Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

dnsdist: Add support for the processing of X-Forwarded-For headers #8945

Merged
merged 1 commit into from Mar 19, 2020

Conversation

rgacogne
Copy link
Member

@rgacogne rgacogne commented Mar 18, 2020

Short description

This PR adds a trustForwardedForHeader option to addDOHLocal(). When that option is enabled, incoming X-Forwarded-For header are parsed and the last value of the last header replaces the source client IP address for ACL, rules and logging purposes.
Closes #8661.

Checklist

I have:

  • read the CONTRIBUTING.md document
  • compiled this code
  • tested this code
  • included documentation (including possible behaviour changes)
  • documented the code
  • added or modified regression test(s)
  • added or modified unit test(s)

Copy link
Member

@chbruyand chbruyand left a comment

LGTM!

@rgacogne rgacogne merged commit b61cf25 into PowerDNS:master Mar 19, 2020
29 checks passed
@rgacogne rgacogne deleted the ddist-x-forwarded-for branch Mar 19, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants