Closed aisbergg closed 2 years ago
This feature is not too difficult to add. If you want to give this a try, I suggest starting with com.df.allowedSrc
first.
I know this extra two variables would be rather simple to implment. In addition to adding the code a new test must be written, I don't have experience with Golang so it would take me a while and the solution wouldn't be as clean as I would prefer.
Just a side note, you have to publish your docker flow proxy to host port if you want to see the real source ip. When you use dockers ingress network you will lose the source ip and see the ingress ip instead.
This project needs adoption. I moved to Kubernetes and cannot dedicate time to this project anymore. Similarly, involvement from other contributors dropped as well. Please consider contributing yourself if you think this project is useful.
Dear @aisbergg
If this issue is still relevant, please feel free to leave a comment here.
A nice feature would be the possibility to restrict the access to certain services (e.g. admin interfaces) to certain client src IPs. I would like restrict some adminstration services to only be available when accessed by Local IP.
So using labels on the specific containers like:
should result in haproxy.cfg like: