BBSFirewall v1.1.1
Bug Fix
Fixed PROXY Protocol header ordering for fast-connecting clients
Clients such as fTelnet and MuffTerm send telnet negotiation bytes immediately on TCP connect. These bytes could reach the backend BBS before the PROXY Protocol header, causing the raw header text to appear on the user's terminal instead of being silently consumed by the backend module.
Root cause: The client data handler was registered before the backend connection was established, allowing buffered client writes to race with the PROXY header write in the connect callback.
Fix: The client socket (telnet) and SSH stream are now paused before the backend connection is initiated, and resumed only after the PROXY Protocol header has been written. This guarantees the header is always the first data in the backend stream regardless of how quickly the client sends.
Files changed: proxy.js, ssh.js