proxy-protocol 0.8.0

PROXY protocol library with asyncio server implementation

proxy-protocol

PROXY protocol library with asyncio server implementation.

Specification

API Documentation

Docker Image

Table of Contents

• Install and Usage
• Server Usage
  • Echo Server
  • Proxy Server
• Development and Testing
  • Type Hinting

Install and Usage

$ pip install proxy-protocol

Integration with an asyncio.start_server based server is intended to be extremely simple. Here is an example, which will detect PROXY protocol v1 or v2.

from functools import partial

from proxyprotocol.base import ProxyProtocol
from proxyprotocol.detect import ProxyProtocolDetect
from proxyprotocol.reader import ProxyProtocolReader
from proxyprotocol.socket import SocketInfo

async def run(host: str, port: int) -> None:
    pp_detect = ProxyProtocolDetect()
    pp_reader = ProxyProtocolReader(pp_detect)
    callback = partial(on_connection, pp_reader)
    server = await asyncio.start_server(callback, host, port)
    async with server:
        await server.serve_forever()

async def on_connection(pp_reader: ProxyProtocolReader,
                        reader: StreamReader, writer: StreamWriter) -> None:
    result = await pp_reader.read(reader)
    info = SocketInfo(writer, result)
    print(info.family, info.peername)
    # ... continue using connection

To simplify PROXY protocol use based on configuration, the version can also be read from a string.

from proxyprotocol.version import ProxyProtocolVersion

pp_noop = ProxyProtocolVersion.get()
pp_detect = ProxyProtocolVersion.get('detect')
pp_v1 = ProxyProtocolVersion.get('v1')
pp_v2 = ProxyProtocolVersion.get('v2')

The pp_noop object in this example is a special case implementation that does not read a PROXY protocol header from the stream at all. It may be used to disable PROXY protocol use without complicating your server code.

You can also check out the proxyprotocol/echo.py reference implementation. If you configure your proxy to send PROXY protocol to localhost:10007, you can see it in action:

$ proxyprotocol-echo --help
$ proxyprotocol-echo detect
$ proxyprotocol-echo noop

Server Usage

Two basic server implementations are included for reference. Using the two together can demonstrate the process end-to-end: use proxyprotocol-server to proxy connections with a PROXY protocol header to proxyprotocol-echo, which then displays the original connection information.

The hostname:port arguments used by both types of servers are parsed by the Address class, which allows for customization of SSL/TLS and PROXY protocol versions.

Echo Server

The proxyprotocol-echo server expects inbound connections to provide a PROXY protocol header indicating the original source of the connection. After the header, all received data will be echoed back to the client.

proxyprotocol-echo --help
proxyprotocol-echo  # run the server

Proxy Server

The proxyprotocol-server server proxies inbound connections to another host/port endoint, prefixing the outbound connection with a PROXY protocol header to indicate the original connection information.

proxyprotocol-server --help
proxyprotocol-server --service localhost:10000 localhost:10007

Development and Testing

You will need to do some additional setup to develop and test plugins. First off, I suggest activating a venv. Then, install the requirements and a local link to the proxy-protocol package:

$ pip install -r requirements-dev.txt

Run the tests with py.test:

$ py.test

If you intend to create a pull request, you should make sure the full suite of tests run by CI/CD is passing:

$ py.test
$ mypy proxyprotocol test
$ flake8 proxyprotocol test

Type Hinting

This project makes heavy use of Python's type hinting system, with the intention of a clean run of mypy in strict mode:

mypy proxyprotocol test

No code contribution will be accepted unless it makes every effort to use type hinting to the extent possible and common in the rest of the codebase.

The MIT License (MIT)

Copyright (c) 2021 Ian Good

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.