From: Remi Gacogne Date: Mon, 23 Mar 2020 15:56:50 +0000 (+0100) Subject: rec: Document that we only support the version 2 of the Proxy Protocol X-Git-Tag: dnsdist-1.5.0-rc1~25^2 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c475e2a54cc453a8a71eba2d9848e9fb2b9da9bd;p=thirdparty%2Fpdns.git rec: Document that we only support the version 2 of the Proxy Protocol --- diff --git a/pdns/recursordist/docs/settings.rst b/pdns/recursordist/docs/settings.rst index fffda3d167..e5338cc7ea 100644 --- a/pdns/recursordist/docs/settings.rst +++ b/pdns/recursordist/docs/settings.rst @@ -1237,7 +1237,7 @@ Whether to compute the latency of responses in protobuf messages using the times - IP ranges, separated by commas - Default: empty -Ranges that are required to send a Proxy Protocol header in front of UDP and TCP queries, to pass the original source and destination addresses and ports to the recursor, as well as custom values. +Ranges that are required to send a Proxy Protocol version 2 header in front of UDP and TCP queries, to pass the original source and destination addresses and ports to the recursor, as well as custom values. Queries that are not prefixed with such a header will not be accepted from clients in these ranges. Queries prefixed by headers from clients that are not listed in these ranges will be dropped. Note that once a Proxy Protocol header has been received, the source address from the proxy header instead of the address of the proxy will be checked against the `allow-from`_ ACL,