ocserv 0.10.6
Nikos Mavrogiannopoulos
nmav at gnutls.org
Wed Jul 15 01:12:17 PDT 2015
On Thu, Jul 2, 2015 at 5:20 PM, Niels Peen <niels at peen.ch> wrote:
>> - The worker processes will utilize the UDP socket address (if any),
>> when reporting peer's address if the listen-clear-file option is set.
> Is it possible to enable this feature for all connections? (Not just non-TLS connections.) The same functionality would be useful for TLS connections forwarded by a simple SNI selector like sniproxy.
I'm wondering whether it makes sense to do that which is an ugly hack,
instead of supporting the proxy protocol [0] from haproxy. It allows
the proxy to send all the useful information at session initiation.
regards,
Nikos
[0]. http://www.haproxy.org/download/1.6/doc/proxy-protocol.txt
More information about the openconnect-devel
mailing list