added proxy protocol

config/config.go

@@ -252,7 +252,9 @@ type SockOptsConfig struct {
 type ServiceConfig struct {
 	Name string `json:"name"`
 	Addr string `yaml:",omitempty" json:"addr,omitempty"`
+	// DEPRECATED by metadata.interface since beta.5
 	Interface string `yaml:",omitempty" json:"interface,omitempty"`
+	// DEPRECATED by metadata.so_mark since beta.5
 	SockOpts   *SockOptsConfig   `yaml:"sockopts,omitempty" json:"sockopts,omitempty"`
 	Admission  string            `yaml:",omitempty" json:"admission,omitempty"`
 	Admissions []string          `yaml:",omitempty" json:"admissions,omitempty"`
@@ -260,11 +262,11 @@ type ServiceConfig struct {
 	Bypasses   []string          `yaml:",omitempty" json:"bypasses,omitempty"`
 	Resolver   string            `yaml:",omitempty" json:"resolver,omitempty"`
 	Hosts      string            `yaml:",omitempty" json:"hosts,omitempty"`
+	Limiter    string            `yaml:",omitempty" json:"limiter,omitempty"`
 	Recorders  []*RecorderObject `yaml:",omitempty" json:"recorders,omitempty"`
 	Handler    *HandlerConfig    `yaml:",omitempty" json:"handler,omitempty"`
 	Listener   *ListenerConfig   `yaml:",omitempty" json:"listener,omitempty"`
 	Forwarder  *ForwarderConfig  `yaml:",omitempty" json:"forwarder,omitempty"`
-	Limiter    string            `yaml:",omitempty" json:"limiter,omitempty"`
 	Metadata   map[string]any    `yaml:",omitempty" json:"metadata,omitempty"`
 }
 

config/parsing/chain.go

@@ -6,9 +6,11 @@ import (
 	"github.com/go-gost/core/connector"
 	"github.com/go-gost/core/dialer"
 	"github.com/go-gost/core/logger"
+	"github.com/go-gost/core/metadata"
+	mdutil "github.com/go-gost/core/metadata/util"
 	"github.com/go-gost/x/config"
 	tls_util "github.com/go-gost/x/internal/util/tls"
-	"github.com/go-gost/x/metadata"
+	mdx "github.com/go-gost/x/metadata"
 	"github.com/go-gost/x/registry"
 )
 
@@ -24,7 +26,7 @@ func ParseChain(cfg *config.ChainConfig) (chain.Chainer, error) {
 
 	c := chain.NewChain(cfg.Name)
 	if cfg.Metadata != nil {
-		c.WithMetadata(metadata.NewMetadata(cfg.Metadata))
+		c.WithMetadata(mdx.NewMetadata(cfg.Metadata))
 	}
 
 	selector := parseNodeSelector(cfg.Selector)
@@ -54,6 +56,11 @@ func ParseChain(cfg *config.ChainConfig) (chain.Chainer, error) {
 				return nil, err
 			}
 
+			var nm metadata.Metadata
+			if v.Metadata != nil {
+				nm = mdx.NewMetadata(v.Metadata)
+			}
+
 			cr := registry.ConnectorRegistry().Get(v.Connector.Type)(
 				connector.AuthOption(parseAuth(v.Connector.Auth)),
 				connector.TLSConfigOption(tlsConfig),
@@ -63,7 +70,7 @@ func ParseChain(cfg *config.ChainConfig) (chain.Chainer, error) {
 			if v.Connector.Metadata == nil {
 				v.Connector.Metadata = make(map[string]any)
 			}
-			if err := cr.Init(metadata.NewMetadata(v.Connector.Metadata)); err != nil {
+			if err := cr.Init(mdx.NewMetadata(v.Connector.Metadata)); err != nil {
 				connectorLogger.Error("init: ", err)
 				return nil, err
 			}
@@ -84,16 +91,21 @@ func ParseChain(cfg *config.ChainConfig) (chain.Chainer, error) {
 				return nil, err
 			}
 
