vrr/g3
2
0
Fork 0
mirror of https://github.com/bytedance/g3.git synced 2026-05-03 06:00:42 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

g3proxy: support PROXY Protocol V2 in PlainTcpPort/PlainTlsPort

Browse source
This commit is contained in:
Zhang Jingqiang 2023-07-27 17:52:56 +08:00
parent 1fd247de89
commit 7ad31f665b
21 changed files with 260 additions and 90 deletions
Download patch file Download diff file Expand all files Collapse all files

4
g3proxy/doc/configuration/servers/index.rst
View file

@ -127,6 +127,10 @@ ingress_network_filter
Set the network filter for clients.
The used client address will always be the real socket peer address for servers that support PROXY Protocol.
If a server is chained after a PROXY Protocol server, the used client address will be the one in the PROXY Protocol message.
**default**: not set
.. _conf_server_common_dst_host_filter_set:

28
g3proxy/doc/configuration/servers/plain_tcp_port.rst
View file

@ -19,3 +19,31 @@ server
Set name of the next server to send the accepted connections to.
The next server should be able to accept tcp connections.
proxy_protocol
--------------
**optional**, **type**: :ref:`proxy protocol version <conf_value_proxy_protocol_version>`
Set the version of PROXY protocol we use for incoming tcp connections.
If set, connections with no matched PROXY Protocol message will be dropped.
.. note:: The *ingress_network_filter* config option of this server will always applies to the real socket client address.
.. note:: We only support PROXY Protocol version 2 currently.
**default**: not set, which means PROXY protocol won't be used
.. versionadded:: 1.7.19
proxy_protocol_read_timeout
---------------------------
**optional**, **type**: :ref:`humanize duration <conf_value_humanize_duration>`
Set the timeout value before we read a complete PROXY Protocol message.
**default**: 5s
.. versionadded:: 1.7.19

30
g3proxy/doc/configuration/servers/plain_tls_port.rst
View file

@ -22,3 +22,33 @@ server
Set name of the next server to send the accepted connections to.
The next server should be able to accept tls connections.
proxy_protocol
--------------
**optional**, **type**: :ref:`proxy protocol version <conf_value_proxy_protocol_version>`
Set the version of PROXY protocol we use for incoming tcp connections.
If set, connections with no matched PROXY Protocol message will be dropped.
The TLS handshake with the client will happen after we receive the PROXY Protocol message.
.. note:: The *ingress_network_filter* config option of this server will always applies to the real socket client address.
.. note:: We only support PROXY Protocol version 2 currently.
**default**: not set, which means PROXY protocol won't be used
.. versionadded:: 1.7.19
proxy_protocol_read_timeout
---------------------------
**optional**, **type**: :ref:`humanize duration <conf_value_humanize_duration>`
Set the timeout value before we read a complete PROXY Protocol message.
**default**: 5s
.. versionadded:: 1.7.19