package xffv3

import "github.com/envoyproxy/go-control-plane/envoy/extensions/http/original_ip_detection/xff/v3"

Index

Variables 

var File_envoy_extensions_http_original_ip_detection_xff_v3_xff_proto protoreflect.FileDescriptor

Types

type XffConfig 

type XffConfig struct {

	// The number of additional ingress proxy hops from the right side of the
	// :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header to trust when
	// determining the origin client's IP address. The default is zero if this option
	// is not specified. See the documentation for
	// :ref:`config_http_conn_man_headers_x-forwarded-for` for more information.
	//
	// Only one of “xff_num_trusted_hops“ and “xff_trusted_cidrs“ can be set.
	XffNumTrustedHops uint32 `protobuf:"varint,1,opt,name=xff_num_trusted_hops,json=xffNumTrustedHops,proto3" json:"xff_num_trusted_hops,omitempty"`
	// The `CIDR <https://tools.ietf.org/html/rfc4632>`_ ranges to trust when
	// evaluating the remote IP address to determine the original client's IP address.
	// This is used instead of
	// :ref:`use_remote_address <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address>`.
	// When the remote IP address matches a trusted CIDR and the
	// :ref:`config_http_conn_man_headers_x-forwarded-for` header was sent, each entry
	// in the “x-forwarded-for“ header is evaluated from right to left and the first
	// public non-trusted address is used as the original client address. If all
	// addresses in “x-forwarded-for“ are within the trusted list, the first (leftmost)
	// entry is used.
	//
	// This is typically used when requests are proxied by a
	// `CDN <https://en.wikipedia.org/wiki/Content_delivery_network>`_.
	//
	// Only one of “xff_num_trusted_hops“ and “xff_trusted_cidrs“ can be set.
	XffTrustedCidrs *XffTrustedCidrs `protobuf:"bytes,2,opt,name=xff_trusted_cidrs,json=xffTrustedCidrs,proto3" json:"xff_trusted_cidrs,omitempty"`
	// If set, Envoy will not append the remote address to the
	// :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header.
	//
	// .. attention::
	//
	//	For proper proxy behaviour it is not recommended to set this option.
	//	For backwards compatibility, if this option is unset it defaults to true.
	//
	// This only applies when :ref:`use_remote_address
	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.use_remote_address>`
	// is false, otherwise :ref:`skip_xff_append
	// <envoy_v3_api_field_extensions.filters.network.http_connection_manager.v3.HttpConnectionManager.skip_xff_append>`
	// applies.
	SkipXffAppend *wrapperspb.BoolValue `protobuf:"bytes,3,opt,name=skip_xff_append,json=skipXffAppend,proto3" json:"skip_xff_append,omitempty"`
	// contains filtered or unexported fields
}

This extension allows for the original downstream remote IP to be detected by reading the :ref:`config_http_conn_man_headers_x-forwarded-for` header.

[#extension: envoy.http.original_ip_detection.xff]

func (*XffConfig) Descriptor 

func (*XffConfig) Descriptor() ([]byte, []int)

Deprecated: Use XffConfig.ProtoReflect.Descriptor instead.

func (*XffConfig) GetSkipXffAppend 

func (x *XffConfig) GetSkipXffAppend() *wrapperspb.BoolValue

func (*XffConfig) GetXffNumTrustedHops 

func (x *XffConfig) GetXffNumTrustedHops() uint32

func (*XffConfig) GetXffTrustedCidrs 

func (x *XffConfig) GetXffTrustedCidrs() *XffTrustedCidrs

func (*XffConfig) ProtoMessage 

func (*XffConfig) ProtoMessage()

func (*XffConfig) ProtoReflect 

func (x *XffConfig) ProtoReflect() protoreflect.Message

func (*XffConfig) Reset 

func (x *XffConfig) Reset()

func (*XffConfig) String 

func (x *XffConfig) String() string

func (*XffConfig) Validate 

func (m *XffConfig) Validate() error

Validate checks the field values on XffConfig with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*XffConfig) ValidateAll 

func (m *XffConfig) ValidateAll() error

ValidateAll checks the field values on XffConfig with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in XffConfigMultiError, or nil if none found.

type XffConfigMultiError 

type XffConfigMultiError []error

XffConfigMultiError is an error wrapping multiple validation errors returned by XffConfig.ValidateAll() if the designated constraints aren't met.

func (XffConfigMultiError) AllErrors 

func (m XffConfigMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (XffConfigMultiError) Error 

func (m XffConfigMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type XffConfigValidationError 

type XffConfigValidationError struct {
	// contains filtered or unexported fields
}

