Proxy Protocol Not Working
streamingsystems opened this issue · comments
I saw your comment on the other posting but want to open a new issue for you.
When I first started using this module we were not using proxy protocol (behind HA Proxy).
When I turned on Proxy Protocol it would not work.
nginx version: nginx/1.24.0
built by gcc 8.5.0 20210514 (Red Hat 8.5.0-16) (GCC)
built with OpenSSL 1.1.1k FIPS 25 Mar 2021
TLS SNI support enabled
configure arguments: --prefix=/etc/nginx --sbin-path=/usr/sbin/nginx --modules-path=/usr/lib64/nginx/modules --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid --lock-path=/var/run/nginx.lock --http-client-body-temp-path=/var/cache/nginx/client_temp --http-proxy-temp-path=/var/cache/nginx/proxy_temp --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx --group=nginx --with-compat --with-file-aio --with-threads --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_mp4_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_slice_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_v2_module --with-mail --with-mail_ssl_module --with-stream --with-stream_realip_module --with-stream_ssl_module --with-stream_ssl_preread_module --with-openssl-opt=enable-ktls --with-cc-opt='-O2 -g -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -fexceptions -fstack-protector-strong -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1 -m64 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection -fPIC' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -pie'
Conf:
rtmp_auto_push on;
rtmp {
out_queue 4096;
out_cork 8;
max_streams 128;
timeout 10s;
drop_idle_publisher 10s;
respawn off;
log_interval 5s;
log_size 1m;
server {
listen 1935;
listen [::]:1935;
listen 1936 proxy_protocol;
listen [::]:1936 proxy_protocol;
chunk_size 4096;
......
}
user nginx;
worker_processes auto;
worker_rlimit_nofile 32768;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 2048;
use epoll;
multi_accept on;
}
In order to get this to work I had to make the following 2 small code changes. I am not sure if these changes introduced other problems but once I made the changes the proxy protocol worked:
--
ngx_rtmp_core_module.c
Line 860, added:
addr->opt.proxy_protocol = lsopt->proxy_protocol || addr->opt.proxy_protocol;
ngx_rtmp_init.c
Line 149:
changed
if (rconn->proxy_protocol) {
to this:
if (rconn->addr_conf->proxy_protocol) {
Thanks!
In order to get this to work I had to make the following 2 small code changes. I am not sure if these changes introduced other problems but once I made the changes the proxy protocol worked:
--
ngx_rtmp_core_module.c
Line 860, added:
addr->opt.proxy_protocol = lsopt->proxy_protocol || addr->opt.proxy_protocol;
Actually, proxy protocol has been originally supported by this module, so no need to add this line to support the directive:
listen ... proxy_protocol;
ngx_rtmp_init.c
Line 149:
changed
if (rconn->proxy_protocol) {
to this:
if (rconn->addr_conf->proxy_protocol) {
Thanks!
It's OK!
Fixed.
Thank you for reporting the bug.