Skip to content

Enable obtaining source IP address if HAproxy is used

Deon George requested to merge leenooks/sbbs:master into master

Hey Rob, I use SBBS in a docker container, but if I choose to deploy it in a swarm - because of docker NAT, all src IP addresses are from the docker host. (Which affects DNS resolution and an IP source address logic - like current connections, ip blocking etc.

To get around this, I wanted to put SBBS behind HAproxy, and leverage HAproxys "Proxy Protocol" which supplies the source address (and some other info) in the first TCP frame.

There may be a use case where folks want to put HAproxy in front SBBS to enable another layout of IP rule processing.

This patch parses that first frame to pluck the source IP address out and use it. (Please forgive my C++ coding - its not a language I code in - so if you see a better way of doing things, please make those changes - I'll learn something new if you do.)

...deon

Edited by Deon George

Merge request reports

Loading