jbertram commented on code in PR #5908: URL: https://github.com/apache/activemq-artemis/pull/5908#discussion_r2326314429
########## docs/user-manual/proxy-protocol.adoc: ########## @@ -0,0 +1,33 @@ += PROXY Protocol +:idprefix: +:idseparator: - +:docinfo: shared + +As noted in the official https://github.com/haproxy/haproxy/blob/master/doc/proxy-protocol.txt[PROXY Protocol documentation]: + +[quote,] +____ +The PROXY protocol provides a convenient way to safely transport connection information such as a client's address across multiple layers of NAT or TCP proxies. +____ + +This essentially allows the broker to know a client's IP address even when the connection is established through reverse proxy that supports the PROXY protocol (e.g. HAProxy, nginx, etc.). +Without PROXY protocol support the broker would see such client connections as coming from the proxy itself which can be misleading for administrators and complicate trouble-shooting. + +Both versions 1 & 2 of the PROXY Protocol are supported. +Furthermore, this support is 100% transparent and requires no additional configuration. +The broker automatically detects the use of the PROXY Protocol and manages the connection appropriately. Review Comment: I've changed the implementation to account for this. ########## artemis-core-client/src/main/java/org/apache/activemq/artemis/core/remoting/impl/netty/NettyConnection.java: ########## @@ -388,18 +394,40 @@ private static void flushAndWait(final Channel channel, final ChannelPromise pro @Override public final String getRemoteAddress() { - SocketAddress address = channel.remoteAddress(); - if (address == null) { - return null; + String proxyProtocolSourceAddress = channel.attr(PROXY_PROTOCOL_SOURCE_ADDRESS).get(); + String proxyProtocolSourcePort = channel.attr(PROXY_PROTOCOL_SOURCE_PORT).get(); + if (proxyProtocolSourceAddress != null && !proxyProtocolSourceAddress.isEmpty() && proxyProtocolSourcePort != null && !proxyProtocolSourcePort.isEmpty()) { + return proxyProtocolSourceAddress + ":" + proxyProtocolSourcePort; + } else { + SocketAddress address = channel.remoteAddress(); + if (address == null) { + return null; + } + String result = address.toString(); + if (result.startsWith("/")) { + return result.substring(1); + } else { + return result; + } Review Comment: Good idea. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] For further information, visit: https://activemq.apache.org/contact
