New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Pingora as Forward Proxy #224
Comments
The fundamental difference between forward proxy and reverse proxy is who the proxy works on behalf of, the client or the server. So you can make a forward proxy with Pingora. On the other hand, Pingora doesn't implement typical protocols such as http CONNECT, PROXY protocol or SOCKS. So it does not work out of box with clients that expects one of these protocols. |
Thanks for your answer. With regards to the http CONNECT support, I can implement this part but what I am less clear on is if Pingora allows for the developer to switch/upgrade from plain text to TLS in the middle of the same connection as well as return direct responses generated straight from the proxy or go to upstream proxying, again within the same connection. Let me explain. What I need to do is a certificate bump, i.e. TLS interception/MITM with certificate generation. This means that:
Is this possible? Thanks |
This question has been stale for a week. It will be closed in an additional day if not updated. |
This issue has been closed because it has been stalled with no activity. |
What is the problem your feature solves, or the need it fulfills?
Hello pingorans,
I am researching Rust frameworks to implement a high-performance, highly-programmable forward proxy. I like pingora, but it seems to be designed to be used as a reverse proxy. I'm currently trying to see if I can use it as a forward proxy without changes to its core functionality. It seems like I might be able to do that but before I go too deep, I wanted to hear the opinion of the authors/maintainers with regards to this use-case. Do you think I will be fighting a losing battle going down this path and trying to twist the arm of pingora too much to shoehorn this use-case, or do you think that the use-cases are close-enough that I should be able to use pingora and its core functionality to build a forward proxy?
Describe the solution you'd like
Ideally, I'd love be able to use pingora as a forward proxy.
Describe alternatives you've considered
The text was updated successfully, but these errors were encountered: