feat: add mask_proxy_protocol option for PROXY protocol to mask_host

Adds mask_proxy_protocol config option (0 = off, 1 = v1 text, 2 = v2 binary)
that sends a PROXY protocol header when connecting to mask_host. This lets
the backend see the real client IP address.

Particularly useful when the masking site (nginx/HAProxy) runs on the same
host as telemt and listens on a local port — without this, the backend loses
the original client IP entirely.

PROXY protocol header is also sent during TLS emulation fetches so that
backends with proxy_protocol required don't reject the connection.

src/transport/proxy_protocol.rs

@@ -233,14 +233,12 @@ async fn parse_v2<R: AsyncRead + Unpin>(
 }
 
 /// Builder for PROXY protocol v1 header
-#[allow(dead_code)]
 pub struct ProxyProtocolV1Builder {
     family: &'static str,
     src_addr: Option<SocketAddr>,
     dst_addr: Option<SocketAddr>,
 }
 
-#[allow(dead_code)]
 impl ProxyProtocolV1Builder {
     pub fn new() -> Self {
         Self {
@@ -288,13 +286,17 @@ impl Default for ProxyProtocolV1Builder {
 }
 
 /// Builder for PROXY protocol v2 header
-#[allow(dead_code)]
 pub struct ProxyProtocolV2Builder {
     src: Option<SocketAddr>,
     dst: Option<SocketAddr>,
 }
 
-#[allow(dead_code)]
+impl Default for ProxyProtocolV2Builder {
+    fn default() -> Self {
+        Self::new()
+    }
+}
+
 impl ProxyProtocolV2Builder {
     pub fn new() -> Self {
         Self { src: None, dst: None }