mirror of
https://github.com/netbirdio/netbird.git
synced 2026-03-31 06:34:19 -04:00
f53155562f
* implement reverse proxy --------- Co-authored-by: Alisdair MacLeod <git@alisdairmacleod.co.uk> Co-authored-by: mlsmaycon <mlsmaycon@gmail.com> Co-authored-by: Eduard Gert <kontakt@eduardgert.de> Co-authored-by: Viktor Liu <viktor@netbird.io> Co-authored-by: Diego Noguês <diego.sure@gmail.com> Co-authored-by: Diego Noguês <49420+diegocn@users.noreply.github.com> Co-authored-by: Bethuel Mmbaga <bethuelmbaga12@gmail.com> Co-authored-by: Zoltan Papp <zoltan.pmail@gmail.com> Co-authored-by: Ashley Mensah <ashleyamo982@gmail.com>
44 lines
982 B
Go
44 lines
982 B
Go
package proxy
|
|
|
|
import (
|
|
"fmt"
|
|
"net/netip"
|
|
"strings"
|
|
)
|
|
|
|
// ParseTrustedProxies parses a comma-separated list of CIDR prefixes or bare IPs
|
|
// into a slice of netip.Prefix values suitable for trusted proxy configuration.
|
|
// Bare IPs are converted to single-host prefixes (/32 or /128).
|
|
func ParseTrustedProxies(raw string) ([]netip.Prefix, error) {
|
|
if raw == "" {
|
|
return nil, nil
|
|
}
|
|
|
|
parts := strings.Split(raw, ",")
|
|
prefixes := make([]netip.Prefix, 0, len(parts))
|
|
for _, part := range parts {
|
|
part = strings.TrimSpace(part)
|
|
if part == "" {
|
|
continue
|
|
}
|
|
|
|
prefix, err := netip.ParsePrefix(part)
|
|
if err == nil {
|
|
prefixes = append(prefixes, prefix)
|
|
continue
|
|
}
|
|
|
|
addr, addrErr := netip.ParseAddr(part)
|
|
if addrErr != nil {
|
|
return nil, fmt.Errorf("parse trusted proxy %q: not a valid CIDR or IP: %w", part, addrErr)
|
|
}
|
|
|
|
bits := 32
|
|
if addr.Is6() {
|
|
bits = 128
|
|
}
|
|
prefixes = append(prefixes, netip.PrefixFrom(addr, bits))
|
|
}
|
|
return prefixes, nil
|
|
}
|