, 0x0a, 0x08, 0x52,
-	0x45, 0x53, 0x45, 0x52, 0x56, 0x45, 0x44, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b, 0x52, 0x4f, 0x55,
-	0x54, 0x45, 0x5f, 0x53, 0x54, 0x41, 0x52, 0x54, 0x10, 0x01, 0x12, 0x0e, 0x0a, 0x0a, 0x52, 0x4f,
-	0x55, 0x54, 0x45, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x10, 0x02, 0x12, 0x11, 0x0a, 0x0d, 0x52, 0x4f,
-	0x55, 0x54, 0x45, 0x5f, 0x53, 0x54, 0x41, 0x52, 0x54, 0x45, 0x44, 0x10, 0x03, 0x12, 0x11, 0x0a,
-	0x0d, 0x52, 0x4f, 0x55, 0x54, 0x45, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x50, 0x45, 0x44, 0x10, 0x04,
-	0x12, 0x10, 0x0a, 0x0c, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x53, 0x54, 0x41, 0x52, 0x54, 0x45, 0x44,
-	0x10, 0x05, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x50,
-	0x45, 0x44, 0x10, 0x06, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x41, 0x42, 0x4f,
-	0x52, 0x54, 0x45, 0x44, 0x10, 0x07, 0x12, 0x0c, 0x0a, 0x08, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x45,
-	0x4f, 0x46, 0x10, 0x08, 0x12, 0x0d, 0x0a, 0x09, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x44, 0x41, 0x54,
-	0x41, 0x10, 0x09, 0x32, 0x49, 0x0a, 0x04, 0x48, 0x6f, 0x64, 0x75, 0x12, 0x19, 0x0a, 0x07, 0x47,
-	0x65, 0x74, 0x53, 0x65, 0x65, 0x64, 0x12, 0x05, 0x2e, 0x53, 0x65, 0x65, 0x64, 0x1a, 0x05, 0x2e,
-	0x53, 0x65, 0x65, 0x64, 0x22, 0x00, 0x12, 0x26, 0x0a, 0x0c, 0x50, 0x61, 0x63, 0x6b, 0x65, 0x74,
-	0x53, 0x74, 0x72, 0x65, 0x61, 0x6d, 0x12, 0x07, 0x2e, 0x50, 0x61, 0x63, 0x6b, 0x65, 0x74, 0x1a,
-	0x07, 0x2e, 0x50, 0x61, 0x63, 0x6b, 0x65, 0x74, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x42, 0x08,
-	0x5a, 0x06, 0x2e, 0x2f, 0x68, 0x6f, 0x64, 0x75, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
+	0x01, 0x28, 0x0d, 0x52, 0x07, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x49, 0x64, 0x12, 0x24, 0x0a, 0x0d,
+	0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x41, 0x64, 0x64, 0x72, 0x53, 0x74, 0x72, 0x18, 0x02, 0x20,
+	0x01, 0x28, 0x09, 0x52, 0x0d, 0x54, 0x61, 0x72, 0x67, 0x65, 0x74, 0x41, 0x64, 0x64, 0x72, 0x53,
+	0x74, 0x72, 0x12, 0x30, 0x0a, 0x0c, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x50, 0x72, 0x6f,
+	0x74, 0x6f, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x0c, 0x2e, 0x52, 0x4f, 0x55, 0x54, 0x45,
+	0x5f, 0x50, 0x52, 0x4f, 0x54, 0x4f, 0x52, 0x0c, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x50,
+	0x72, 0x6f, 0x74, 0x6f, 0x12, 0x24, 0x0a, 0x0d, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x4e,
+	0x65, 0x74, 0x53, 0x74, 0x72, 0x18, 0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0d, 0x53, 0x65, 0x72,
+	0x76, 0x69, 0x63, 0x65, 0x4e, 0x65, 0x74, 0x53, 0x74, 0x72, 0x22, 0x86, 0x01, 0x0a, 0x08, 0x50,
+	0x65, 0x65, 0x72, 0x44, 0x65, 0x73, 0x63, 0x12, 0x18, 0x0a, 0x07, 0x52, 0x6f, 0x75, 0x74, 0x65,
+	0x49, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x07, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x49,
+	0x64, 0x12, 0x16, 0x0a, 0x06, 0x50, 0x65, 0x65, 0x72, 0x49, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0d, 0x52, 0x06, 0x50, 0x65, 0x65, 0x72, 0x49, 0x64, 0x12, 0x24, 0x0a, 0x0d, 0x52, 0x65, 0x6d,
+	0x6f, 0x74, 0x65, 0x41, 0x64, 0x64, 0x72, 0x53, 0x74, 0x72, 0x18, 0x03, 0x20, 0x01, 0x28, 0x09,
+	0x52, 0x0d, 0x52, 0x65, 0x6d, 0x6f, 0x74, 0x65, 0x41, 0x64, 0x64, 0x72, 0x53, 0x74, 0x72, 0x12,
+	0x22, 0x0a, 0x0c, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x41, 0x64, 0x64, 0x72, 0x53, 0x74, 0x72, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x09, 0x52, 0x0c, 0x4c, 0x6f, 0x63, 0x61, 0x6c, 0x41, 0x64, 0x64, 0x72,
+	0x53, 0x74, 0x72, 0x22, 0x50, 0x0a, 0x08, 0x50, 0x65, 0x65, 0x72, 0x44, 0x61, 0x74, 0x61, 0x12,
