[stunnel-users] When X-FORWARDED-FOR for Stunnel ?

Elodie BOSSIER elodieuse at gmail.com
Thu Aug 18 14:58:13 CEST 2011


Greetings,

Why you don't implement X-FORWARDED-FOR into stunnel ?

I have found this patch : 
http://haproxy.1wt.eu/download/patches/stunnel-4.32-xforwarded-for.diff
but this on is to much old, i'm with stunnel 4.41 and i can't go to 4.32 
because i need SNI, implemented since 4.38

I have attempt to modify the patch to match with the current version, in 
begining it's ok but not after, all line code have changed and i'm not 
developer.

X-FORWARDED-FOR is very important and exist on mostly all the frontend 
web and usuable by all the web server.

Someone told me to switch to Nginx because X-FORWARDED-FOR don't exist 
in Stunnel ... I would like stay on Stunnel because it's only a light 
tunnel.

The patch have only 219 lines, could you help me please to addapt it to 
the version 4.41 and/or add this feature into Stunnel please ?

This is the "manual" to apply the patch : 
http://www.buro9.com/blog/2009/12/07/installing-haproxy-load-balance-http-and-https/
Just need to add "xforwardedfor=yes" into your config file and should be OK.

With this feature, I won't have need to "play" with this (censured) of 
transparent = source, iptables rules, tcpdump and root exec ...

Thanks so much ...

Elodie.



More information about the stunnel-users mailing list