fixing duplicate port forwarding events and blocking node:forwarding SessionData events on ServerContext.Close()

Author: eriktate

lib/srv/ctx.go

@@ -842,12 +842,12 @@ func (c *ServerContext) reportStats(conn utils.Stater) {
 	// sessions are being recorded at the proxy (this would result in double
 	// events).
 	// Do not emit session data for git commands as they have their own events.
-	if c.GetServer().Component() == teleport.ComponentProxy ||
-		c.GetServer().Component() == teleport.ComponentForwardingGit {
+	component := c.GetServer().Component()
+	if component == teleport.ComponentProxy || component == teleport.ComponentForwardingGit {
 		return
 	}
 	if services.IsRecordAtProxy(c.SessionRecordingConfig.GetMode()) &&
-		c.GetServer().Component() == teleport.ComponentNode {
+		(component == teleport.ComponentNode || component == teleport.ComponentForwardingNode) {
 		return
 	}
 

lib/srv/forward/sshserver.go

@@ -1710,6 +1710,14 @@ func isTeleportEnv(varName string) bool {
 }
 
 func (s *Server) emitAuditEventWithLog(ctx context.Context, event apievents.AuditEvent) {
+	// avoid emitting duplicate port forward audit events when targeting and agent
+	if !s.targetServer.IsOpenSSHNode() {
+		switch event.GetType() {
+		case events.PortForwardEvent, events.PortForwardLocalEvent, events.PortForwardRemoteEvent, events.PortForwardRemoteConnEvent:
+			return
+		}
+	}
+
 	if err := s.EmitAuditEvent(ctx, event); err != nil {
 		s.logger.WarnContext(ctx, "Failed to emit event", "type", event.GetType(), "code", event.GetCode())
 	}