Added max_connection_duration for tcp_proxy (#12495)

Commit Message: Added max_connection_duration for tcp_proxy
Additional Description: Added max_connection_duration for downstream connection. After reaching max_connection_duration the connection will be closed.
Risk Level:
Testing:
Docs Changes:
Release Notes:
includes partial fix to #12077

Signed-off-by: Manish Kumar <manish.kumar1@india.nec.com>

Mirrored from https://github.com/envoyproxy/envoy @ 84f538f1ddcb5c16d98627df8b5e8c38f0f26720

envoy/config/accesslog/v3/accesslog.proto

@@ -254,6 +254,7 @@ message ResponseFlagFilter {
         in: "UMSDR"
         in: "RFCF"
         in: "NFCF"
+        in: "DT"
       }
     }
   }];

envoy/config/accesslog/v4alpha/accesslog.proto

@@ -253,6 +253,7 @@ message ResponseFlagFilter {
         in: "UMSDR"
         in: "RFCF"
         in: "NFCF"
+        in: "DT"
       }
     }
   }];

envoy/data/accesslog/v3/accesslog.proto

@@ -186,7 +186,7 @@ message AccessLogCommon {
 }
 
 // Flags indicating occurrences during request/response processing.
-// [#next-free-field: 23]
+// [#next-free-field: 24]
 message ResponseFlags {
   option (udpa.annotations.versioning).previous_message_type =
       "envoy.data.accesslog.v2.ResponseFlags";
@@ -272,6 +272,9 @@ message ResponseFlags {
 
   // Indicates that a filter configuration is not available.
   bool no_filter_config_found = 22;
+
+  // Indicates that request or connection exceeded the downstream connection duration.
+  bool duration_timeout = 23;
 }
 
 // Properties of a negotiated TLS connection.

envoy/extensions/filters/network/tcp_proxy/v3/tcp_proxy.proto

@@ -22,7 +22,7 @@ option (udpa.annotations.file_status).package_version_status = ACTIVE;
 // TCP Proxy :ref:`configuration overview <config_network_filters_tcp_proxy>`.
 // [#extension: envoy.filters.network.tcp_proxy]
 
-// [#next-free-field: 13]
+// [#next-free-field: 14]
 message TcpProxy {
   option (udpa.annotations.versioning).previous_message_type =
       "envoy.config.filter.network.tcp_proxy.v2.TcpProxy";
@@ -134,4 +134,10 @@ message TcpProxy {
   // payloads over a shared HTTP/2 tunnel. If this message is absent, the payload
   // will be proxied upstream as per usual.
   TunnelingConfig tunneling_config = 12;
+
+  // The maximum duration of a connection. The duration is defined as the period since a connection
+  // was established. If not set, there is no max duration. When max_downstream_connection_duration
+  // is reached the connection will be closed. Duration must be at least 1ms.
+  google.protobuf.Duration max_downstream_connection_duration = 13
+      [(validate.rules).duration = {gte {nanos: 1000000}}];
 }

envoy/extensions/filters/network/tcp_proxy/v4alpha/tcp_proxy.proto

@@ -22,7 +22,7 @@ option (udpa.annotations.file_status).package_version_status = NEXT_MAJOR_VERSIO
 // TCP Proxy :ref:`configuration overview <config_network_filters_tcp_proxy>`.
 // [#extension: envoy.filters.network.tcp_proxy]
 
-// [#next-free-field: 13]
+// [#next-free-field: 14]
 message TcpProxy {
   option (udpa.annotations.versioning).previous_message_type =
       "envoy.extensions.filters.network.tcp_proxy.v3.TcpProxy";
@@ -134,4 +134,10 @@ message TcpProxy {
   // payloads over a shared HTTP/2 tunnel. If this message is absent, the payload
   // will be proxied upstream as per usual.
   TunnelingConfig tunneling_config = 12;
+
+  // The maximum duration of a connection. The duration is defined as the period since a connection
+  // was established. If not set, there is no max duration. When max_downstream_connection_duration
+  // is reached the connection will be closed. Duration must be at least 1ms.
+  google.protobuf.Duration max_downstream_connection_duration = 13
+      [(validate.rules).duration = {gte {nanos: 1000000}}];
 }