xffv3

package
v1.33.0 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jan 22, 2025 License: Apache-2.0 Imports: 19 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source
var File_envoy_extensions_http_original_ip_detection_xff_v3_xff_proto protoreflect.FileDescriptor

Functions

This section is empty.

Types

type XffConfig

type XffConfig struct {

	// The number of additional ingress proxy hops from the right side of the
	// :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header to trust when
	// determining the origin client's IP address. The default is zero if this option
	// is not specified. See the documentation for
	// :ref:`config_http_conn_man_headers_x-forwarded-for` for more information.
	//
	// Only one of “xff_num_trusted_hops“ and “xff_trusted_cidrs“ can be set.
	XffNumTrustedHops uint32 `protobuf:"varint,1,opt,name=xff_num_trusted_hops,json=xffNumTrustedHops,proto3" json:"xff_num_trusted_hops,omitempty"`
	// The `CIDR <https://tools.ietf.org/html/rfc4632>`_ ranges to trust when
	// evaluating the remote IP address to determine the original client's IP address.
	// This is used instead of
	// :ref:`use_remote_address <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address>`.
	// When the remote IP address matches a trusted CIDR and the
	// :ref:`config_http_conn_man_headers_x-forwarded-for` header was sent, each entry
	// in the “x-forwarded-for“ header is evaluated from right to left and the first
	// public non-trusted address is used as the original client address. If all
	// addresses in “x-forwarded-for“ are within the trusted list, the first (leftmost)
	// entry is used.
	//
	// This is typically used when requests are proxied by a
	// `CDN <https://en.wikipedia.org/wiki/Content_delivery_network>`_.
	//
	// Only one of “xff_num_trusted_hops“ and “xff_trusted_cidrs“ can be set.
	XffTrustedCidrs *XffTrustedCidrs `protobuf:"bytes,2,opt,name=xff_trusted_cidrs,json=xffTrustedCidrs,proto3" json:"xff_trusted_cidrs,omitempty"`
	// If set, Envoy will not append the remote address to the
	// :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header.
	//
	// .. attention::
	//
	//	For proper proxy behaviour it is not recommended to set this option.
	//	For backwards compatibility, if this option is unset it defaults to true.
	//
	// This only applies when :ref:`use_remote_address
	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address>`
	// is false, otherwise :ref:`skip_xff_append
	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.skip_xff_append>`
	// applies.
	SkipXffAppend *wrapperspb.BoolValue `protobuf:"bytes,3,opt,name=skip_xff_append,json=skipXffAppend,proto3" json:"skip_xff_append,omitempty"`
	// contains filtered or unexported fields
}

This extension allows for the original downstream remote IP to be detected by reading the :ref:`config_http_conn_man_headers_x-forwarded-for` header.

[#extension: envoy.http.original_ip_detection.xff]

func (*XffConfig) Descriptor deprecated

func (*XffConfig) Descriptor() ([]byte, []int)

Deprecated: Use XffConfig.ProtoReflect.Descriptor instead.

func (*XffConfig) GetSkipXffAppend

func (x *XffConfig) GetSkipXffAppend() *wrapperspb.BoolValue

func (*XffConfig) GetXffNumTrustedHops

func (x *XffConfig) GetXffNumTrustedHops() uint32

func (*XffConfig) GetXffTrustedCidrs

func (x *XffConfig) GetXffTrustedCidrs() *XffTrustedCidrs

func (*XffConfig) ProtoMessage

func (*XffConfig) ProtoMessage()

func (*XffConfig) ProtoReflect

func (x *XffConfig) ProtoReflect() protoreflect.Message

func (*XffConfig) Reset

func (x *XffConfig) Reset()

func (*XffConfig) String

func (x *XffConfig) String() string

func (*XffConfig) Validate

func (m *XffConfig) Validate() error

Validate checks the field values on XffConfig with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*XffConfig) ValidateAll

func (m *XffConfig) ValidateAll() error

ValidateAll checks the field values on XffConfig with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in XffConfigMultiError, or nil if none found.