+			var ppv int
+			if nm != nil {
+				ppv = mdutil.GetInt(nm, mdKeyProxyProtocol)
+			}
 			d := registry.DialerRegistry().Get(v.Dialer.Type)(
 				dialer.AuthOption(parseAuth(v.Dialer.Auth)),
 				dialer.TLSConfigOption(tlsConfig),
 				dialer.LoggerOption(dialerLogger),
+				dialer.ProxyProtocolOption(ppv),
 			)
 
 			if v.Dialer.Metadata == nil {
 				v.Dialer.Metadata = make(map[string]any)
 			}
-			if err := d.Init(metadata.NewMetadata(v.Dialer.Metadata)); err != nil {
+			if err := d.Init(mdx.NewMetadata(v.Dialer.Metadata)); err != nil {
 				dialerLogger.Error("init: ", err)
 				return nil, err
 			}
@@ -129,10 +141,9 @@ func ParseChain(cfg *config.ChainConfig) (chain.Chainer, error) {
 				WithTransport(tr).
 				WithBypass(bypass.BypassGroup(bypassList(v.Bypass, v.Bypasses...)...)).
 				WithResolver(registry.ResolverRegistry().Get(v.Resolver)).
-				WithHostMapper(registry.HostsRegistry().Get(v.Hosts))
-			if v.Metadata != nil {
-				node.WithMetadata(metadata.NewMetadata(v.Metadata))
-			}
+				WithHostMapper(registry.HostsRegistry().Get(v.Hosts)).
+				WithMetadata(nm)
+
 			group.AddNode(node)
 		}
 

config/parsing/parse.go

@@ -27,6 +27,12 @@ import (
 	xs "github.com/go-gost/x/selector"
 )
 
+const (
+	mdKeyProxyProtocol = "proxyProtocol"
+	mdKeyInterface     = "interface"
+	mdKeySoMark        = "so_mark"
+)
+
 func ParseAuther(cfg *config.AutherConfig) auth.Authenticator {
 	if cfg == nil {
 		return nil

config/parsing/service.go

@@ -10,6 +10,7 @@ import (
 	"github.com/go-gost/core/handler"
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
+	mdutil "github.com/go-gost/core/metadata/util"
 	"github.com/go-gost/core/recorder"
 	"github.com/go-gost/core/selector"
 	"github.com/go-gost/core/service"
@@ -68,6 +69,28 @@ func ParseService(cfg *config.ServiceConfig) (service.Service, error) {
 
 	admissions := admissionList(cfg.Admission, cfg.Admissions...)
 
+	var sockOpts *chain.SockOpts
+	if cfg.SockOpts != nil {
+		sockOpts = &chain.SockOpts{
+			Mark: cfg.SockOpts.Mark,
+		}
+	}
+
+	var ppv int
+	ifce := cfg.Interface
+	if cfg.Metadata != nil {
+		md := metadata.NewMetadata(cfg.Metadata)
+		ppv = mdutil.GetInt(md, mdKeyProxyProtocol)
+		if v := mdutil.GetString(md, mdKeyInterface); v != "" {
+			ifce = v
+		}
+		if v := mdutil.GetInt(md, mdKeySoMark); v > 0 {
+			sockOpts = &chain.SockOpts{
+				Mark: v,
+			}
+		}
+	}
+
 	ln := registry.ListenerRegistry().Get(cfg.Listener.Type)(
 		listener.AddrOption(cfg.Addr),
 		listener.AutherOption(auther),
@@ -78,6 +101,7 @@ func ParseService(cfg *config.ServiceConfig) (service.Service, error) {
 		listener.RateLimiterOption(registry.RateLimiterRegistry().Get(cfg.Limiter)),
 		listener.LoggerOption(listenerLogger),
 		listener.ServiceOption(cfg.Name),
+		listener.ProxyProtocolOption(ppv),
 	)
 
 	if cfg.Listener.Metadata == nil {
@@ -118,13 +142,6 @@ func ParseService(cfg *config.ServiceConfig) (service.Service, error) {
 		auther = auth.AuthenticatorGroup(authers...)
 	}
 
-	var sockOpts *chain.SockOpts
-	if cfg.SockOpts != nil {
-		sockOpts = &chain.SockOpts{
-			Mark: cfg.SockOpts.Mark,
-		}
-	}
-
 	var recorders []recorder.RecorderObject
 	for _, r := range cfg.Recorders {
 		recorders = append(recorders, recorder.RecorderObject{
@@ -135,7 +152,7 @@ func ParseService(cfg *config.ServiceConfig) (service.Service, error) {
 	router := (&chain.Router{}).
 		WithRetries(cfg.Handler.Retries).
 		// WithTimeout(timeout time.Duration).
-		WithInterface(cfg.Interface).
+		WithInterface(ifce).
 		WithSockOpts(sockOpts).
 		WithChain(chainGroup(cfg.Handler.Chain, cfg.Handler.ChainGroup)).
 		WithResolver(registry.ResolverRegistry().Get(cfg.Resolver)).