+	0x18, 0x0a, 0x07, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x49, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0d,
+	0x52, 0x07, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x49, 0x64, 0x12, 0x16, 0x0a, 0x06, 0x50, 0x65, 0x65,
+	0x72, 0x49, 0x64, 0x18, 0x02, 0x20, 0x01, 0x28, 0x0d, 0x52, 0x06, 0x50, 0x65, 0x65, 0x72, 0x49,
+	0x64, 0x12, 0x12, 0x0a, 0x04, 0x44, 0x61, 0x74, 0x61, 0x18, 0x03, 0x20, 0x01, 0x28, 0x0c, 0x52,
+	0x04, 0x44, 0x61, 0x74, 0x61, 0x22, 0x95, 0x01, 0x0a, 0x06, 0x50, 0x61, 0x63, 0x6b, 0x65, 0x74,
+	0x12, 0x20, 0x0a, 0x04, 0x4b, 0x69, 0x6e, 0x64, 0x18, 0x01, 0x20, 0x01, 0x28, 0x0e, 0x32, 0x0c,
+	0x2e, 0x50, 0x41, 0x43, 0x4b, 0x45, 0x54, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x52, 0x04, 0x4b, 0x69,
+	0x6e, 0x64, 0x12, 0x22, 0x0a, 0x05, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x18, 0x02, 0x20, 0x01, 0x28,
+	0x0b, 0x32, 0x0a, 0x2e, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x44, 0x65, 0x73, 0x63, 0x48, 0x00, 0x52,
+	0x05, 0x52, 0x6f, 0x75, 0x74, 0x65, 0x12, 0x1f, 0x0a, 0x04, 0x50, 0x65, 0x65, 0x72, 0x18, 0x03,
+	0x20, 0x01, 0x28, 0x0b, 0x32, 0x09, 0x2e, 0x50, 0x65, 0x65, 0x72, 0x44, 0x65, 0x73, 0x63, 0x48,
+	0x00, 0x52, 0x04, 0x50, 0x65, 0x65, 0x72, 0x12, 0x1f, 0x0a, 0x04, 0x44, 0x61, 0x74, 0x61, 0x18,
+	0x04, 0x20, 0x01, 0x28, 0x0b, 0x32, 0x09, 0x2e, 0x50, 0x65, 0x65, 0x72, 0x44, 0x61, 0x74, 0x61,
+	0x48, 0x00, 0x52, 0x04, 0x44, 0x61, 0x74, 0x61, 0x42, 0x03, 0x0a, 0x01, 0x55, 0x2a, 0x2a, 0x0a,
+	0x0b, 0x52, 0x4f, 0x55, 0x54, 0x45, 0x5f, 0x50, 0x52, 0x4f, 0x54, 0x4f, 0x12, 0x07, 0x0a, 0x03,
+	0x54, 0x43, 0x50, 0x10, 0x00, 0x12, 0x08, 0x0a, 0x04, 0x54, 0x43, 0x50, 0x34, 0x10, 0x01, 0x12,
+	0x08, 0x0a, 0x04, 0x54, 0x43, 0x50, 0x36, 0x10, 0x02, 0x2a, 0xb5, 0x01, 0x0a, 0x0b, 0x50, 0x41,
+	0x43, 0x4b, 0x45, 0x54, 0x5f, 0x4b, 0x49, 0x4e, 0x44, 0x12, 0x0c, 0x0a, 0x08, 0x52, 0x45, 0x53,
+	0x45, 0x52, 0x56, 0x45, 0x44, 0x10, 0x00, 0x12, 0x0f, 0x0a, 0x0b, 0x52, 0x4f, 0x55, 0x54, 0x45,
+	0x5f, 0x53, 0x54, 0x41, 0x52, 0x54, 0x10, 0x01, 0x12, 0x0e, 0x0a, 0x0a, 0x52, 0x4f, 0x55, 0x54,
+	0x45, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x10, 0x02, 0x12, 0x11, 0x0a, 0x0d, 0x52, 0x4f, 0x55, 0x54,
+	0x45, 0x5f, 0x53, 0x54, 0x41, 0x52, 0x54, 0x45, 0x44, 0x10, 0x03, 0x12, 0x11, 0x0a, 0x0d, 0x52,
+	0x4f, 0x55, 0x54, 0x45, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x50, 0x45, 0x44, 0x10, 0x04, 0x12, 0x10,
+	0x0a, 0x0c, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x53, 0x54, 0x41, 0x52, 0x54, 0x45, 0x44, 0x10, 0x05,
+	0x12, 0x10, 0x0a, 0x0c, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x53, 0x54, 0x4f, 0x50, 0x50, 0x45, 0x44,
+	0x10, 0x06, 0x12, 0x10, 0x0a, 0x0c, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x41, 0x42, 0x4f, 0x52, 0x54,
+	0x45, 0x44, 0x10, 0x07, 0x12, 0x0c, 0x0a, 0x08, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x45, 0x4f, 0x46,
+	0x10, 0x08, 0x12, 0x0d, 0x0a, 0x09, 0x50, 0x45, 0x45, 0x52, 0x5f, 0x44, 0x41, 0x54, 0x41, 0x10,
+	0x09, 0x32, 0x49, 0x0a, 0x04, 0x48, 0x6f, 0x64, 0x75, 0x12, 0x19, 0x0a, 0x07, 0x47, 0x65, 0x74,
+	0x53, 0x65, 0x65, 0x64, 0x12, 0x05, 0x2e, 0x53, 0x65, 0x65, 0x64, 0x1a, 0x05, 0x2e, 0x53, 0x65,
+	0x65, 0x64, 0x22, 0x00, 0x12, 0x26, 0x0a, 0x0c, 0x50, 0x61, 0x63, 0x6b, 0x65, 0x74, 0x53, 0x74,
+	0x72, 0x65, 0x61, 0x6d, 0x12, 0x07, 0x2e, 0x50, 0x61, 0x63, 0x6b, 0x65, 0x74, 0x1a, 0x07, 0x2e,
+	0x50, 0x61, 0x63, 0x6b, 0x65, 0x74, 0x22, 0x00, 0x28, 0x01, 0x30, 0x01, 0x42, 0x08, 0x5a, 0x06,
+	0x2e, 0x2f, 0x68, 0x6f, 0x64, 0x75, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
 }

