HAProxy - forward client IP
After @Neoon kindly pointed me in the direction of haproxy, for reverse proxy use, I've nearly got a full setup. I'm struggling with the last piece of the puzzle, even after trying to comprehend the vast options in the documentation.
I'm trying to determine the original client IP. Straight http requests can be interrogated the through x-forward but this isn't much good for system monitoring, for example. Also, a control panel in a VM only sees access coming from the host IP.
Here's a snippet of what I've got, sorry for the formatting (need code tagging):
option forwardfor header X-Client
acl tls req.ssl_hello_type 1
tcp-request inspect-delay 5s
tcp-request content accept if tls
acl host_ks.domain1.com_webmin req.ssl_sni -i ks.domain1.com
use_backend ks.domain1.com_webmin if host_ks.domain1.com_webmin
server ukc.domain1.com 10.0.0.100:10000
Note: I had to change the host webmin port (not such a bad idea), as I couldn't get haproxy to ignore/pass it though. Below is currently commented out..
( in frontend webmin )
acl host_d3.domain1.com_webmin req.ssl_sni -i d3.domain1.com
use_backend d3.domain1.com_webmin if host_d3.domain1.com_webmin
server d3.domain1.com 18.104.22.168:10000
I have a further VM but left that out, for clarity.
All other aspects appear to be fine, with CSF redirecting various ports and VMs able to access the 'net.
Oh, and thanks again @Neoon
Where's the ignore setting?