Hey DM, have you considered implementing the proxy protocol?

https://www.haproxy.org/download/1.8/doc/prox...

While I think it would be helpful for folks who may want to put haproxy infront
 of Sync to help take the edge of script kiddies hitting telnet (and other?)
ports, I'd be interested in it for a different reason.

I'm a keen docker user, and pretty much put everything in a docker container,
and use it in a swarm (of 3 hosts). (Makes it easy to move stuff around, or
work on 1 host, while containers float to another one.)

The downside of docker swarm, is that for full flexibility, docker uses host
SNAT, which means the underlying application gets a connect that appears from
the hosts docker IP address (172.17.x.x normally), and therefore any "real" src
 address is lost. So if the application wants to make decisions about the
source, or present who the source is (as in the login to synchronet), you cant
do that.

If you were to implement the proxy protocol, and somebody was to put haproxy in
 front of synchronet, then, if synchronet understood the proxy protocol, it
would get the true source ip address during session initialisation - and
therefore could make decisions and present the connecting hosts source address.

(And in my docker scenario, it wouldnt matter which host synchronet is running
on as haproxy will always find it.)

So, just a feature request if you found that extra hour in the day, or day in
the week and had nothing to do <grin>

...δεσ*

---
 ■ Synchronet ■ Alterant | an SBBS in Docker on Pi!
 * Origin: Vertrauen - [vert/cvs/bbs].synchro.net (1:103/705)
SEEN-BY: 103/705 124/5013 5014 5015 5016 5017 130/215 154/10 19/33 203/0
SEEN-BY: 218/700 221/0 229/101 426 240/5832 2452/250 261/38 280/464 5003
SEEN-BY: 31999/99 387/21 396/45 423/120 712/848 770/1