 var (
@ -578,7 +579,7 @@ var file_hodu_proto_goTypes = []any{
 	(*Packet)(nil),    // 6: Packet
 }
 var file_hodu_proto_depIdxs = []int32{
-	0, // 0: RouteDesc.Proto:type_name -> ROUTE_PROTO
+	0, // 0: RouteDesc.ServiceProto:type_name -> ROUTE_PROTO
 	1, // 1: Packet.Kind:type_name -> PACKET_KIND
 	3, // 2: Packet.Route:type_name -> RouteDesc
 	4, // 3: Packet.Peer:type_name -> PeerDesc
--- a/hodu.proto
+++ b/hodu.proto
@ -22,8 +22,8 @@ enum ROUTE_PROTO {

 message RouteDesc {
 	uint32      RouteId = 1;
-	ROUTE_PROTO Proto = 2; 
-	string      TargetAddrStr = 3;
+	string      TargetAddrStr = 2;
+	ROUTE_PROTO ServiceProto = 3;
 	string      ServiceNetStr = 4;
 };

--- a/packet.go
+++ b/packet.go
@ -1,27 +1,27 @@
 package hodu

-func MakeRouteStartPacket(route_id uint32, proto ROUTE_PROTO, addr string) *Packet {
+func MakeRouteStartPacket(route_id uint32, proto ROUTE_PROTO, addr string, svcnet string) *Packet {
 	return &Packet{
 		Kind: PACKET_KIND_ROUTE_START,
-		U: &Packet_Route{Route: &RouteDesc{RouteId: route_id, Proto: proto, TargetAddrStr: addr}}}
+		U: &Packet_Route{Route: &RouteDesc{RouteId: route_id, ServiceProto: proto, TargetAddrStr: addr, ServiceNetStr: svcnet}}}
 }

