haproxy-devel, allow transparent-client-ip using ipv6

1 files changed, 4 insertions, 3 deletions

diff --git a/config/haproxy-devel/haproxy_pool_edit.php b/config/haproxy-devel/haproxy_pool_edit.php
index a3a0879d..30079847 100644
--- a/config/haproxy-devel/haproxy_pool_edit.php
+++ b/config/haproxy-devel/haproxy_pool_edit.php
@@ -582,10 +582,11 @@ foreach($simplefields as $field){
 				</div>
 				<br/>
 				Connect transparently to the backend server's so the connection seams to come straight from the client ip address.
-				For proper workings this requires the reply's traffic to pass through pfSense by means of correct routing.
-				(uses the option "source 0.0.0.0 usesrc clientip")
+				To work properly this requires the reply traffic to pass through pfSense by means of correct routing.<br/>
+				When using IPv6 only routable ip addresses can be used, host names or link-local addresses (FE80) will not work.<br/>				
+				(uses the option "source 0.0.0.0 usesrc clientip" or "source ipv6@ usesrc clientip")
 				<br/><br/>
-				Note : When this is enabled for a single backend HAProxy will run as 'root' instead of chrooting to a lower privileged user, this reduces security in case of a a bit.
+				Note : When this is enabled for any backend HAProxy will run as 'root' instead of chrooting to a lower privileged user, this reduces security in case a vulnerability is found.
 			</td>
 		</tr>
 		<tr align="left">