Hi

this may be very specific but I think it may be useful when dealing with reverse proxies.
I would like to see MikroTiks to support the PROXY protocol of HAproxy (which is a popular open source reverse proxy): https://github.com/haproxy/haproxy/blob ... otocol.txt

The proxy protocoll passes the original requester IP address to the server which was published by the reverse proxy. I know, usually you do that via the X-Forwarded-For header but that only works for http/https traffic.
In my case, I'm publishing the MikroTik SSTP server via a reverse proxy (because I have only one public IP and I want to use port 443 for SSTP and Webservers) and while everything is working perfectly, I obviously now can't see the original WAN IP of the SSTP clients anymore. That's especially not good if you are trying to auto-block certain IP adresses who are doing brute force attacks, for example.

If RouterOS would support the PROXY protocol, as many others do, I would know the actual originating WAN IP of all connecting clients.

While SSTP is indeed TLS encrypted and transported via HTTPS, it doesn't make use of any HTTP headers afaik, and besides, I don't think the MikroTik would even honor them for SSTP. Also, you have to run HAproxy in TCP mode instead of HTTP mode so I guess HTTP headers aren't even honored there to begin with.

Would be great, if we could get support for the HAproxy PROXY protocol.

+1 from me.

Reverse proxy able to refresh Let's Encrypt certificates on frontend automatically, serving connections to background resources would be definitely nice to have feature.

+1
I would love to see such an opportunity.