Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: proxy_allowed not working in latest image #1671

Open
2 tasks done
ziporah opened this issue Jun 26, 2024 · 0 comments
Open
2 tasks done

[Bug]: proxy_allowed not working in latest image #1671

ziporah opened this issue Jun 26, 2024 · 0 comments
Labels
support request request for free support. Check out our support policy

Comments

@ziporah
Copy link

ziporah commented Jun 26, 2024

⚠️ This issue respects the following points: ⚠️

  • This is a bug, not a question or a configuration issue.
  • This issue is not already reported on Github (I've searched it).

Bug description

The proxy_protocol allowed isn't working in the latest version.

Steps to reproduce

  1. configure sftp with proxy allowed
    Environment:
      SFTPGO_COMMON__PROXY_ALLOWED__0:             193.58.149.121
      SFTPGO_COMMON__PROXY_ALLOWED__1:             193.58.149.122
      SFTPGO_COMMON__PROXY_PROTOCOL:               2
      SFTPGO_COMMON__PROXY_SKIPPED__0:             10.241.253.0/24
  1. Run sftp command trough proxy with proxy protocol configured
  2. Log shows error
{"level":"debug","time":"2024-06-26T08:12:46.238","sender":"sftpd","message":"failed to accept an incoming connection from ip \"193.58.149.121\": proxyproto: upstream connection sent PROXY header but isn't allowed to send one"}
{"level":"debug","time":"2024-06-26T08:12:46.238","sender":"connection_failed","client_ip":"193.58.149.121","username":"","login_type":"no_auth_tried","protocol":"SSH","error":"proxyproto: upstream connection sent PROXY header but isn't allowed to send one"}

Expected behavior

the pod should accept the connection

SFTPGo version

2.6.x image

Data provider

sqlite

Installation method

Community Docker image

Configuration

Environment:
  SFTPGO_COMMON__PROXY_ALLOWED__0:             193.58.149.121
  SFTPGO_COMMON__PROXY_ALLOWED__1:             193.58.149.122
  SFTPGO_COMMON__PROXY_PROTOCOL:               2
  SFTPGO_COMMON__PROXY_SKIPPED__0:             10.241.253.0/24
  SFTPGO_DEFAULT_ADMIN_USERNAM:  username
  SFTPGO_DEFAULT_ADMIN_PASSWORD: password

Relevant log output

{"level":"debug","time":"2024-06-26T08:12:46.238","sender":"sftpd","message":"failed to accept an incoming connection from ip \"193.58.149.121\": proxyproto: upstream connection sent PROXY header but isn't allowed to send one"}
{"level":"debug","time":"2024-06-26T08:12:46.238","sender":"connection_failed","client_ip":"193.58.149.121","username":"","login_type":"no_auth_tried","protocol":"SSH","error":"proxyproto: upstream connection sent PROXY header but isn't allowed to send one"}

What are you using SFTPGo for?

Enterprise

Additional info

It works fine with the 2.5.x image
@ziporah ziporah added the bug Something isn't working label Jun 26, 2024
@drakkan drakkan added support request request for free support. Check out our support policy and removed bug Something isn't working labels Jun 26, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
support request request for free support. Check out our support policy
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@drakkan @ziporah