go.mod

@@ -7,7 +7,7 @@ require (
 	github.com/asaskevich/govalidator v0.0.0-20210307081110-f21760c49a8d
 	github.com/gin-contrib/cors v1.3.1
 	github.com/gin-gonic/gin v1.7.7
-	github.com/go-gost/core v0.0.0-20220905144653-5c46613716c1
+	github.com/go-gost/core v0.0.0-20220908132925-c546a6b711d9
 	github.com/go-gost/gosocks4 v0.0.1
 	github.com/go-gost/gosocks5 v0.3.1-0.20211109033403-d894d75b7f09
 	github.com/go-gost/relay v0.1.1-0.20211123134818-8ef7fd81ffd7
@@ -18,6 +18,7 @@ require (
 	github.com/gorilla/websocket v1.5.0
 	github.com/lucas-clemente/quic-go v0.29.0
 	github.com/miekg/dns v1.1.50
+	github.com/pires/go-proxyproto v0.6.2
 	github.com/prometheus/client_golang v1.12.1
 	github.com/rs/xid v1.3.0
 	github.com/shadowsocks/go-shadowsocks2 v0.1.5

go.sum

@@ -45,7 +45,6 @@ github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuy
 github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
-github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d h1:UQZhZ2O0vMHr2cI+DC1Mbh0TJxzA3RcLoMsFw+aXw7E=
 github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho=
 github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137 h1:s6gZFSlWYmbqAuRjVTiNNhvNRfY2Wxp9nhfyel4rklc=
 github.com/alecthomas/units v0.0.0-20211218093645-b94a6e3cc137/go.mod h1:OMCwj8VM1Kc9e19TLln2VL61YJF0x1XFtfdL4JdbSyE=
@@ -99,8 +98,8 @@ github.com/gin-gonic/gin v1.7.7/go.mod h1:axIBovoeJpVj8S3BwE0uPMTeReE4+AfFtqpqaZ
 github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
 github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
-github.com/go-gost/core v0.0.0-20220905144653-5c46613716c1 h1:9lmcFFN5PEK6+zt+9Hp11XHZ9cl/y+3nL96sI8T0RxA=
-github.com/go-gost/core v0.0.0-20220905144653-5c46613716c1/go.mod h1:bHVbCS9da6XtKNYMkMUVcck5UqDDUkyC37erVfs4GXQ=
+github.com/go-gost/core v0.0.0-20220908132925-c546a6b711d9 h1:0y/ybIPhTJ6fwaN73r2zHmf7zyiaqjpmXTM5W4e0HbM=
+github.com/go-gost/core v0.0.0-20220908132925-c546a6b711d9/go.mod h1:bHVbCS9da6XtKNYMkMUVcck5UqDDUkyC37erVfs4GXQ=
 github.com/go-gost/gosocks4 v0.0.1 h1:+k1sec8HlELuQV7rWftIkmy8UijzUt2I6t+iMPlGB2s=
 github.com/go-gost/gosocks4 v0.0.1/go.mod h1:3B6L47HbU/qugDg4JnoFPHgJXE43Inz8Bah1QaN9qCc=
 github.com/go-gost/gosocks5 v0.3.1-0.20211109033403-d894d75b7f09 h1:A95M6UWcfZgOuJkQ7QLfG0Hs5peWIUSysCDNz4pfe04=
@@ -290,6 +289,8 @@ github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1y
 github.com/onsi/gomega v1.18.1 h1:M1GfJqGRrBrrGGsbxzV5dqM2U2ApXefZCQpkukxYRLE=
 github.com/pelletier/go-toml v1.9.4 h1:tjENF6MfZAg8e4ZmZTeWaWiT2vXtsoO6+iuOjFhECwM=
 github.com/pelletier/go-toml v1.9.4/go.mod h1:u1nR/EPcESfeI/szUZKdtJ0xRNbUoANCkoOuaOx1Y+c=
+github.com/pires/go-proxyproto v0.6.2 h1:KAZ7UteSOt6urjme6ZldyFm4wDe/z0ZUP0Yv0Dos0d8=
+github.com/pires/go-proxyproto v0.6.2/go.mod h1:Odh9VFOZJCf9G8cLW5o435Xf1J95Jw9Gw5rnCjcwzAY=
 github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
 github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
@@ -593,7 +594,6 @@ golang.org/x/text v0.3.7 h1:olpwvP2KacW1ZWvsR7uQhoyTYvKAupfQrRGBFM352Gk=
 golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
 golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
-golang.org/x/time v0.0.0-20191024005414-555d28b269f0 h1:/5xXl8Y5W96D+TtHSlonuFqGHIWVuyCkGJLwGh9JJFs=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
 golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9 h1:ftMN5LMiBFjbzleLqtoBZk7KdJwhuybIU+FckUHgoyQ=
 golang.org/x/time v0.0.0-20220722155302-e5dcc9cfc0b9/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=

