GITBOOK-60: change request with no subject merged in GitBook

SUMMARY.md

@@ -15,7 +15,8 @@
   * [Configurations](index/configurations/README.md)
     * [Which user type am I](index/configurations/which-user-type-am-i.md)
     * [Port forwarding](index/configurations/port-forwarding.md)
-    * [Listen](index/configurations/listen.md)
+    * [Listen](index/configurations/listen/README.md)
+      * [Proxy protocol](index/configurations/listen/proxy-protocol.md)
     * [IP Access](index/configurations/ip-access.md)
     * [Domains](index/configurations/domains/README.md)
       * [Own DNS Server](index/configurations/domains/own-dns-server.md)

index/configurations/README.md

@@ -13,4 +13,4 @@ description: >-
 
 The following order should be followed when configuring Flyingfish for the first time:
 
-<table data-view="cards"><thead><tr><th></th><th></th><th></th><th data-hidden data-card-target data-type="content-ref"></th></tr></thead><tbody><tr><td><ol><li><strong>Which user type am I</strong></li></ol></td><td>Clarification of the use of FlyingFish</td><td></td><td><a href="which-user-type-am-i.md">which-user-type-am-i.md</a></td></tr><tr><td><ol start="2"><li><strong>Port forwarding</strong></li></ol></td><td>Information for port forwarding from the router</td><td></td><td><a href="port-forwarding.md">port-forwarding.md</a></td></tr><tr><td><ol start="3"><li><strong>Listen</strong></li></ol></td><td>Connections from the internet to the service</td><td></td><td><a href="listen.md">listen.md</a></td></tr><tr><td><ol start="4"><li><strong>IP Access</strong></li></ol></td><td>IP access management White-/Black-list</td><td></td><td><a href="ip-access.md">ip-access.md</a></td></tr><tr><td><ol start="5"><li><strong>Domains</strong></li></ol></td><td>Creating and managing the domains</td><td></td><td><a href="domains/">domains</a></td></tr></tbody></table>
+<table data-view="cards"><thead><tr><th></th><th></th><th></th><th data-hidden data-card-target data-type="content-ref"></th></tr></thead><tbody><tr><td><ol><li><strong>Which user type am I</strong></li></ol></td><td>Clarification of the use of FlyingFish</td><td></td><td><a href="which-user-type-am-i.md">which-user-type-am-i.md</a></td></tr><tr><td><ol start="2"><li><strong>Port forwarding</strong></li></ol></td><td>Information for port forwarding from the router</td><td></td><td><a href="port-forwarding.md">port-forwarding.md</a></td></tr><tr><td><ol start="3"><li><strong>Listen</strong></li></ol></td><td>Connections from the internet to the service</td><td></td><td><a href="listen/">listen</a></td></tr><tr><td><ol start="4"><li><strong>IP Access</strong></li></ol></td><td>IP access management White-/Black-list</td><td></td><td><a href="ip-access.md">ip-access.md</a></td></tr><tr><td><ol start="5"><li><strong>Domains</strong></li></ol></td><td>Creating and managing the domains</td><td></td><td><a href="domains/">domains</a></td></tr></tbody></table>

index/configurations/listen.md → index/configurations/listen/README.md

@@ -6,7 +6,7 @@ description: >-
 
 # Listen
 
-<figure><img src="../../.gitbook/assets/7a5efz_nginx.jpg" alt="" width="333"><figcaption></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/7a5efz_nginx.jpg" alt="" width="333"><figcaption></figcaption></figure>
 
 The ports specified here come from the web interface and are used by nginx intern docker container.
 
@@ -16,9 +16,9 @@ The ports specified here come from the web interface and are used by nginx inter
 | 443 (TCP)    | HTTPS/SSH/SSL Protocols\* |
 | 53 (TCP/UDP) | DNS Protocol              |
 
-These ports are internal to nginx of type "Stream". You can see a port overview again in [port forwarding](port-forwarding.md).
+These ports are internal to nginx of type "Stream". You can see a port overview again in [port forwarding](../port-forwarding.md).
 
-<figure><img src="../../.gitbook/assets/listen_ports.png" alt=""><figcaption><p>Standard listen ports by setup</p></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/listen_ports.png" alt=""><figcaption><p>Standard listen ports by setup</p></figcaption></figure>
 
 If you only use the standard ports for your services, you do not need to enter any additional ports here.
 
