don't allow by default

mastercactapus · mastercactapus · commit 1ba779f6d627 · 2017-02-13T23:23:59.000-06:00
diff --git a/README.md b/README.md
@@ -17,7 +17,7 @@ The default timeout is `5s`. Set to `0` or `none` to disable the timeout.
 
 ```
 # Enable from any source (probably don't want this in prod)
-proxyprotocol
+proxyprotocol 0.0.0.0/0 ::/0
 
 # Enable from local subnet and fixed IP
 proxyprotocol 10.22.0.0/16 10.23.0.1/32
diff --git a/listeners.go b/listeners.go
@@ -44,9 +44,6 @@ func (l *Listener) Accept() (net.Conn, error) {
 		return c, nil
 	}
 	for _, cfg := range l.Configs {
-		if cfg.Subnets == nil {
-			return proxyproto.NewConn(c, cfg.Timeout), nil
-		}
 		for _, s := range cfg.Subnets {
 			if s.Contains(addr.IP) {
 				return proxyproto.NewConn(c, cfg.Timeout), nil
diff --git a/setup.go b/setup.go
@@ -48,6 +48,9 @@ func setup(c *caddy.Controller) error {
 				return c.ArgErr()
 			}
 		}
+		if cfg.Subnets == nil {
+			continue
+		}
 		configs = append(configs, cfg)
 		if c.NextBlock() {
 			return c.ArgErr()

Original file line number	Diff line number	Diff line change
`@@ -48,6 +48,9 @@ func setup(c *caddy.Controller) error {`
`48`	`48`	`return c.ArgErr()`
`49`	`49`	`}`
`50`	`50`	`}`
	`51`	`+ if cfg.Subnets == nil {`
	`52`	`+ continue`
	`53`	`+ }`
`51`	`54`	`configs = append(configs, cfg)`
`52`	`55`	`if c.NextBlock() {`
`53`	`56`	`return c.ArgErr()`