hosts/hosts.go

@@ -59,12 +59,12 @@ func LoggerOption(logger logger.Logger) Option {
 	}
 }
 
-// Hosts is a static table lookup for hostnames.
+// hostMapper is a static table lookup for hostnames.
 // For each host a single line should be present with the following information:
 // IP_address canonical_hostname [aliases...]
 // Fields of the entry are separated by any number of blanks and/or tab characters.
 // Text from a "#" character until the end of the line is a comment, and is ignored.
-type Hosts struct {
+type hostMapper struct {
 	mappings   map[string][]net.IP
 	mu         sync.RWMutex
 	cancelFunc context.CancelFunc
@@ -78,7 +78,7 @@ func NewHostMapper(opts ...Option) hosts.HostMapper {
 	}
 
 	ctx, cancel := context.WithCancel(context.TODO())
-	p := &Hosts{
+	p := &hostMapper{
 		mappings:   make(map[string][]net.IP),
 		cancelFunc: cancel,
 		options:    options,
@@ -97,7 +97,7 @@ func NewHostMapper(opts ...Option) hosts.HostMapper {
 // Lookup searches the IP address corresponds to the given network and host from the host table.
 // The network should be 'ip', 'ip4' or 'ip6', default network is 'ip'.
 // the host should be a hostname (example.org) or a hostname with dot prefix (.example.org).
-func (h *Hosts) Lookup(network, host string) (ips []net.IP, ok bool) {
+func (h *hostMapper) Lookup(network, host string) (ips []net.IP, ok bool) {
 	h.options.logger.Debugf("lookup %s/%s", host, network)
 	ips = h.lookup(host)
 	if ips == nil {
@@ -148,7 +148,7 @@ func (h *Hosts) Lookup(network, host string) (ips []net.IP, ok bool) {
 	return
 }
 
-func (h *Hosts) lookup(host string) []net.IP {
+func (h *hostMapper) lookup(host string) []net.IP {
 	if h == nil || len(h.mappings) == 0 {
 		return nil
 	}
@@ -159,7 +159,7 @@ func (h *Hosts) lookup(host string) []net.IP {
 	return h.mappings[host]
 }
 
-func (h *Hosts) periodReload(ctx context.Context) error {
+func (h *hostMapper) periodReload(ctx context.Context) error {
 	period := h.options.period
 	if period < time.Second {
 		period = time.Second
@@ -181,7 +181,7 @@ func (h *Hosts) periodReload(ctx context.Context) error {
 	}
 }
 
-func (h *Hosts) reload(ctx context.Context) (err error) {
+func (h *hostMapper) reload(ctx context.Context) (err error) {
 	mappings := make(map[string][]net.IP)
 
 	mapf := func(hostname string, ip net.IP) {
@@ -216,7 +216,7 @@ func (h *Hosts) reload(ctx context.Context) (err error) {
 	return
 }
 
-func (h *Hosts) load(ctx context.Context) (mappings []Mapping, err error) {
+func (h *hostMapper) load(ctx context.Context) (mappings []Mapping, err error) {
 	if h.options.fileLoader != nil {
 		if lister, ok := h.options.fileLoader.(loader.Lister); ok {
 			list, er := lister.List(ctx)
@@ -259,7 +259,7 @@ func (h *Hosts) load(ctx context.Context) (mappings []Mapping, err error) {
 	return
 }
 
-func (h *Hosts) parseMapping(r io.Reader) (mappings []Mapping, err error) {
+func (h *hostMapper) parseMapping(r io.Reader) (mappings []Mapping, err error) {
 	if r == nil {
 		return
 	}
@@ -272,7 +272,7 @@ func (h *Hosts) parseMapping(r io.Reader) (mappings []Mapping, err error) {
 	return
 }
 
