[stunnel-users] [patch] x-forwarded-for patch for the new stunnel 4.46
Michal.Trojnara at mirt.net
Fri Nov 18 03:52:41 CET 2011
> I use HAProxy and STunnel and I had to do a new installation lately.
> I took time to check the latest versions available of each product
> as this is a good time to test it out before production roll-out. I
> figured out that enough things have changed from STunnel version
> 4.44 to 4.46 making the X-Forwarded-For patch (that is usually used
> when STunnel sits in front of HAProxy) reject some parts of the
> latest 4.44 patch I found on the internet.
The "usual" way is not always the best one. Do not use X-Forwared-For
with haproxy. Instead use "protocol = proxy" option of stunnel 4.45 or
later, and accept-proxy bind option of haproxy 1.5-dev3 or later.
> PS: I didn't try it yet for IPv6 connections yet.
PS: "protocol = proxy" supports IPv6.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 194 bytes
Desc: This is a digitally signed message part
More information about the stunnel-users