astelm/telemt
1
0
Fork 0
mirror of https://github.com/telemt/telemt.git synced 2026-04-15 01:24:09 +03:00
Code Issues Packages Projects Releases Wiki Activity

feat: add mask_proxy_protocol option for PROXY protocol to mask_host

Browse Source 
Adds mask_proxy_protocol config option (0 = off, 1 = v1 text, 2 = v2 binary)
that sends a PROXY protocol header when connecting to mask_host. This lets
the backend see the real client IP address.

Particularly useful when the masking site (nginx/HAProxy) runs on the same
host as telemt and listens on a local port — without this, the backend loses
the original client IP entirely.

PROXY protocol header is also sent during TLS emulation fetches so that
backends with proxy_protocol required don't reject the connection.
This commit is contained in:
ivulit
2026-02-26 13:36:33 +03:00
parent 7ead0cd753
commit da684b11fe
7 changed files with 83 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/proxy/client.rs
View File

@@ -143,7 +143,7 @@ where
reader,
writer,
&first_bytes,
real_peer.ip(),
real_peer,
&config,
&beobachten,
)
@@ -168,7 +168,7 @@ where
reader,
writer,
&handshake,
real_peer.ip(),
real_peer,
&config,
&beobachten,
)
@@ -212,7 +212,7 @@ where
reader,
writer,
&first_bytes,
real_peer.ip(),
real_peer,
&config,
&beobachten,
)
@@ -237,7 +237,7 @@ where
reader,
writer,
&handshake,
real_peer.ip(),
real_peer,
&config,
&beobachten,
)
@@ -462,7 +462,7 @@ impl RunningClientHandler {
reader,
writer,
&first_bytes,
peer.ip(),
peer,
&self.config,
&self.beobachten,
)
@@ -501,7 +501,7 @@ impl RunningClientHandler {
reader,
writer,
&handshake,
peer.ip(),
peer,
&config,
&self.beobachten,
)
@@ -570,7 +570,7 @@ impl RunningClientHandler {
reader,
writer,
&first_bytes,
peer.ip(),
peer,
&self.config,
&self.beobachten,
)
@@ -608,7 +608,7 @@ impl RunningClientHandler {
reader,
writer,
&handshake,
peer.ip(),
peer,
&config,
&self.beobachten,
)