summaryrefslogtreecommitdiff
path: root/src/conf_mode
diff options
context:
space:
mode:
authorViacheslav Hletenko <v.gletenko@vyos.io>2023-05-19 14:57:43 +0000
committerViacheslav Hletenko <v.gletenko@vyos.io>2023-05-19 14:57:43 +0000
commit62ce80bd0cb49524f07d6badb2973f15528c0f1b (patch)
tree90a716c1f2e45a502f7a4b2786f3d426f973caac /src/conf_mode
parent9ffbc8d8f9a2d25598f252b2a247fed9a76ea311 (diff)
downloadvyos-1x-62ce80bd0cb49524f07d6badb2973f15528c0f1b.tar.gz
vyos-1x-62ce80bd0cb49524f07d6badb2973f15528c0f1b.zip
T5222: reverse-proxy add send-proxy option for backend server
To accept a Proxy Protocol header on incoming TCP connections, add an accept-proxy parameter to the bind line in a frontend section. This parameter detects both Proxy Protocol version 1 (text format) and Proxy Protocol version 2 (binary format). set load-balancing reverse-proxy backend <tag> server <tag> send-proxy
Diffstat (limited to 'src/conf_mode')
-rwxr-xr-xsrc/conf_mode/load-balancing-haproxy.py2
1 files changed, 2 insertions, 0 deletions
diff --git a/src/conf_mode/load-balancing-haproxy.py b/src/conf_mode/load-balancing-haproxy.py
index 938af6cda..b29fdffc7 100755
--- a/src/conf_mode/load-balancing-haproxy.py
+++ b/src/conf_mode/load-balancing-haproxy.py
@@ -95,6 +95,8 @@ def verify(lb):
if 'address' not in bk_server_conf or 'port' not in bk_server_conf:
raise ConfigError(f'"backend {back} server {bk_server} address and port" must be configured!')
+ if {'send_proxy', 'send_proxy_v2'} <= set(bk_server_conf):
+ raise ConfigError(f'Cannot use both "send-proxy" and "send-proxy-v2" for server "{bk_server}"')
def generate(lb):
if not lb: