-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Make the client IP accessible from a request_filter #105
Comments
It looks like the addr is just being dropped...
Please pass along the addr so we can rate limit, add it to forwarding headers, modify iptables, or what ever may be needed |
Should additional metadata also be provided within Session, such as the server ip/port, and SSL metadata such as cipher, tls version, etc? I can create a new ticket with requests if needed. |
this would be pretty helpful as it allows to generate JA3 fingerprints etc. |
We're also looking at this internally right now too!
Server IP/port can probably be bundled with this ask, I think additional metadata deserves its own tracking issue. |
|
This feature has released in v0.1.1, but the crate repo hasn't get this update, might need some manual operation |
What is the problem your feature solves, or the need it fulfills?
I would like to access the IP of a user connecting to a pingora proxy server to allow for further filtering/routing.
This could be used for rate limits or a "per user" upstream selection
Describe the solution you'd like
a function in the
Session
struct to give out the IP addressDescribe alternatives you've considered
I don't see how i could implement a ip based rate limit without an IP on the application level, an alternative would be using nftables but that seems far from optimal.
Additional context
None
The text was updated successfully, but these errors were encountered: