embed ipv4 source in ipv6

dlundquist / sniproxy

Proxies incoming HTTP and TLS connections based on the hostname contained in the initial request of the TCP session.

BSD 2-Clause "Simplified" License

2.57k stars 398 forks source link

embed ipv4 source in ipv6 #372

Open candlerb opened 3 years ago

candlerb commented 3 years ago

Proof-of-concept for #371: for review rather than actual merge.

Usage:

listen 0.0.0.0 443 {
    proto tls
    embed fd46:1::
}

If the inbound connection is IPv4, and the outbound connection is IPv6, then the incoming source IPv4 address is embedded in the low 32 bits of the outgoing IPv6 source.

candlerb commented 2 years ago

I am now wondering if this would be more logical if configured as a per-backend option, like proxy_protocol. e.g.

embed_prefix fd46:1::

table foo {
    bar.example.net  *:4443  proxy_protocol
    baz.example.net  *       embed
}

(although the way I do it now is consistent with the "source" option on the listener)