-func (h *Hosts) parseLine(s string) (mappings []Mapping) {
+func (h *hostMapper) parseLine(s string) (mappings []Mapping) {
 	line := strings.Replace(s, "\t", " ", -1)
 	line = strings.TrimSpace(line)
 	if n := strings.IndexByte(line, '#'); n >= 0 {
@@ -302,7 +302,7 @@ func (h *Hosts) parseLine(s string) (mappings []Mapping) {
 	return
 }
 
-func (h *Hosts) Close() error {
+func (h *hostMapper) Close() error {
 	h.cancelFunc()
 	if h.options.fileLoader != nil {
 		h.options.fileLoader.Close()

internal/net/proxyproto/conn.go

@@ -0,0 +1,17 @@
+package proxyproto
+
+import (
+	"net"
+
+	proxyproto "github.com/pires/go-proxyproto"
+)
+
+func WrapClientConn(ppv int, src, dst net.Addr, c net.Conn) net.Conn {
+	if ppv <= 0 {
+		return c
+	}
+
+	header := proxyproto.HeaderProxyFromAddrs(byte(ppv), src, dst)
+	header.WriteTo(c)
+	return c
+}

internal/net/proxyproto/listener.go

@@ -0,0 +1,19 @@
+package proxyproto
+
+import (
+	"net"
+	"time"
+
+	proxyproto "github.com/pires/go-proxyproto"
+)
+
+func WrapListener(ppv int, ln net.Listener, readHeaderTimeout time.Duration) net.Listener {
+	if ppv <= 0 {
+		return ln
+	}
+
+	return &proxyproto.Listener{
+		Listener:          ln,
+		ReadHeaderTimeout: readHeaderTimeout,
+	}
+}

listener/grpc/listener.go

@@ -2,12 +2,14 @@ package grpc
 
 import (
 	"net"
+	"time"
 
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	pb "github.com/go-gost/x/internal/util/grpc/proto"
 	limiter "github.com/go-gost/x/limiter/wrapper"
 	metrics "github.com/go-gost/x/metrics/wrapper"
@@ -57,6 +59,7 @@ func (l *grpcListener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 
 	var opts []grpc.ServerOption
 	if !l.md.insecure {

listener/http2/h2/listener.go

@@ -6,12 +6,14 @@ import (
 	"net"
 	"net/http"
 	"net/http/httputil"
+	"time"
 
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	limiter "github.com/go-gost/x/limiter/wrapper"
 	metrics "github.com/go-gost/x/metrics/wrapper"
 	"github.com/go-gost/x/registry"
@@ -79,6 +81,7 @@ func (l *h2Listener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 
 	if l.h2c {
 		l.server.Handler = h2c.NewHandler(

listener/http2/listener.go

@@ -4,12 +4,14 @@ import (
 	"crypto/tls"
 	"net"
 	"net/http"
+	"time"
 
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	limiter "github.com/go-gost/x/limiter/wrapper"
 	mdx "github.com/go-gost/x/metadata"
 	metrics "github.com/go-gost/x/metrics/wrapper"
@@ -68,6 +70,7 @@ func (l *http2Listener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 
 	ln = tls.NewListener(
 		ln,

listener/mtls/listener.go

@@ -3,12 +3,14 @@ package mtls
 import (
 	"crypto/tls"
 	"net"
+	"time"
 
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	limiter "github.com/go-gost/x/limiter/wrapper"
 	metrics "github.com/go-gost/x/metrics/wrapper"
 	"github.com/go-gost/x/registry"
@@ -56,6 +58,7 @@ func (l *mtlsListener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 	l.Listener = tls.NewListener(ln, l.options.TLSConfig)
 
 	l.cqueue = make(chan net.Conn, l.md.backlog)

listener/mws/listener.go

@@ -5,12 +5,14 @@ import (
 	"net"
 	"net/http"
 	"net/http/httputil"
+	"time"
 
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	ws_util "github.com/go-gost/x/internal/util/ws"
 	limiter "github.com/go-gost/x/limiter/wrapper"
 	metrics "github.com/go-gost/x/metrics/wrapper"
@@ -98,6 +100,7 @@ func (l *mwsListener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 
 	if l.tlsEnabled {
 		ln = tls.NewListener(ln, l.options.TLSConfig)

listener/obfs/http/listener.go

@@ -2,6 +2,7 @@ package http
 
 import (
 	"net"
+	"time"
 