-func MakeRouteStopPacket(route_id uint32, proto ROUTE_PROTO, addr string) *Packet {
+func MakeRouteStopPacket(route_id uint32, proto ROUTE_PROTO, addr string, svcnet string) *Packet {
 	return &Packet{
 		Kind: PACKET_KIND_ROUTE_STOP,
-		U: &Packet_Route{Route: &RouteDesc{RouteId: route_id, Proto: proto, TargetAddrStr: addr}}}
+		U: &Packet_Route{Route: &RouteDesc{RouteId: route_id, ServiceProto: proto, TargetAddrStr: addr, ServiceNetStr: svcnet}}}
 }

-func MakeRouteStartedPacket(route_id uint32, proto ROUTE_PROTO, addr string) *Packet {
+func MakeRouteStartedPacket(route_id uint32, proto ROUTE_PROTO, addr string, svcnet string) *Packet {
 	// the connection from a peer to the server has been established
 	return &Packet{Kind: PACKET_KIND_ROUTE_STARTED,
-		U: &Packet_Route{Route: &RouteDesc{RouteId: route_id, Proto: proto, TargetAddrStr: addr}}}
+		U: &Packet_Route{Route: &RouteDesc{RouteId: route_id, ServiceProto: proto, TargetAddrStr: addr, ServiceNetStr: svcnet}}}
 }

-func MakeRouteStoppedPacket(route_id uint32, proto ROUTE_PROTO) *Packet {
+func MakeRouteStoppedPacket(route_id uint32, proto ROUTE_PROTO, addr string, svcnet string) *Packet {
 	// the connection from a peer to the server has been established
 	return &Packet{Kind: PACKET_KIND_ROUTE_STOPPED,
-		U: &Packet_Route{Route: &RouteDesc{RouteId: route_id, Proto: proto}}}
+		U: &Packet_Route{Route: &RouteDesc{RouteId: route_id, ServiceProto: proto, TargetAddrStr: addr, ServiceNetStr: svcnet}}}
 }

 func MakePeerStartedPacket(route_id uint32, peer_id uint32, remote_addr string, local_addr string) *Packet {
--- a/server-ctl.go
+++ b/server-ctl.go
@ -16,6 +16,8 @@ type json_out_server_route struct {
 	Id uint32 `json:"id"`
 	ClientPeerAddr string `json:"client-peer-addr"`
 	ServerPeerListenAddr string `json:"server-peer-listen-addr"`
+	ServerPeerNet string `json:"server-peer-net"`
+	ServerPeerProto ROUTE_PROTO `json:"server-peer-proto"`
 }

 // ------------------------------------
@ -57,6 +59,8 @@ func (ctl *server_ctl_server_conns) ServeHTTP(w http.ResponseWriter, req *http.R
 						Id: r.id,
 						ClientPeerAddr: r.ptc_addr,
 						ServerPeerListenAddr: r.svc_addr.String(),
+						ServerPeerNet: r.svc_permitted_net.String(),
+						ServerPeerProto: r.svc_proto,
 					})
 				}
 				js = append(js, json_out_server_conn{
@ -132,6 +136,8 @@ func (ctl *server_ctl_server_conns_id) ServeHTTP(w http.ResponseWriter, req *htt
 					Id: r.id,
 					ClientPeerAddr: r.ptc_addr,
 					ServerPeerListenAddr: r.svc_addr.String(),
+					ServerPeerNet: r.svc_permitted_net.String(),
+					ServerPeerProto: r.svc_proto,
 				})
 			}
 			js = &json_out_server_conn{
--- a/server.go
+++ b/server.go
@ -8,6 +8,7 @@ import "io"
 import "math/rand"
 import "net"
 import "net/http"
+import "net/netip"
 import "os"
 import "sync"
 import "sync/atomic"
@ -79,6 +80,9 @@ type ServerRoute struct {
 	cts        *ServerConn
 	l          *net.TCPListener
 	svc_addr   *net.TCPAddr // listening address
+	svc_permitted_net netip.Prefix
+	svc_proto   ROUTE_PROTO
+
 	ptc_addr    string
 	id          uint32

@ -119,21 +123,40 @@ func (g *GuardedPacketStreamServer) Context() context.Context {

