Currently we can apply policy to verify the upstream address
|
if p.Policy != nil { |
|
proxyHeaderPolicy, err = p.Policy(conn.RemoteAddr()) |
|
if err != nil { |
|
// can't decide the policy, we can't accept the connection |
|
conn.Close() |
|
return nil, err |
|
} |
|
// Handle a connection as a regular one |
|
if proxyHeaderPolicy == SKIP { |
|
return conn, nil |
|
} |
|
} |
. There could be scenarios where there are multiple interfaces the server is listening on and we may want to enable the proxy protocol on only 1 interface. It would help to have policy support verifying the local address.
I can create a PR if the feature is okay to be implemented.
