2 KiB
Table of Contents
This is code for a remote probe test component of Snowflake.
Overview
This is a probe test server to allow proxies to test their compatability with Snowflake. Right now the only type of test implemented is a compatability check for clients with symmetric NATs.
Running your own
The server uses TLS by default.
There is a --disable-tls option for testing purposes,
but you should use TLS in production.
To build the probe server, run
go build
Or alternatively:
cd .. # switch to the repo root directory or $(git rev-parse --show-toplevel)
docker build -t snowflake-probetest -f probetest/Dockerfile .
To deploy the probe server, first set the necessary env variables with
export HOSTNAMES=${YOUR HOSTNAMES}
export EMAIL=${YOUR EMAIL}
then run docker-compose up
Setting up a symmetric NAT configuration requires a few extra steps. After
upping the docker container, run
docker inspect snowflake-probetest
to find the subnet used by the probetest container. Then run
sudo iptables -L -t nat to find the POSTROUTING rules for the subnet.
It should look something like this:
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.19.0.0/16 anywhere
to modify this rule, execute the command
sudo iptables -t nat -R POSTROUTING $RULE_NUM -s 172.19.0.0/16 -j MASQUERADE --random
where RULE_NUM is the numbered rule corresponding to your docker container's subnet masquerade rule.
Afterwards, you should see the rule changed to be:
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.19.0.0/16 anywhere random