Open ahcognmm opened 1 month ago
@phlax might be able to help, or to ping someone who is.
the problem/solution is not immediately obvious to me - but i have limited dfp knowledge
cc @alyssawilk @mattklein123 as codeowners
@wbpcode might also have some idea
Not sure about your iptables stuff but here is a simplified config that I've been using for ages with all the custom access log and tracing stuff elided. I update my git
, rust
apt
configs etc to leverage localhost:9904 as a proxy and it works well. You can export HTTPS_PROXY
to point to this for adhoc. I never worked out how to have this work with HTTP/3
admin:
address:
socket_address:
address: 127.0.0.1
port_value: 9903
static_resources:
clusters:
- cluster_type:
name: envoy.clusters.dynamic_forward_proxy
typed_config:
'@type': type.googleapis.com/envoy.extensions.clusters.dynamic_forward_proxy.v3.ClusterConfig
allow_coalesced_connections: true
dns_cache_config:
dns_lookup_family: ALL
name: dynamic_forward_proxy_cache_config
connect_timeout: 2s
dns_lookup_family: ALL
lb_policy: CLUSTER_PROVIDED
name: dynamic_forward_proxy_cluster
listeners:
- additional_addresses:
- address:
socket_address:
address: ::1
port_value: 9904
address:
socket_address:
address: 127.0.0.1
port_value: 9904
filter_chains:
- filters:
- name: envoy.filters.network.http_connection_manager
typed_config:
'@type': type.googleapis.com/envoy.extensions.filters.network.http_connection_manager.v3.HttpConnectionManager
codec_type: AUTO
http2_protocol_options:
allow_connect: true
http_filters:
- name: envoy.filters.http.dynamic_forward_proxy
typed_config:
'@type': type.googleapis.com/envoy.extensions.filters.http.dynamic_forward_proxy.v3.FilterConfig
dns_cache_config:
dns_lookup_family: ALL
name: dynamic_forward_proxy_cache_config
- name: envoy.filters.http.router
typed_config:
'@type': type.googleapis.com/envoy.extensions.filters.http.router.v3.Router
route_config:
name: local_route
virtual_hosts:
- domains:
- '*'
name: local_service
routes:
- match:
prefix: /
route:
cluster: dynamic_forward_proxy_cluster
- match:
connect_matcher: {}
route:
cluster: dynamic_forward_proxy_cluster
upgrade_configs:
- connect_config: {}
upgrade_type: CONNECT
stat_prefix: dynamic_forward_proxy_upgrade
name: dynamic_forward_proxy_upgrade
traffic_direction: OUTBOUND
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.
Not sure about your iptables stuff but here is a simplified config that I've been using for ages with all the custom access log and tracing stuff elided. I update my
git
,rust
apt
configs etc to leverage localhost:9904 as a proxy and it works well. You can exportHTTPS_PROXY
to point to this for adhoc. I never worked out how to have this work with HTTP/3
Sorry for late reply. But it doesn't work for me. I want config envoy as a transparent proxy, which handle all routed traffic via iptables
. I dont want manually config like curl -x localhost:9904 google.com
, i want curl google.com
still going through proxy.
@wbpcode do you have any ideas?
Error when setting up Envoy as a forward proxy.
Hi there, i want to use envoy as a proxy to handle all out going traffic. This is my set up:
Envoy config:
And my
iptables
run:When I try something like
curl google.com
it returns this:I'm just a newcomer with 1 week of reading documents. Can any one point out why I got this errors and how to fix it. I have already tried to google but nothing can help.