From 5d4a361b4cdf70e724bed93028fcaa0448e95b2e Mon Sep 17 00:00:00 2001
From: Brad Fitzpatrick <bradfitz@tailscale.com>
Date: Tue, 26 Apr 2022 09:00:02 -0700
Subject: [PATCH] wgengine/netstack: close forwarded TCP connections when
 incoming TCP dies

Updates #4522

Change-Id: I31a430da422b1e5fab834a2a670cddf448889ee6
Signed-off-by: Brad Fitzpatrick <bradfitz@tailscale.com>
---
 wgengine/netstack/netstack.go | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/wgengine/netstack/netstack.go b/wgengine/netstack/netstack.go
index 852c2a720..8d48e6933 100644
--- a/wgengine/netstack/netstack.go
+++ b/wgengine/netstack/netstack.go
@@ -734,11 +734,15 @@ func (ns *Impl) forwardTCP(client *gonet.TCPConn, clientRemoteIP netaddr.IP, wq
 		_, err := io.Copy(client, server)
 		connClosed <- err
 	}()
-	err = <-connClosed
-	if err != nil {
-		ns.logf("proxy connection closed with error: %v", err)
+	select {
+	case err := <-connClosed:
+		if err != nil {
+			ns.logf("proxy connection closed with error: %v", err)
+		}
+		ns.logf("[v2] netstack: forwarder connection to %s closed", dialAddrStr)
+	case <-ctx.Done():
+		ns.logf("[v2] netstack: context done, closing TCP forward conn to %s", dialAddrStr)
 	}
-	ns.logf("[v2] netstack: forwarder connection to %s closed", dialAddrStr)
 }
 
 func (ns *Impl) acceptUDP(r *udp.ForwarderRequest) {