[Again, using all the words] On Thu, Jun 8, 2017 at 12:30 PM, Daniel Ruggeri <[email protected]> wrote: > Hi, all; > With the proposal to T&R set for Monday, I wanted to draw attention to the > PROXY protocol proposal in STATUS. Just hoping for a quick review. I know it > appears to be a large change, but as I worked through the feedback, ten of > the commits effectively got coded out. What we are left with is essentially > just the donated code + safety around IPv6 + the ability to designate > subnets that do not get PROXY processing.
The one change I've been considering is to expand this syntax; RemoteIPProxyProtocol On|Off to RemoteIPProxyProtocol [On|Off|host|range [host|range]...] Rather than rely on RemoteIPProxyProtocolExceptions (which was a great addition, thank you), I like configuring systems with whitelists rather than blacklists, when available. Although it's nebulous which is the whitelist and which is the blacklist, in this case :)
