From 777feee0de5ca14c770a7c99dd0bc47988061f28 Mon Sep 17 00:00:00 2001 From: "data-plane-api(CircleCI)" Date: Fri, 21 Sep 2018 20:40:31 +0000 Subject: [PATCH] hcm: allow unix sockets to be considered internal addresses (#4470) * hcm: allow unix sockets to be considered internal addresses Adds a config option that treats unix socket addresses as internal for the purpose of stats/header santization. Signed-off-by: Snow Pettersen Mirrored from https://github.com/envoyproxy/envoy @ abf17919e363a1c9a2ce6dec85cda8cd6ba725dc --- .../v2/http_connection_manager.proto | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto b/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto index 6ebddf8e..f2c277e6 100644 --- a/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto +++ b/envoy/config/filter/network/http_connection_manager/v2/http_connection_manager.proto @@ -195,6 +195,17 @@ message HttpConnectionManager { // :ref:`config_http_conn_man_headers_x-forwarded-for` for more information. uint32 xff_num_trusted_hops = 19; + message InternalAddressConfig { + // Whether unix socket addresses should be considered internal. + bool unix_sockets = 1; + } + + // Configures what network addresses are considered internal for stats and header sanitazion + // purposes. If unspecified, only RFC1918 IP addresses will be considered internal. + // See the documentation for :ref:`config_http_conn_man_headers_x-envoy-internal` for more + // information about internal/external addresses. + InternalAddressConfig internal_address_config = 25; + // If set, Envoy will not append the remote address to the // :ref:`config_http_conn_man_headers_x-forwarded-for` HTTP header. This may be used in // conjunction with HTTP filters that explicitly manipulate XFF after the HTTP connection manager