XffConfigValidationError is the validation error returned by XffConfig.Validate if the designated constraints aren't met.

func (XffConfigValidationError) Cause 

func (e XffConfigValidationError) Cause() error

Cause function returns cause value.

func (XffConfigValidationError) Error 

func (e XffConfigValidationError) Error() string

Error satisfies the builtin error interface

func (XffConfigValidationError) ErrorName 

func (e XffConfigValidationError) ErrorName() string

ErrorName returns error name.

func (XffConfigValidationError) Field 

func (e XffConfigValidationError) Field() string

Field function returns field value.

func (XffConfigValidationError) Key 

func (e XffConfigValidationError) Key() bool

Key function returns key value.

func (XffConfigValidationError) Reason 

func (e XffConfigValidationError) Reason() string

Reason function returns reason value.

type XffTrustedCidrs 

type XffTrustedCidrs struct {

	// The list of `CIDRs <https://tools.ietf.org/html/rfc4632>`_ from which remote
	// connections are considered trusted.
	Cidrs []*v3.CidrRange `protobuf:"bytes,1,rep,name=cidrs,proto3" json:"cidrs,omitempty"`
	// contains filtered or unexported fields
}

func (*XffTrustedCidrs) Descriptor 

func (*XffTrustedCidrs) Descriptor() ([]byte, []int)

Deprecated: Use XffTrustedCidrs.ProtoReflect.Descriptor instead.

func (*XffTrustedCidrs) GetCidrs 

func (x *XffTrustedCidrs) GetCidrs() []*v3.CidrRange

func (*XffTrustedCidrs) ProtoMessage 

func (*XffTrustedCidrs) ProtoMessage()

func (*XffTrustedCidrs) ProtoReflect 

func (x *XffTrustedCidrs) ProtoReflect() protoreflect.Message

func (*XffTrustedCidrs) Reset 

func (x *XffTrustedCidrs) Reset()

func (*XffTrustedCidrs) String 

func (x *XffTrustedCidrs) String() string

func (*XffTrustedCidrs) Validate 

func (m *XffTrustedCidrs) Validate() error

Validate checks the field values on XffTrustedCidrs with the rules defined in the proto definition for this message. If any rules are violated, the first error encountered is returned, or nil if there are no violations.

func (*XffTrustedCidrs) ValidateAll 

func (m *XffTrustedCidrs) ValidateAll() error

ValidateAll checks the field values on XffTrustedCidrs with the rules defined in the proto definition for this message. If any rules are violated, the result is a list of violation errors wrapped in XffTrustedCidrsMultiError, or nil if none found.

type XffTrustedCidrsMultiError 

type XffTrustedCidrsMultiError []error

XffTrustedCidrsMultiError is an error wrapping multiple validation errors returned by XffTrustedCidrs.ValidateAll() if the designated constraints aren't met.

func (XffTrustedCidrsMultiError) AllErrors 

func (m XffTrustedCidrsMultiError) AllErrors() []error

AllErrors returns a list of validation violation errors.

func (XffTrustedCidrsMultiError) Error 

func (m XffTrustedCidrsMultiError) Error() string

Error returns a concatenation of all the error messages it wraps.

type XffTrustedCidrsValidationError 

type XffTrustedCidrsValidationError struct {
	// contains filtered or unexported fields
}

XffTrustedCidrsValidationError is the validation error returned by XffTrustedCidrs.Validate if the designated constraints aren't met.

func (XffTrustedCidrsValidationError) Cause 

func (e XffTrustedCidrsValidationError) Cause() error

Cause function returns cause value.

func (XffTrustedCidrsValidationError) Error 

func (e XffTrustedCidrsValidationError) Error() string

Error satisfies the builtin error interface

func (XffTrustedCidrsValidationError) ErrorName 

func (e XffTrustedCidrsValidationError) ErrorName() string

ErrorName returns error name.

func (XffTrustedCidrsValidationError) Field 

func (e XffTrustedCidrsValidationError) Field() string

Field function returns field value.

func (XffTrustedCidrsValidationError) Key 

func (e XffTrustedCidrsValidationError) Key() bool

Key function returns key value.

func (XffTrustedCidrsValidationError) Reason 

func (e XffTrustedCidrsValidationError) Reason() string

Reason function returns reason value.

Source Files

xff.pb.go xff.pb.validate.go

Version
v1.32.4 (latest)
Published
Feb 3, 2025
Platform
linux/amd64
Imports
19 packages
Last checked
1 day ago

Tools for package owners.