Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[HAPROXY] use $SOURCEIP instead of $PROXIED_SRCIP #361

Open
wants to merge 25 commits into
base: main
Choose a base branch
from
Open

[HAPROXY] use $SOURCEIP instead of $PROXIED_SRCIP #361

wants to merge 25 commits into from

Conversation

bazsi
Copy link
Member

@bazsi bazsi commented Nov 2, 2024

This is an incompatible change, but the old behaviour is rather confusing and difficult to use. The incompatiblity only
affects connections that are coming via a proxy. In that case $PROXIED_SRCIP and friends are not going to be set,
but $SOURCEIP, $DESTIP and $DESTPORT will be present instead.

@bazsi bazsi force-pushed the haproxy-use-sourceip-instead-of-proxied-srcip branch 2 times, most recently from cdfd3b6 to c2c1e8f Compare November 2, 2024 21:09
@bazsi bazsi mentioned this pull request Nov 8, 2024
Merged
@bazsi bazsi force-pushed the haproxy-use-sourceip-instead-of-proxied-srcip branch 3 times, most recently from 536951a to 58f020f Compare November 9, 2024 20:51
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Nov 9, 2024
edited
Loading

This Pull Request introduces config grammar changes

axoflow/9d25570002aaa3c97d7275d119270bd68a6b45d2 -> bazsi/haproxy-use-sourceip-instead-of-proxied-srcip

--- a/destination
+++ b/destination

 network(
     transport(
+        auto
     )
 )

 syslog(
     transport(
+        auto
     )
 )

--- a/source
+++ b/source

 network(
     transport(
+        auto
     )
 )

 syslog(
     transport(
+        auto
     )
 )

@bazsi bazsi force-pushed the haproxy-use-sourceip-instead-of-proxied-srcip branch from 58f020f to dff7494 Compare November 11, 2024 19:51
bazsi added 21 commits December 3, 2024 12:59
@bazsi
libtest: fixed LogTransportMock to not return bytes if the buffer siz…
19f1b12 
…e is 0

Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
logtransport: add read_ahead() method
0d59a96 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
transport: establish link between LogTransportStack and constituent L…
fbd003f 
…ogTransport instances

Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
transport: remove explicit stack argument from LogTransportAdapter
db7c174 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
transport-stack: add assertion to log_transport_stack_get_active()
0637d12 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
transport-stack: indicate failure in log_transport_stack_switch()
7a3a4a6 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
logproto: add LogProtoAutoServer implementation
95285f1 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
syslog: use rfc6587 style auto-detection when transport("auto") is se…
a68c3af 
…lected

Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
libtest: allow LogProtoServer instance to change during handshake
b0b3a49 
This is just the change in test code, which adds LogProtoServer ** arguments
to the handshake related functions, in order to allow
log_proto_server_handshake to change the LogProto instance.

Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
logreader: allow replacing LogProtoServer instances during handshake
ba0dac7 
This can be used to simplify LogProtoAutoServer.

Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
light: add testcase for framing auto detection
0c47635 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
news: updated news entry
61f4af0 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
tests/copyright: updated policy about new files
25d6834 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
logproto: rename prepare() methods to poll_prepare
05dd8b5 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
transport-tls: use OpenSSL BIOs to wrap the lower level LogTransport …
9a6e840 
…instance

Instead of going to the fd directly, wrap the lower-level LogTransport
instance into a BIO and use that. This implements proper stacking
for LogTransportTLS.

Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
transport-stack: add poll_prepare() methods for LogTransport and LogT…
bf0f358 
…ransportStack

Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
transport-stack: add LogTransportStack level read/write/writev methods
ff75c6e 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
transport-aux-data: add log_transport_aux_data_move()
4931b48 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
transport-stack: make it possible to add aux data from the LogTranspo…
b1a2df9 
…rtStack level

Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
logproto: call transport-stack level I/O methods
b5dba47 
Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi
transport-haproxy: use the normal $SOURCEIP, $DESTIP, $DESTPORT macros
9e581f9 
Instead of using proxy protocol specific name value pairs, set the
addresses in the message's saddr/daddr members.

This should be a lot faster and a lot easier to use.

Signed-off-by: Balazs Scheidler <[email protected]>
@bazsi bazsi force-pushed the haproxy-use-sourceip-instead-of-proxied-srcip branch from dff7494 to 672e0c2 Compare December 3, 2024 17:15
@bazsi bazsi force-pushed the haproxy-use-sourceip-instead-of-proxied-srcip branch from 672e0c2 to 1c9e896 Compare December 3, 2024 17:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@bazsi