forked from mastercactapus/caddy2-proxyprotocol
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathwrapper.go
52 lines (40 loc) · 1.31 KB
/
wrapper.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
package caddy2proxyprotocol
import (
"fmt"
"net"
"time"
"github.com/absorbb/proxyprotocol"
"github.com/caddyserver/caddy/v2"
)
// Wrapper provides PROXY protocol support to Caddy by implementing the caddy.ListenerWrapper interface. It must be loaded before the `tls` listener.
type Wrapper struct {
// Timeout specifies an optional maximum time for the PROXY header to be received. If zero, timeout is disabled. Default is 5s.
Timeout caddy.Duration `json:"timeout,omitempty"`
// Allow is an optional list of CIDR ranges to allow/require PROXY headers from.
Allow []string `json:"allow,omitempty"`
rules []proxyprotocol.Rule
}
func (pp *Wrapper) parseRules() ([]proxyprotocol.Rule, error) {
rules := make([]proxyprotocol.Rule, 0, len(pp.Allow))
for _, s := range pp.Allow {
_, n, err := net.ParseCIDR(s)
if err != nil {
return nil, fmt.Errorf("invalid subnet '%s': %w", s, err)
}
rules = append(rules, proxyprotocol.Rule{Timeout: time.Duration(pp.Timeout), Subnet: n})
}
return rules, nil
}
func (pp *Wrapper) Provision(ctx caddy.Context) error {
rules, err := pp.parseRules()
if err != nil {
return err
}
pp.rules = rules
return nil
}
func (pp *Wrapper) WrapListener(l net.Listener) net.Listener {
pL := proxyprotocol.NewListener(l, time.Duration(pp.Timeout))
pL.SetFilter(pp.rules)
return pL
}