Replies: 1 comment
-
I understand there is no version negociation, so the protocol version needs to be specified in the configuration, so instead it'd be something like |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Splitting from #482
Ok, there actually is a library that implements it (https://github.com/kosmas-valianos/libproxyprotocol).
I guess it could be useful to have:
protocols
section:that way the downstream process is aware of the client IP.
listen
section:Here we'd have a "raw" connection on port 443, while 444 would expect a proxy_protocol header. This would change sslh's behaviour in two ways:
It might also be possible to use the client IP connection as transparent proxy source IP for downstream connections that wouldn't support proxy_protocol, but I'm not sure.
Beta Was this translation helpful? Give feedback.
All reactions