Specify trusted CIDRs for Envoy real IP detection

[Valeriy Chistyakov]

How can I allow real client IP from the Proxy protocol header and special headers like "X-Real-Ip" only for trusted clients? For original_ip_detection.xff there is the `xff_trusted_cidrs` which I successfully use, but there is no such an option for proxy protocol filter and original_ip_detection.custom_header extension

[Yan Avlasov]

Please file an Issue on GitHub with the enhancement request.

On Sat, Feb 1, 2025 at 8:26 AM Valeriy Chistyakov <airen...@gmail.com> wrote:

How can I allow real client IP from the Proxy protocol header and special headers like "X-Real-Ip" only for trusted clients? For original_ip_detection.xff there is the `xff_trusted_cidrs` which I successfully use, but there is no such an option for proxy protocol filter and original_ip_detection.custom_header extension

--
You received this message because you are subscribed to the Google Groups "envoy-users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to envoy-users...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/envoy-users/3ee8e84b-8da8-4512-bfc5-101df8ff1a37n%40googlegroups.com.