 // ------------------------------------

-func NewServerRoute(cts *ServerConn, id uint32, proto ROUTE_PROTO, ptc_addr string) (*ServerRoute, error) {
+func NewServerRoute(cts *ServerConn, id uint32, proto ROUTE_PROTO, ptc_addr string, svc_permitted_net string) (*ServerRoute, error) {
 	var r ServerRoute
 	var l *net.TCPListener
 	var svcaddr *net.TCPAddr
+	var svcnet netip.Prefix
 	var err error

+	if svc_permitted_net != "" {
+		svcnet, err = netip.ParsePrefix(svc_permitted_net)
+		if err != nil {
+			return nil , err
+		}
+	}
+
 	l, svcaddr, err = cts.make_route_listener(id, proto)
 	if err != nil {
 		return nil, err
 	}

+	if svc_permitted_net == "" {
+		if svcaddr.IP.To4() != nil {
+			svcnet, _ = netip.ParsePrefix("0.0.0.0/0")
+		} else {
+			svcnet, _ = netip.ParsePrefix("::/0")
+		}
+	}
+
 	r.cts = cts
 	r.id = id
 	r.l = l
 	r.svc_addr = svcaddr
+	r.svc_permitted_net = svcnet
+	r.svc_proto = proto
+
 	r.ptc_addr = ptc_addr
 	r.pts_limit = PTS_LIMIT
 	r.pts_map = make(ServerPeerConnMap)
@ -186,6 +209,8 @@ func (r *ServerRoute) RunTask(wg *sync.WaitGroup) {
 	var err error
 	var conn *net.TCPConn
 	var pts *ServerPeerConn
+	var raddr *net.TCPAddr
+	var iaddr netip.Addr

 	defer wg.Done()

@ -200,12 +225,20 @@ func (r *ServerRoute) RunTask(wg *sync.WaitGroup) {
 			break
 		}

+		raddr = conn.RemoteAddr().(*net.TCPAddr)
+		iaddr, _ = netip.AddrFromSlice(raddr.IP)
+
+		if !r.svc_permitted_net.Contains(iaddr) {
+			r.cts.svr.log.Write(r.cts.sid, LOG_DEBUG, "Rejected server-side peer %s to route(%d) - allowed range %v", raddr.String(), r.id, r.svc_permitted_net)
+			conn.Close()
+		}
+
 		pts, err = r.AddNewServerPeerConn(conn)
 		if err != nil {
-			r.cts.svr.log.Write(r.cts.sid, LOG_ERROR, "Failed to add new server-side peer %s to route(%d) - %s", r.id, conn.RemoteAddr().String(), r.id, err.Error())
+			r.cts.svr.log.Write(r.cts.sid, LOG_ERROR, "Failed to add server-side peer %s to route(%d) - %s", r.id, raddr.String(), r.id, err.Error())
 			conn.Close()
 		} else {
-			r.cts.svr.log.Write(r.cts.sid, LOG_DEBUG, "Added new server-side peer %s to route(%d)", conn.RemoteAddr().String(), r.id)
+			r.cts.svr.log.Write(r.cts.sid, LOG_DEBUG, "Added server-side peer %s to route(%d)", raddr.String(), r.id)
 			r.pts_wg.Add(1)
 			go pts.RunTask(&r.pts_wg)
 		}
@ -239,7 +272,7 @@ func (r *ServerRoute) ReportEvent(pts_id uint32, event_type PACKET_KIND, event_d
 	spc, ok = r.pts_map[pts_id]
 	if !ok {
 		r.pts_mtx.Unlock()
-		return fmt.Errorf("non-existent peer id - %u", pts_id)
+		return fmt.Errorf("non-existent peer id - %d", pts_id)
 	}
 	r.pts_mtx.Unlock()

@ -286,7 +319,7 @@ func (cts *ServerConn) make_route_listener(id uint32, proto ROUTE_PROTO) (*net.T
 	return nil, nil, err
 }

-func (cts *ServerConn) AddNewServerRoute(route_id uint32, proto ROUTE_PROTO, ptc_addr string) (*ServerRoute, error) {
+func (cts *ServerConn) AddNewServerRoute(route_id uint32, proto ROUTE_PROTO, ptc_addr string, svc_permitted_net string) (*ServerRoute, error) {
 	var r *ServerRoute
 	var err error

@ -295,7 +328,7 @@ func (cts *ServerConn) AddNewServerRoute(route_id uint32, proto ROUTE_PROTO, ptc
 		cts.route_mtx.Unlock()
 		return nil, fmt.Errorf("existent route id - %d", route_id)
 	}
-	r, err = NewServerRoute(cts, route_id, proto, ptc_addr)
+	r, err = NewServerRoute(cts, route_id, proto, ptc_addr, svc_permitted_net)
 	if err != nil {
 		cts.route_mtx.Unlock()
 		return nil, err
@ -386,15 +419,21 @@ func (cts *ServerConn) receive_from_stream(wg *sync.WaitGroup) {
 				if ok {
 					var r *ServerRoute