type XffConfigMultiError

type XffConfigMultiError []error

XffConfigMultiError is an error wrapping multiple validation errors returned by XffConfig.ValidateAll() if the designated constraints aren't met.

func (XffConfigMultiError) AllErrors

func (m XffConfigMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (XffConfigMultiError) Error

func (m XffConfigMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type XffConfigValidationError

type XffConfigValidationError struct {
	// contains filtered or unexported fields
}

XffConfigValidationError is the validation error returned by XffConfig.Validate if the designated constraints aren't met.

func (XffConfigValidationError) Cause

func (e XffConfigValidationError) Cause() error

Cause function returns cause value.

func (XffConfigValidationError) Error

func (e XffConfigValidationError) Error() string

Error satisfies the builtin error interface

func (XffConfigValidationError) ErrorName

func (e XffConfigValidationError) ErrorName() string

ErrorName returns error name.

func (XffConfigValidationError) Field

func (e XffConfigValidationError) Field() string

Field function returns field value.

func (XffConfigValidationError) Key

Key function returns key value.

func (XffConfigValidationError) Reason

func (e XffConfigValidationError) Reason() string

Reason function returns reason value.

type XffTrustedCidrs

type XffTrustedCidrs struct {

	// The list of `CIDRs <https://tools.ietf.org/html/rfc4632>`_ from which remote
	// connections are considered trusted.
	Cidrs []*v3.CidrRange `protobuf:"bytes,1,rep,name=cidrs,proto3" json:"cidrs,omitempty"`
	// contains filtered or unexported fields
}

func (*XffTrustedCidrs) Descriptor deprecated

func (*XffTrustedCidrs) Descriptor() ([]byte, []int)

Deprecated: Use XffTrustedCidrs.ProtoReflect.Descriptor instead.

func (*XffTrustedCidrs) GetCidrs

func (x *XffTrustedCidrs) GetCidrs() []*v3.CidrRange

func (*XffTrustedCidrs) ProtoMessage

func (*XffTrustedCidrs) ProtoMessage()

func (*XffTrustedCidrs) ProtoReflect

func (x *XffTrustedCidrs) ProtoReflect() protoreflect.Message

func (*XffTrustedCidrs) Reset

func (x *XffTrustedCidrs) Reset()

func (*XffTrustedCidrs) String

func (x *XffTrustedCidrs) String() string

func (*XffTrustedCidrs) Validate

func (m *XffTrustedCidrs) Validate() error

Validate checks the field values on XffTrustedCidrs with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*XffTrustedCidrs) ValidateAll

func (m *XffTrustedCidrs) ValidateAll() error

ValidateAll checks the field values on XffTrustedCidrs with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in XffTrustedCidrsMultiError, or nil if none found.

type XffTrustedCidrsMultiError

type XffTrustedCidrsMultiError []error

XffTrustedCidrsMultiError is an error wrapping multiple validation errors returned by XffTrustedCidrs.ValidateAll() if the designated constraints aren't met.

func (XffTrustedCidrsMultiError) AllErrors

func (m XffTrustedCidrsMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (XffTrustedCidrsMultiError) Error

Error returns a concatenation of all the error messages it wraps.

type XffTrustedCidrsValidationError

type XffTrustedCidrsValidationError struct {
	// contains filtered or unexported fields
}

XffTrustedCidrsValidationError is the validation error returned by XffTrustedCidrs.Validate if the designated constraints aren't met.

func (XffTrustedCidrsValidationError) Cause

Cause function returns cause value.

func (XffTrustedCidrsValidationError) Error

Error satisfies the builtin error interface

func (XffTrustedCidrsValidationError) ErrorName

func (e XffTrustedCidrsValidationError) ErrorName() string

ErrorName returns error name.

func (XffTrustedCidrsValidationError) Field

Field function returns field value.

func (XffTrustedCidrsValidationError) Key

Key function returns key value.

func (XffTrustedCidrsValidationError) Reason

Reason function returns reason value.

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL