.. _configuration_server_udp_tproxy: udp_tproxy ========== .. versionadded:: 1.13.3 This server is a transparent UDP listener that forwards traffic to the original destination address. See :ref:`transparent proxy ` for the required host firewall and routing setup. The following common keys are supported: * :ref:`escaper ` * :ref:`user_group ` The user group must use fact-based authentication. It is used only when either ``auth_by_client_ip`` or ``auth_by_server_ip`` is enabled. * :ref:`shared_logger ` * :ref:`listen_in_worker ` * :ref:`udp_sock_speed_limit ` * :ref:`ingress_network_filter ` * :ref:`udp_relay_packet_size ` * :ref:`udp_relay_yield_count ` * :ref:`udp_relay_batch_count ` * :ref:`udp_relay_underlying_buffer_size ` * :ref:`task_idle_check_interval ` * :ref:`task_idle_max_count ` * :ref:`flush_task_log_on_created ` * :ref:`flush_task_log_on_connected ` * :ref:`task_log_flush_interval ` * :ref:`extra_metrics_tags ` listen ------ **optional**, **type**: :external+values:ref:`udp listen ` Listening configuration for this server. The instance count setting will be ignored if *listen_in_worker* is correctly enabled. **default**: not set udp_conn_track -------------- **optional**, **type**: :external+values:ref:`udp conn track ` Set the UDP connection track config. **default**: set with default values, the max sessions count is 4096, which should be adjusted according the listen instance count auth_by_client_ip ----------------- **optional**, **type**: bool, **conflict**: auth_by_server_ip Enables fact-based user authentication using the client IP address as the authentication fact. If enabled, ``user_group`` must also be set. **default**: false auth_by_server_ip ----------------- **optional**, **type**: bool, **conflict**: auth_by_client_ip Enables fact-based user authentication using the server IP address as the authentication fact. If enabled, ``user_group`` must also be set. **default**: false