Proxy Protocol v2 Initiator

Nimbostratus
Jan 08, 2026
I added IPv6 support like this. I can see room for a bit of improvement, but it works well.
when CLIENT_ACCEPTED {
    # DEBUG On/Off
    set DEBUG 1

    # v2 proxy header
    set v2_proxy_header "0d0a0d0a000d0a515549540a"

    # v2 version and command: 0x21 (version 2 & PROXY command)
    set v2_ver_command "21"

    # Get ports
    set src_port [format "%04x" [TCP::client_port]]
    set dst_port [format "%04x" [TCP::local_port]]

    # Detect IP version
    if { [IP::version] == 4 } {
        # IPv4
        set v2_af_tp "11"
        set v2_address_length "000c"

        # Convert IPv4 addresses to hex
        set src_addr ""
        foreach val [split [IP::client_addr] "."] {
            append src_addr [format "%02x" $val]
        }
        set dst_addr ""
        foreach val [split [IP::local_addr] "."] {
            append dst_addr [format "%02x" $val]
        }

    } elseif { [IP::version] == 6 } {
        # IPv6
        set v2_af_tp "21"
        set v2_address_length "0024"


        # Convert IPv6 addresses to 16-byte hex
        set src_addr ""
        set exp_src_addr [split [IP::client_addr] ":"]

        foreach block $exp_src_addr {
            # If block is null, then v6 address is compressed with ::
            if {$block ne ""} {
                append src_addr [format "%04x" [scan $block %x]]    
            } else {
                # Insert 0000 for each block compressed out of the address
                for {set x [llength $exp_src_addr]} { $x <= 8 } { incr x } {
                    append src_addr "0000"
                }
            }
        }

        set dst_addr ""
        set exp_dst_addr [split [IP::local_addr] ":"]

        foreach block $exp_dst_addr {
            # If block is null, then v6 address is compressed with ::
            if {$block ne ""} {
                append dst_addr [format "%04x" [scan $block %x]]    
            } else {
                # Insert 0000 for each block compressed out of the address
                for {set x [llength $exp_dst_addr]} { $x <= 8 } { incr x } {
                    append dst_addr "0000"
                }
            }
        }
    } else {
        set v2_af_tp ""
        set v2_address_length ""
        set src_addr ""
        set dst_addr ""
    }

    # Build proxy v2 data
    set proxy_data [binary format H* "${v2_proxy_header}${v2_ver_command}${v2_af_tp}${v2_address_length}${src_addr}${dst_addr}${src_port}${dst_port}"]

    if { $DEBUG } {
        binary scan $proxy_data H* proxy_dump
        log local0. "[IP::client_addr]:[TCP::client_port]_[IP::local_addr]:[TCP::local_port] - proxy_data dump : $proxy_dump"
    }
}

when SERVER_CONNECTED {
	TCP::respond $proxy_data
}
Proxy Protocol v2 Initiator

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS
