xffv3

package
v0.0.0-...-1441982 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 11, 2024 License: Apache-2.0 Imports: 20 Imported by: 1

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var File_envoy_extensions_http_original_ip_detection_xff_v3_xff_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type XffConfig 

type XffConfig struct {

	// The number of additional ingress proxy hops from the right side of the
	// :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header to trust when
	// determining the origin client's IP address. The default is zero if this option
	// is not specified. See the documentation for
	// :ref:`config_http_conn_man_headers_x-forwarded-for` for more information.
	//
	// Only one of “xff_num_trusted_hops“ and “xff_trusted_cidrs“ can be set.
	XffNumTrustedHops uint32 `protobuf:"varint,1,opt,name=xff_num_trusted_hops,json=xffNumTrustedHops,proto3" json:"xff_num_trusted_hops,omitempty"`
	// The `CIDR <https://tools.ietf.org/html/rfc4632>`_ ranges to trust when
	// evaluating the remote IP address to determine the original client's IP address.
	// This is used instead of
	// :ref:`use_remote_address <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address>`.
	// When the remote IP address matches a trusted CIDR and the
	// :ref:`config_http_conn_man_headers_x-forwarded-for` header was sent, each entry
	// in the “x-forwarded-for“ header is evaluated from right to left and the first
	// public non-trusted address is used as the original client address. If all
	// addresses in “x-forwarded-for“ are within the trusted list, the first (leftmost)
	// entry is used.
	//
	// This is typically used when requests are proxied by a
	// `CDN <https://en.wikipedia.org/wiki/Content_delivery_network>`_.
	//
	// Only one of “xff_num_trusted_hops“ and “xff_trusted_cidrs“ can be set.
	XffTrustedCidrs *XffTrustedCidrs `protobuf:"bytes,2,opt,name=xff_trusted_cidrs,json=xffTrustedCidrs,proto3" json:"xff_trusted_cidrs,omitempty"`
	// If set, Envoy will not append the remote address to the
	// :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header.
	//
	// .. attention::
	//
	//	For proper proxy behaviour it is not recommended to set this option.
	//	For backwards compatibility, if this option is unset it defaults to true.
	//
	// This only applies when :ref:`use_remote_address
	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address>`
	// is false, otherwise :ref:`skip_xff_append
	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.skip_xff_append>`
	// applies.
	SkipXffAppend *wrapperspb.BoolValue `protobuf:"bytes,3,opt,name=skip_xff_append,json=skipXffAppend,proto3" json:"skip_xff_append,omitempty"`
	// contains filtered or unexported fields
}

This extension allows for the original downstream remote IP to be detected by reading the :ref:`config_http_conn_man_headers_x-forwarded-for` header.

[#extension: envoy.http.original_ip_detection.xff]

func (*XffConfig) Descriptor deprecated 

func (*XffConfig) Descriptor() ([]byte, []int)

Deprecated: Use XffConfig.ProtoReflect.Descriptor instead.

func (*XffConfig) GetSkipXffAppend 

func (x *XffConfig) GetSkipXffAppend() *wrapperspb.BoolValue

func (*XffConfig) GetXffNumTrustedHops 

func (x *XffConfig) GetXffNumTrustedHops() uint32

func (*XffConfig) GetXffTrustedCidrs 

func (x *XffConfig) GetXffTrustedCidrs() *XffTrustedCidrs

func (*XffConfig) ProtoMessage 

func (*XffConfig) ProtoMessage()

func (*XffConfig) ProtoReflect 

func (x *XffConfig) ProtoReflect() protoreflect.Message

func (*XffConfig) Reset 

func (x *XffConfig) Reset()

func (*XffConfig) String 

func (x *XffConfig) String() string

func (*XffConfig) Validate 

func (m *XffConfig) Validate() error

Validate checks the field values on XffConfig with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*XffConfig) ValidateAll 

func (m *XffConfig) ValidateAll() error

ValidateAll checks the field values on XffConfig with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in XffConfigMultiError, or nil if none found.

type XffConfigMultiError 

type XffConfigMultiError []error

XffConfigMultiError is an error wrapping multiple validation errors returned by XffConfig.ValidateAll() if the designated constraints aren't met.

