• haproxy

    From Alterego@VERT/ALTERANT to Digital Man on Friday, July 26, 2019 22:23:40
    Hey DM, have you considered implementing the proxy protocol?

    https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt

    While I think it would be helpful for folks who may want to put haproxy infront of Sync to help take the edge of script kiddies hitting telnet (and other?) ports, I'd be interested in it for a different reason.

    I'm a keen docker user, and pretty much put everything in a docker container, and use it in a swarm (of 3 hosts). (Makes it easy to move stuff around, or work on 1 host, while containers float to another one.)

    The downside of docker swarm, is that for full flexibility, docker uses host SNAT, which means the underlying application gets a connect that appears from the hosts docker IP address (172.17.x.x normally), and therefore any "real" src address is lost. So if the application wants to make decisions about the source, or present who the source is (as in the login to synchronet), you cant do that.

    If you were to implement the proxy protocol, and somebody was to put haproxy in front of synchronet, then, if synchronet understood the proxy protocol, it would get the true source ip address during session initialisation - and therefore could make decisions and present the connecting hosts source address.

    (And in my docker scenario, it wouldnt matter which host synchronet is running on as haproxy will always find it.)

    So, just a feature request if you found that extra hour in the day, or day in the week and had nothing to do <grin>

    ...*

    ---
    Synchronet Alterant | an SBBS in Docker on Pi!
  • From Phil Taylor@VERT/SBBS to Alterego on Friday, July 26, 2019 16:26:24
    Re: haproxy
    By: Alterego to Digital Man on Fri Jul 26 2019 22:23:40

    Hey DM

    Your not removing baja on the next release?

    ---
    Synchronet sbbs.dynu.net 2025
  • From Digital Man@VERT to Alterego on Friday, July 26, 2019 11:43:28
    Re: haproxy
    By: Alterego to Digital Man on Fri Jul 26 2019 10:23 pm

    Hey DM, have you considered implementing the proxy protocol?

    Nope, never heard of it.

    https://www.haproxy.org/download/1.8/doc/proxy-protocol.txt

    Looks like something you could do in JS. Take a look at exec/web_socket*.js as examples of proxy services for Synchronet.

    digital man

    This Is Spinal Tap quote #33:
    Nigel Tufnel: Well, so what? What's wrong with bein' sexy?
    Norco, CA WX: 90.5F, 37.0% humidity, 4 mph N wind, 0.00 inches rain/24hrs

    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From Digital Man@VERT to Phil Taylor on Friday, July 26, 2019 11:44:23
    Re: Baja
    By: Phil Taylor to Alterego on Fri Jul 26 2019 04:26 pm

    Re: haproxy
    By: Alterego to Digital Man on Fri Jul 26 2019 22:23:40

    Hey DM

    Your not removing baja on the next release?

    I don't think so.

    digital man

    Synchronet "Real Fact" #43:
    Synchronet added Baja/PCMS support with v2.00a (1994).
    Norco, CA WX: 90.5F, 37.0% humidity, 4 mph N wind, 0.00 inches rain/24hrs

    ---
    Synchronet Vertrauen Home of Synchronet [vert/cvs/bbs].synchro.net
  • From Phil Taylor@VERT/SBBS to Digital Man on Saturday, July 27, 2019 02:29:15
    Re: Baja
    By: Digital Man to Phil Taylor on Fri Jul 26 2019 11:44:23

    Your not removing baja on the next release?

    I don't think so.


    DM

    Thank you

    ---
    Synchronet sbbs.dynu.net 2025