On Wed Jan 20 17:55:24 CET 2021 Robert Segall wrote:
> Pound v3.0 has been officially released in early November. We would
> really appreciate if you could drop a few lines regarding your
> experience with it: how has it behaved in your case, is it reliable,
> did you do any performance testing, have you run into any issues.
I tried version 3 (as packaged by Debian) but had to revert - some 2.8 features
I rely on were either omitted or not documented.
I am using Pound to distribute requests to a single IPv4 address to servers
with publicly-accessible IPv6 addresses. When an HTTPS request is received,
and passed as HTTP to the backend, I need to pass on some information (and make
sure it cannot be forged in an HTTP request). so my HTTP listener configuration
includes parameters like:
xHTTP 2
HeadRemove "X-Forwarded-For"
HeadRemove "X-SSL-certificate"
HeadRemove "L-.*"
AddHeader "L-RequestScheme: http"
AddHeader "L-Port: 80"
and the HTTPS listener configuration contains additional parameters:
ClientCert 1
AddHeader "L-<secret1>: <secret2>"
so I'd like these configuration options restored. I'd also need the client
certificate to be passed on, or at least the SHA-1 fingerprint (which is used
to look up the client username).
> Suggestions for new features in 3.1 are also welcome.
In my case the Err... files contain HTML (using embedded CSS, and data: URLs
for images) whose style ought to depend on the service. I'd like per-service
overrides for these parameters.
Dave Sparks
--
pound mailing list
[email protected]
https://admin.hostpoint.ch/mailman/listinfo/pound_apsis.ch
