As more and more Internet Service Providers and individual resource providers adopt IPv6 standards, it could become increasingly necessary to specify whether EZproxy should use IPv6 or IPv4 to listen for login requests and database source IPs. The Interface directive provides this flexibility.
Interface is a position-dependent config.txt directive that is located near and interacts with LoginPort, LoginPortSSL, ShibbolethSite and database definitions.
The Interface directive allows the specification of source IP addresses for particular purposes, such as which IP address should be used to listen for incoming connections and which IP address should be used to make outgoing connections. In the absence of Interface statements, EZproxy allows the operating system to select which IP address should be used for these types of activities.
The Interface statement accepts a single parameter, which can be one of the following:
Notes:
An EZproxy database configuration in proxy by hostname might look like this:
Name ezproxy.yourlib.org LoginPort 80 LoginPortSSL 443
Title Some Database URL http://www.somedb.com/ D somedb.com
Title Other Database URL http://www.otherdb.com/ D otherdb.com
Where your proxy by hostname configuration is followed by two database stanzas.
Specifying One IP Address
In most instances, if you want to direct EZproxy to listen on a specific IP address for incoming login requests, it is also reasonable for that address to serve as the source IP address for database requests. In such an instance, the most common application of Interface is the addition of a single statement prior to LoginPort in your proxy by hostname configuration, such as:
Name ezproxy.yourlib.org Interface 68.14.229.198 LoginPort 80 LoginPortSSL 443
Title Some Database URL http://www.somedb.com/ D somedb.com
Title Other Database URL http://www.otherdb.com/ D otherdb.com
This Interface statement impacts not only the LoginPort and LoginPortSSL statements, but also directs EZproxy to use this source IP address when connecting to these databases.
Specifying Multiple IP Addresses
If you add a second Interface Any statement, and create the following config.txt:
Name ezproxy.yourlib.org Interface 68.14.229.198 LoginPort 80 LoginPortSSL 443
Title Some Database URL http://www.somedb.com/ D somedb.com
Interface Any
Title Other Database URL http://www.otherdb.com/ D otherdb.com
EZproxy will listen on 68.14.229.198 for login requests and use that as the source IP when proxying Some Databases, but will allow the operating system to select the source IP when proxying Other Database. It is unusual to need to intermix Interface statements within database definitions, but it is possible to do this to meet unique requirements.
Specifying IPv6 and IPv4 IP Addresses
This method allows you to select which databases should be accessed via IPv6 versus IPv4. This example includes configuring EZproxy to listen on an IPv4 and an IPv6 IP address, and then selecting the IPv4 interface for somedb.com, the IPv6 interface for the otherdb.comdatabase, and allowing the operating system to determine the appropriate database for all other databases. This can be configured as follows:
Name ezproxy.yourlib.org Interface 68.14.229.198 LoginPort 80 LoginPortSSL 443 Interface FE80::0202:B3FF:FE1E:8329 LoginPort 80 LoginPortSSL443
Interface 68.14.229.198
Title Some Database URL http://www.somedb.com/ D somedb.com
Interface FE80::0202:B3FF:FE1E:8329
Title Other Database URL http://www.otherdb.com/ D otherdb.com
Interface Any
The first Interface statement (Interface 68.14.229.198
) after the Proxy by Host setup configures EZproxy to listen on 68.14.229.198 for login requests and use that as the source IP when proxying Some Database. The second Interface statement after the setup (Interface FE80::0202:B3FF:FE1E:8329
) configures EZproxy to use the IPv6 IP address FE80::0202:B3FF:FE1E:8329 when proxying Other Database. The final Interface Any statement means that any databases following this directive will use the IPv4 interface, and the operating system will be allowed to select the source IP when proxying these resources.
Source IP address for user authentication
The LDAP support in EZproxy does not support specifying a source IP address.
Interface does not change the source IP address used when processing the user.txt file to perform user authentication. To specify the source IP for user authentication, you must Interface as part of the line in user.txt, such as:
::Interface=68.14.229.198,FTP=ftpserv.yourlib.org
Below are the methods that do obey specifying a source IP address: