From: Daniel Ruggeri Date: Wed, 5 Apr 2017 01:11:36 +0000 (+0000) Subject: Rename RemoteIPProxyProtocolDisableHosts to RemoteIPProxyProtocolExceptions X-Git-Tag: 2.5.0-alpha~500 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=edc3965d1a5ff63abeb081e4501fe8262f1bd0bf;p=thirdparty%2Fapache%2Fhttpd.git Rename RemoteIPProxyProtocolDisableHosts to RemoteIPProxyProtocolExceptions git-svn-id: https://svn.apache.org/repos/asf/httpd/httpd/trunk@1790169 13f79535-47bb-0310-9956-ffa450edef68 --- diff --git a/docs/manual/mod/mod_remoteip.xml b/docs/manual/mod/mod_remoteip.xml index 23cc6d01e37..532dc4ef5cc 100644 --- a/docs/manual/mod/mod_remoteip.xml +++ b/docs/manual/mod/mod_remoteip.xml @@ -235,8 +235,7 @@ RemoteIPProxiesHeader X-Forwarded-By If enabled with the On flag, the upstream client must send the header every time it opens a connection or the connection will be aborted unless it is in the list of disabled hosts provided by RemoteIPProxyProtocolDisableHosts - directive.

+ module="mod_remoteip">RemoteIPProxyProtocolExceptions directive.

While this directive may be specified in any virtual host, it is important to understand that because the PROXY protocol is connection @@ -263,7 +262,7 @@ Listen 8080 <VirtualHost *:8080> ServerName www.example.com RemoteIPProxyProtocol On - RemoteIPProxyProtocolDisableHosts 127.0.0.1 10.0.0.0/8 + RemoteIPProxyProtocolExceptions 127.0.0.1 10.0.0.0/8 #Requests to this virtual host must have a PROXY protocol # header provided. If it is missing, the connection will @@ -275,12 +274,12 @@ Listen 8080 -RemoteIPProxyProtocolDisableHosts +RemoteIPProxyProtocolExceptions Disable processing of PROXY header for certain hosts or networks -RemoteIPProxyProtocolDisableHosts host|range [host|range] [host|range] +RemoteIPProxyProtocolExceptions host|range [host|range] [host|range] server configvirtual host -RemoteIPProxyProtocolDisableHosts is only available in httpd 2.4.26 and newer +RemoteIPProxyProtocolExceptions is only available in httpd 2.4.26 and newer

The RemoteIPProxyProtocol directive enables or @@ -288,9 +287,8 @@ Listen 8080 Sometimes it is desirable to require clients to provide the PROXY header, but permit other clients to connect without it. This directive allows a server administrator to configure a single host or CIDR range of hosts that may do - so. This is generally useful for useful for monitoring and administrative - traffic to a virtual host direct to the server behind the upstream load - balancer.

+ so. This is generally useful for monitoring and administrative traffic to a + virtual host direct to the server behind the upstream load balancer.

diff --git a/modules/metadata/mod_remoteip.c b/modules/metadata/mod_remoteip.c index 573adadbb28..6a9f3ab60b6 100644 --- a/modules/metadata/mod_remoteip.c +++ b/modules/metadata/mod_remoteip.c @@ -1191,7 +1191,7 @@ static const command_rec remoteip_cmds[] = "see the RemoteIPInternalProxy directive"), AP_INIT_FLAG("RemoteIPProxyProtocol", remoteip_enable_proxy_protocol, NULL, RSRC_CONF, "Enable PROXY protocol handling (`on', `off')"), - AP_INIT_TAKE_ARGV("RemoteIPProxyProtocolDisableHosts", + AP_INIT_TAKE_ARGV("RemoteIPProxyProtocolExceptions", remoteip_disable_networks, NULL, RSRC_CONF, "Disable PROXY " "protocol handling for this list of networks in CIDR format"), { NULL }