Accept PROXY protocol

Alan DeKok aland at
Fri Jul 30 16:05:38 CEST 2021

On Jul 22, 2021, at 8:41 AM, Alan DeKok <aland at> wrote:
>  TBH, it's probably not too hard to add support for this.

>  Right now, the server core assumes that the TCP connection IP/port is where the data comes from.  So it would have to separate the TCP connection from the client connection information.
>  It's probably less than 1000 lines of code to add this for TCP/TLS connections.  But the developers are largely booked with a ton of other things, so this is on the "nice, but perhaps one day" list.

$ git diff 2f2db87b0 src/main/tls_listen.c  | wc -l

  So that's nice.  :)

  For anyone who wants PROXY protocol support, please try v3.0.x.  Please also suggest documentation updates, specifically comments on configuring haproxy.

  Alan DeKok.

More information about the Freeradius-Users mailing list