Hey guys,
Thank you for all your input, I ended up going with the xforwardedfor. --Karl. Karl Kloppenborg Programming Ninja Crucial Paradigm Pty Ltd Suite 1 Level 3 104-106 Commonwealth St Surry Hills NSW 2010 Australia 1300 884 839 – Sales & Support (AU Only) <https://support.crucialp.com/> Click here for the Support Desk d: 02 8202 9994 f: 02 92818261 m: 0416 236 908 e: k...@crucial.com.au Crucial Paradigm is a leading Web Hosting provider that specialises in Cloud solutions. We are commited to keeping our planet green, please reduce, reuse and recycle your office paper. Description: crucial_2012 From: Chris LeBlanc [mailto:ch...@blendedby.us] Sent: Tuesday, 5 June 2012 5:07 PM To: Baptiste Cc: Karl Kloppenborg; haproxy@formilux.org Subject: Re: reqadd srcIP for header Oh hey guys, I do the same thing and use the stunnel proxy protocol. You just add protocol = proxy to stunnel and use bind :81 accept-proxy for haproxy and it seems to take care of the rest. I do have to add some extra headers using addreq to identify port and protocol but that's just hardcoded in the https frontend (and http frontend for consistency). Hope that helps. I know newer versions of haproxy and stunnel are required so double check that. -- Chris LeBlanc On Tuesday, June 5, 2012 at 2:01 AM, Baptiste wrote: well, not adding a header, but getting connected on the server using the client IP (using a TPROXY patched kernel). cheers On Tue, Jun 5, 2012 at 9:00 AM, Baptiste <bed...@gmail.com> wrote: Hey, Using stunnel and haproxy, both with the proxy protocol may help when you want to add the X-SRC-IP header for a SSL connection. cheers
<<image001.jpg>>