@@ -28,29 +28,29 @@ If you only use the standard ports for your services, you do not need to enter a
 
 <div align="center" data-full-width="true">
 
-<figure><img src="../../.gitbook/assets/listen_add.png" alt=""><figcaption><p>Add Listen</p></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/listen_add.png" alt=""><figcaption><p>Add Listen</p></figcaption></figure>
 
 </div>
 
 Add a list, a dialog follows that also appears when editing.
 
 
 
-<figure><img src="../../.gitbook/assets/listen_add2.png" alt=""><figcaption></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/listen_add2.png" alt=""><figcaption></figcaption></figure>
 
 1. **Name:** Name your list, so you always recognize it in the UI.
-2. **Type:** Type of listening from Nginx Proxy. Stream or HTTP/HTTPS, the difference is how the connection is handled.
+2. **Type:** Type of listening from Nginx proxy. Stream or HTTP/HTTPS, the difference is how the connection is handled.
 3. **Protocol:** Which protocol should be used, UDP can also be used in addition to TCP for a stream.
 4. **Port:** Which port the listening is listening on.
 5. **Description:** Here you can describe in more detail what the listener is used for.
 6. **IP6 enable:** Additionally enables listening on an IP6 address <mark style="background-color:orange;">(untested yet, but enables it in the nginx config)</mark>.
 7. **IP access:** Enables checking of the IP address against a list (blacklist/whitelist).
-8. **Access type:** Which list to use for the IP check. The lists can be maintained under [IP Access](ip-access.md).
-9. **Proxy protocol enable:** Activates the use of the proxy protocol. From now on all packets are provided with the Proxy Protocol header. <mark style="background-color:blue;">This setting is important for internal HTTP/HTTPS processing.</mark> Only in this way does the route get the correct IP of the inquiring request for further checks or logging.
-10. **Proxy protocol incoming enable:** Enables expecting a packet with a proxy header. Should the FlyingFish sit behind another proxy server with a proxy protocol.
+8. **Access type:** Which list to use for the IP check. The lists can be maintained under [IP Access](../ip-access.md).
+9. **Proxy protocol enable:** Activates the use of the [proxy protocol](proxy-protocol.md). From now on all packets are provided with the [proxy protocol](proxy-protocol.md) header. <mark style="background-color:blue;">This setting is important for internal HTTP/HTTPS processing.</mark> Only in this way does the route get the correct IP of the inquiring request for further checks or logging.
+10. **Proxy protocol incoming enable:** Enables expecting a packet with a proxy header. Should the FlyingFish sit behind another proxy server with a [proxy protocol](proxy-protocol.md).
 11. **Disable this listen:** Disables listening, settings are skipped during nginx config build. <mark style="background-color:blue;">All dependent routes are also skipped.</mark>
 
-After the initial installation, you can view the automatically installed listeners. You will find that ports 80 and 443 work with the proxy protocol. There is a good reason for this, since the stream points to the internal HTTP/HTTPS servers (lists). Which in turn expect the proxy protocol to process the correct IP from the request and not the IP 127.0.01.
+After the initial installation, you can view the automatically installed listeners. You will find that ports 80 and 443 work with the [proxy protocol](proxy-protocol.md). There is a good reason for this, since the stream points to the internal HTTP/HTTPS servers (lists). Which in turn expect the [proxy protocol](proxy-protocol.md) to process the correct IP from the request and not the IP 127.0.01.
 
 
 
@@ -62,16 +62,16 @@ Save causes an immediate reload of nginx. Existing connections are kept as if ru
 
 The following graphic should help to understand the list process:
 
-<figure><img src="../../.gitbook/assets/portflow.png" alt=""><figcaption><p>Portsflow</p></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/portflow.png" alt=""><figcaption><p>Portsflow</p></figcaption></figure>
 
 <mark style="background-color:yellow;">Port 5333, 80, 443 Listening</mark> on the network from the host (as a bridge, port forwarding to the Docker container). &#x20;
 