func (XffConfigMultiError) AllErrors 

func (m XffConfigMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (XffConfigMultiError) Error 

func (m XffConfigMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type XffConfigValidationError 

type XffConfigValidationError struct {
	// contains filtered or unexported fields
}

XffConfigValidationError is the validation error returned by XffConfig.Validate if the designated constraints aren't met.

func (XffConfigValidationError) Cause 

func (e XffConfigValidationError) Cause() error

Cause function returns cause value.

func (XffConfigValidationError) Error 

func (e XffConfigValidationError) Error() string

Error satisfies the builtin error interface

func (XffConfigValidationError) ErrorName 

func (e XffConfigValidationError) ErrorName() string

ErrorName returns error name.

func (XffConfigValidationError) Field 

func (e XffConfigValidationError) Field() string

Field function returns field value.

func (XffConfigValidationError) Key 

func (e XffConfigValidationError) Key() bool

Key function returns key value.

func (XffConfigValidationError) Reason 

func (e XffConfigValidationError) Reason() string

Reason function returns reason value.

type XffTrustedCidrs 

type XffTrustedCidrs struct {

	// The list of `CIDRs <https://tools.ietf.org/html/rfc4632>`_ from which remote
	// connections are considered trusted.
	Cidrs []*v3.CidrRange `protobuf:"bytes,1,rep,name=cidrs,proto3" json:"cidrs,omitempty"`
	// contains filtered or unexported fields
}

func (*XffTrustedCidrs) Descriptor deprecated 

func (*XffTrustedCidrs) Descriptor() ([]byte, []int)

Deprecated: Use XffTrustedCidrs.ProtoReflect.Descriptor instead.

func (*XffTrustedCidrs) GetCidrs 

func (x *XffTrustedCidrs) GetCidrs() []*v3.CidrRange

func (*XffTrustedCidrs) ProtoMessage 

func (*XffTrustedCidrs) ProtoMessage()

func (*XffTrustedCidrs) ProtoReflect 

func (x *XffTrustedCidrs) ProtoReflect() protoreflect.Message

func (*XffTrustedCidrs) Reset 

func (x *XffTrustedCidrs) Reset()

func (*XffTrustedCidrs) String 

func (x *XffTrustedCidrs) String() string

func (*XffTrustedCidrs) Validate 

func (m *XffTrustedCidrs) Validate() error

Validate checks the field values on XffTrustedCidrs with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*XffTrustedCidrs) ValidateAll 

func (m *XffTrustedCidrs) ValidateAll() error

ValidateAll checks the field values on XffTrustedCidrs with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in XffTrustedCidrsMultiError, or nil if none found.

type XffTrustedCidrsMultiError 

type XffTrustedCidrsMultiError []error

XffTrustedCidrsMultiError is an error wrapping multiple validation errors returned by XffTrustedCidrs.ValidateAll() if the designated constraints aren't met.

func (XffTrustedCidrsMultiError) AllErrors 

func (m XffTrustedCidrsMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (XffTrustedCidrsMultiError) Error 

func (m XffTrustedCidrsMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type XffTrustedCidrsValidationError 

type XffTrustedCidrsValidationError struct {
	// contains filtered or unexported fields
}

XffTrustedCidrsValidationError is the validation error returned by XffTrustedCidrs.Validate if the designated constraints aren't met.

func (XffTrustedCidrsValidationError) Cause 

func (e XffTrustedCidrsValidationError) Cause() error

Cause function returns cause value.

func (XffTrustedCidrsValidationError) Error 

func (e XffTrustedCidrsValidationError) Error() string

Error satisfies the builtin error interface

func (XffTrustedCidrsValidationError) ErrorName 

func (e XffTrustedCidrsValidationError) ErrorName() string

ErrorName returns error name.

func (XffTrustedCidrsValidationError) Field 

func (e XffTrustedCidrsValidationError) Field() string

Field function returns field value.

func (XffTrustedCidrsValidationError) Key 

func (e XffTrustedCidrsValidationError) Key() bool

Key function returns key value.

func (XffTrustedCidrsValidationError) Reason 

func (e XffTrustedCidrsValidationError) Reason() string

Reason function returns reason value.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.