proxy_protocolv3

type ProxyProtocol struct {

	// The list of rules to apply to requests.
	Rules []*ProxyProtocol_Rule `protobuf:"bytes,1,rep,name=rules,proto3" json:"rules,omitempty"`
	// Allow requests through that don't use proxy protocol. Defaults to false.
	//
	// .. attention::
	//
	//	This breaks conformance with the specification.
	//	Only enable if ALL traffic to the listener comes from a trusted source.
	//	For more information on the security implications of this feature, see
	//	https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt
	//
	// .. attention::
	//
	//	Requests of 12 or fewer bytes that match the proxy protocol v2 signature
	//	and requests of 6 or fewer bytes that match the proxy protocol v1
	//	signature will timeout (Envoy is unable to differentiate these requests
	//	from incomplete proxy protocol requests).
	AllowRequestsWithoutProxyProtocol bool `` /* 167-byte string literal not displayed */
	// This config controls which TLVs can be passed to filter state if it is Proxy Protocol
	// V2 header. If there is no setting for this field, no TLVs will be passed through.
	//
	// .. note::
	//
	//	If this is configured, you likely also want to set
	//	:ref:`core.v3.ProxyProtocolConfig.pass_through_tlvs <envoy_v3_api_field_config.core.v3.ProxyProtocolConfig.pass_through_tlvs>`,
	//	which controls pass-through for the upstream.
	PassThroughTlvs *v3.ProxyProtocolPassThroughTLVs `protobuf:"bytes,3,opt,name=pass_through_tlvs,json=passThroughTlvs,proto3" json:"pass_through_tlvs,omitempty"`
	// The PROXY protocol versions that won't be matched. Useful to limit the scope and attack surface of the filter.
	//
	// When the filter receives PROXY protocol data that is disallowed, it will reject the connection.
	// By default, the filter will match all PROXY protocol versions.
	// See https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt for details.
	//
	// .. attention::
	//
	//	When used in conjunction with the :ref:`allow_requests_without_proxy_protocol <envoy_v3_api_field_extensions.filters.listener.proxy_protocol.v3.ProxyProtocol.allow_requests_without_proxy_protocol>`,
	//	the filter will not attempt to match signatures for the disallowed versions.
	//	For example, when “disallowed_versions=V2“, “allow_requests_without_proxy_protocol=true“,
	//	and an incoming request matches the V2 signature, the filter will allow the request through without any modification.
	//	The filter treats this request as if it did not have any PROXY protocol information.
	DisallowedVersions []v3.ProxyProtocolConfig_Version `` /* 177-byte string literal not displayed */
	// contains filtered or unexported fields
}

type ProxyProtocol_KeyValuePair struct {

	// The namespace — if this is empty, the filter's namespace will be used.
	MetadataNamespace string `protobuf:"bytes,1,opt,name=metadata_namespace,json=metadataNamespace,proto3" json:"metadata_namespace,omitempty"`
	// The key to use within the namespace.
	Key string `protobuf:"bytes,2,opt,name=key,proto3" json:"key,omitempty"`
	// contains filtered or unexported fields
}

type ProxyProtocol_Rule struct {

	// The type that triggers the rule - required
	// TLV type is defined as uint8_t in proxy protocol. See `the spec
	// <https://www.haproxy.org/download/2.1/doc/proxy-protocol.txt>`_ for details.
	TlvType uint32 `protobuf:"varint,1,opt,name=tlv_type,json=tlvType,proto3" json:"tlv_type,omitempty"`
	// If the TLV type is present, apply this metadata KeyValuePair.
	OnTlvPresent *ProxyProtocol_KeyValuePair `protobuf:"bytes,2,opt,name=on_tlv_present,json=onTlvPresent,proto3" json:"on_tlv_present,omitempty"`
	// contains filtered or unexported fields
}