-There, the Nginx first uses <mark style="background-color:orange;">"</mark>[<mark style="background-color:orange;">IP access"</mark>](ip-access.md) to check whether the IPs have access rights. Then the streams (TCP/UDP) are <mark style="background-color:orange;">split into their protocol</mark> (SSL/HTTP/etc.) and <mark style="background-color:orange;">split into</mark> [<mark style="background-color:orange;">domains</mark>](domains/) for forwarded to a destination. Should not specify an external destination, then use the internal ports for the <mark style="background-color:green;">HTTP (10080) and HTTPS (10443) server</mark> are specified as standard. They perform a <mark style="background-color:green;">"proxy reserve"</mark> and request a route too <mark style="background-color:blue;">internal or external HTTP/HTTPS server</mark>.&#x20;
+There, the Nginx first uses <mark style="background-color:orange;">"</mark>[<mark style="background-color:orange;">IP access"</mark>](../ip-access.md) to check whether the IPs have access rights. Then the streams (TCP/UDP) are <mark style="background-color:orange;">split into their protocol</mark> (SSL/HTTP/etc.) and <mark style="background-color:orange;">split into</mark> [<mark style="background-color:orange;">domains</mark>](../domains/) for forwarded to a destination. Should not specify an external destination, then use the internal ports for the <mark style="background-color:green;">HTTP (10080) and HTTPS (10443) server</mark> are specified as standard. They perform a <mark style="background-color:green;">"proxy reserve"</mark> and request a route too <mark style="background-color:blue;">internal or external HTTP/HTTPS server</mark>.&#x20;
 
 
 
 {% hint style="info" %}
 The internal ports are only accessible in the Docker network and are securely shielded from the public network. It must pass stream ports 5333, 80, 443 via a query.
 {% endhint %}
 
-<figure><img src="../../.gitbook/assets/whataflow (1).png" alt=""><figcaption><p>Listen flow!</p></figcaption></figure>
+<figure><img src="../../../.gitbook/assets/whataflow (1).png" alt=""><figcaption><p>Listen flow!</p></figcaption></figure>

index/configurations/listen/proxy-protocol.md

@@ -0,0 +1,21 @@
+---
+description: How is this to be understood?
+---
+
+# Proxy protocol
+
+As already mentioned in [Listen](./), a stream forwarded by Nginx cannot include the source IP. We help ourselves by activating the proxy protocol. As a result, the packet is taken and the information from the original IP is stored at the beginning.
+
+
+
+<figure><img src="../../../.gitbook/assets/proxy_protocol_without.png" alt=""><figcaption></figcaption></figure>
+
+As can be seen in the diagram, the stream still receives the original IP from the querying <mark style="background-color:blue;">client</mark>. As soon as the <mark style="background-color:yellow;">stream</mark> connects to the <mark style="background-color:green;">reverse proxy</mark>, this is an internal connection with 127.0.0.1. The information is lost from the reverse proxy for the <mark style="background-color:blue;">web server</mark>.
+
+
+
+<figure><img src="../../../.gitbook/assets/proxy_protocol_with.png" alt=""><figcaption></figcaption></figure>
+
+With the <mark style="background-color:orange;">Proxy protocol</mark>, the <mark style="background-color:green;">reverse proxy</mark> receives the original IP with the package extension of the <mark style="background-color:orange;">Proxy protocol header</mark> and can pass it on to the <mark style="background-color:blue;">web server</mark>.
+
+You can read more about it at [Exploring the proxy protocol](https://seriousben.com/posts/2020-02-exploring-the-proxy-protocol/).

index/configurations/routes.md

@@ -4,9 +4,9 @@ description: Setting a route from the listen to the target.
 
 # Routes
 
-A route is a path from the input ([Listen](listen.md)) to the destination. The destination can be of different types, stream, HTTP/HTTPS, SSH, use.
+A route is a path from the input ([Listen](listen/)) to the destination. The destination can be of different types, stream, HTTP/HTTPS, SSH, use.
 
-With the help of the [graphic from Listen](listen.md#listen-flow) I would like to show the area controlled by the route again:
+With the help of the [graphic from Listen](listen/#listen-flow) I would like to show the area controlled by the route again:
 
 <figure><img src="../../.gitbook/assets/routes_listenflow.png" alt=""><figcaption><p>Listen and Routes</p></figcaption></figure>
 
@@ -26,4 +26,9 @@ Existing connections are kept as if running the command: nginx -s reload
 The default routes cannot be edited or deleted.
 {% endhint %}
 
-3. Each domain entered in [Domains](domains/) is displayed under Routes. One or more routes from one or more [Listen](listen.md) to a destination can now be entered.
+3. Each domain entered in [Domains](domains/) is displayed under Routes. One or more routes from one or more [Listen](listen/) to a destination can now be entered.
+
+
+
+## Default Routes
+