added support for tcp proxyProtocol v1&v2 to backend

2020-11-17 13:04:04 +01:00 · 2020-11-17 13:04:04 +01:00 · 84b125bdde
commit 84b125bdde
parent 520fcf82ae
28 changed files with 388 additions and 83 deletions
--- a/pkg/tcp/proxy.go
+++ b/pkg/tcp/proxy.go
@ -1,10 +1,13 @@
 package tcp

 import (
+	"fmt"
 	"io"
 	"net"
 	"time"

+	"github.com/pires/go-proxyproto"
+	"github.com/traefik/traefik/v2/pkg/config/dynamic"
 	"github.com/traefik/traefik/v2/pkg/log"
 )

@ -12,16 +15,21 @@ import (
 type Proxy struct {
 	target           *net.TCPAddr
 	terminationDelay time.Duration
+	proxyProtocol    *dynamic.ProxyProtocol
 }

 // NewProxy creates a new Proxy.
-func NewProxy(address string, terminationDelay time.Duration) (*Proxy, error) {
+func NewProxy(address string, terminationDelay time.Duration, proxyProtocol *dynamic.ProxyProtocol) (*Proxy, error) {
 	tcpAddr, err := net.ResolveTCPAddr("tcp", address)
 	if err != nil {
 		return nil, err
 	}

-	return &Proxy{target: tcpAddr, terminationDelay: terminationDelay}, nil
+	if proxyProtocol != nil && (proxyProtocol.Version < 1 || proxyProtocol.Version > 2) {
+		return nil, fmt.Errorf("unknown proxyProtocol version: %d", proxyProtocol.Version)
+	}
+
+	return &Proxy{target: tcpAddr, terminationDelay: terminationDelay, proxyProtocol: proxyProtocol}, nil
 }

 // ServeTCP forwards the connection to a service.
@ -39,8 +47,16 @@ func (p *Proxy) ServeTCP(conn WriteCloser) {

 	// maybe not needed, but just in case
 	defer connBackend.Close()
-
 	errChan := make(chan error)
+
+	if p.proxyProtocol != nil && p.proxyProtocol.Version > 0 && p.proxyProtocol.Version < 3 {
+		header := proxyproto.HeaderProxyFromAddrs(byte(p.proxyProtocol.Version), conn.RemoteAddr(), conn.LocalAddr())
+		if _, err := header.WriteTo(connBackend); err != nil {
+			log.WithoutContext().Errorf("Error while writing proxy protocol headers to backend connection: %v", err)
+			return
+		}
+	}
+
 	go p.connCopy(conn, connBackend, errChan)
 	go p.connCopy(connBackend, conn, errChan)