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
@@ -11,6 +12,7 @@ import (
 	metrics "github.com/go-gost/x/metrics/wrapper"
 
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	"github.com/go-gost/x/registry"
 )
 
@@ -52,6 +54,7 @@ func (l *obfsListener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 
 	l.Listener = ln
 	return

listener/obfs/tls/listener.go

@@ -2,12 +2,14 @@ package tls
 
 import (
 	"net"
+	"time"
 
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	limiter "github.com/go-gost/x/limiter/wrapper"
 	metrics "github.com/go-gost/x/metrics/wrapper"
 	"github.com/go-gost/x/registry"
@@ -51,6 +53,7 @@ func (l *obfsListener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 
 	l.Listener = ln
 	return

listener/redirect/tcp/listener.go

@@ -3,12 +3,14 @@ package tcp
 import (
 	"context"
 	"net"
+	"time"
 
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	limiter "github.com/go-gost/x/limiter/wrapper"
 	metrics "github.com/go-gost/x/metrics/wrapper"
 	"github.com/go-gost/x/registry"
@@ -59,6 +61,7 @@ func (l *redirectListener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 	l.ln = ln
 	return
 }

listener/ssh/listener.go

@@ -10,6 +10,7 @@ import (
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	ssh_util "github.com/go-gost/x/internal/util/ssh"
 	limiter "github.com/go-gost/x/limiter/wrapper"
 	metrics "github.com/go-gost/x/metrics/wrapper"
@@ -59,6 +60,7 @@ func (l *sshListener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 	l.Listener = ln
 
 	config := &ssh.ServerConfig{

listener/sshd/listener.go

@@ -12,6 +12,7 @@ import (
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	ssh_util "github.com/go-gost/x/internal/util/ssh"
 	sshd_util "github.com/go-gost/x/internal/util/sshd"
 	limiter "github.com/go-gost/x/limiter/wrapper"
@@ -68,6 +69,7 @@ func (l *sshdListener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 	l.Listener = ln
 
 	config := &ssh.ServerConfig{

listener/tcp/listener.go

@@ -2,12 +2,14 @@ package tcp
 
 import (
 	"net"
+	"time"
 
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	limiter "github.com/go-gost/x/limiter/wrapper"
 	metrics "github.com/go-gost/x/metrics/wrapper"
 	"github.com/go-gost/x/registry"
@@ -49,9 +51,13 @@ func (l *tcpListener) Init(md md.Metadata) (err error) {
 		return
 	}
 
+	l.logger.Debugf("pp: %d", l.options.ProxyProtocol)
+
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
-	l.ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
+	l.ln = ln
 
 	return
 }

listener/tls/listener.go

@@ -3,12 +3,14 @@ package tls
 import (
 	"crypto/tls"
 	"net"
+	"time"
 
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	limiter "github.com/go-gost/x/limiter/wrapper"
 	metrics "github.com/go-gost/x/metrics/wrapper"
 	"github.com/go-gost/x/registry"
@@ -52,6 +54,7 @@ func (l *tlsListener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 
 	l.ln = tls.NewListener(ln, l.options.TLSConfig)
 

listener/ws/listener.go

@@ -5,12 +5,14 @@ import (
 	"net"
 	"net/http"
 	"net/http/httputil"
+	"time"
 
 	"github.com/go-gost/core/listener"
 	"github.com/go-gost/core/logger"
 	md "github.com/go-gost/core/metadata"
 	admission "github.com/go-gost/x/admission/wrapper"
 	xnet "github.com/go-gost/x/internal/net"
+	"github.com/go-gost/x/internal/net/proxyproto"
 	ws_util "github.com/go-gost/x/internal/util/ws"
 	limiter "github.com/go-gost/x/limiter/wrapper"
 	metrics "github.com/go-gost/x/metrics/wrapper"
@@ -93,6 +95,7 @@ func (l *wsListener) Init(md md.Metadata) (err error) {
 	ln = metrics.WrapListener(l.options.Service, ln)
 	ln = admission.WrapListener(l.options.Admission, ln)
 	ln = limiter.WrapListener(l.options.RateLimiter, ln)
+	ln = proxyproto.WrapListener(l.options.ProxyProtocol, ln, 10*time.Second)
 
 	if l.tlsEnabled {
 		ln = tls.NewListener(ln, l.options.TLSConfig)