[pve-devel] [PATCH SERIES manager/http-server/docs] fix #5699: add support for real IP
Thomas Skinner
thomas at atskinner.net
Tue Sep 10 02:30:23 CEST 2024
This patch series adds support for setting a HTTP header for passing through a client IP
address for logging purposes. Two settings are introduced for /etc/default/pveproxy:
PROXY_REAL_IP_HEADER: defines a HTTP header to extract a client IP address from in the request.
If the IP address is invalid, it is ignored. Otherwise, it is logged in addition to
the sending peer IP address.
TRUSTED_PROXY_IPS: defines a list of IP addresses or ranges that are allowed to set
the header defined in PROXY_REAL_IP_HEADER. If this setting is not set, any requests
with the PROXY_REAL_IP_HEADER set will have the extracted IP address logged.
pve-docs:
Thomas Skinner (1):
fix #5699: pveproxy: add docs for real IP support
pveproxy.adoc | 29 +++++++++++++++++++++++++++++
1 file changed, 29 insertions(+)
pve-http-server:
Thomas Skinner (1):
fix #5699: pveproxy: add library methods for real IP support
src/PVE/APIServer/AnyEvent.pm | 43 ++++++++++++++++++++++++++++++++---
src/PVE/APIServer/Utils.pm | 15 ++++++++++++
2 files changed, 55 insertions(+), 3 deletions(-)
pve-manager:
Thomas Skinner (1):
fix #5699: pveproxy: add settings for real IP support
PVE/Service/pveproxy.pm | 2 ++
1 file changed, 2 insertions(+)
--
2.39.2
More information about the pve-devel
mailing list