-					r, err = cts.AddNewServerRoute(x.Route.RouteId, x.Route.Proto, x.Route.TargetAddrStr)
+					r, err = cts.AddNewServerRoute(x.Route.RouteId, x.Route.ServiceProto, x.Route.TargetAddrStr, x.Route.ServiceNetStr)
 					if err != nil {
-						cts.svr.log.Write(cts.sid, LOG_ERROR, "Failed to add route for client %s peer %s", cts.remote_addr, x.Route.TargetAddrStr)
+						cts.svr.log.Write(cts.sid, LOG_ERROR,
+							"Failed to add route(%d,%s) for %s",
+							x.Route.RouteId, x.Route.TargetAddrStr, cts.remote_addr, )
 					} else {
-						cts.svr.log.Write(cts.sid, LOG_INFO, "Added route(%d) for client %s peer %s to cts(%d)", r.id, cts.remote_addr, x.Route.TargetAddrStr, cts.id)
-						err = cts.pss.Send(MakeRouteStartedPacket(r.id, x.Route.Proto, r.svc_addr.String()))
+						cts.svr.log.Write(cts.sid, LOG_INFO,
+							"Added route(%d,%s,%s,%v,%v) for client %s to cts(%d)",
+							r.id, r.ptc_addr, r.svc_addr.String(), r.svc_proto, r.svc_permitted_net, cts.remote_addr, cts.id)
+						err = cts.pss.Send(MakeRouteStartedPacket(r.id, r.svc_proto, r.svc_addr.String(), r.svc_permitted_net.String()))
 						if err != nil {
 							r.ReqStop()
-							cts.svr.log.Write(cts.sid, LOG_ERROR, "Failed to inform client %s of route started for peer %s", cts.remote_addr, x.Route.TargetAddrStr)
+							cts.svr.log.Write(cts.sid, LOG_ERROR,
+								"Failed to send route_started event(%d,%s,%s,%s%v,%v) to client %s",
+								r.id, r.ptc_addr, r.svc_addr.String(), r.svc_proto, r.svc_permitted_net, cts.remote_addr)
 							goto done
 						}
 					}
@ -412,13 +451,19 @@ func (cts *ServerConn) receive_from_stream(wg *sync.WaitGroup) {

 					r, err = cts.RemoveServerRouteById(x.Route.RouteId)
 					if err != nil {
-						cts.svr.log.Write(cts.sid, LOG_ERROR, "Failed to delete route(%d) for client %s peer %s", x.Route.RouteId, cts.remote_addr, x.Route.TargetAddrStr)
+						cts.svr.log.Write(cts.sid, LOG_ERROR,
+							"Failed to delete route(%d,%s) for client %s",
+							x.Route.RouteId, x.Route.TargetAddrStr, cts.remote_addr)
 					} else {
-						cts.svr.log.Write(cts.sid, LOG_ERROR, "Deleted route(%d) for client %s peer %s", x.Route.RouteId, cts.remote_addr, x.Route.TargetAddrStr)
-						err = cts.pss.Send(MakeRouteStoppedPacket(x.Route.RouteId, x.Route.Proto))
+						cts.svr.log.Write(cts.sid, LOG_ERROR,
+							"Deleted route(%d,%s,%s,%v,%v) for client %s",
+							r.id, r.ptc_addr, r.svc_addr.String(), r.svc_proto, r.svc_permitted_net.String(), cts.remote_addr)
+						err = cts.pss.Send(MakeRouteStoppedPacket(r.id, r.svc_proto, r.ptc_addr, r.svc_permitted_net.String()))
 						if err != nil {
 							r.ReqStop()
-							cts.svr.log.Write(cts.sid, LOG_ERROR, "Failed to inform client %s of route(%d) stopped for peer %s", cts.remote_addr, x.Route.RouteId, x.Route.TargetAddrStr)
+							cts.svr.log.Write(cts.sid, LOG_ERROR,
+								"Failed to send route_stopped event(%d,%s,%s,%v.%v) to client %s",
+								r.id, r.ptc_addr, r.svc_addr.String(), r.svc_proto, r.svc_permitted_net.String(), cts.remote_addr)
 							goto done
 						}
 					}