forked from dlundquist/sniproxy
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathsniproxy.conf
104 lines (87 loc) · 2.63 KB
/
sniproxy.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
# sniproxy example configuration file
# lines that start with # are comments
# lines with only white space are ignored
user nobody
# PID file, needs to be placed in directory writable by user
pidfile /var/tmp/sniproxy.pid
error_log {
# Log to the daemon syslog facility
syslog deamon
# Alternatively we could log to file
#filename /var/log/sniproxy.log
# Control the verbosity of the log
priority notice
}
# blocks are delimited with {...}
listen 80 {
proto http
table http_hosts
# Fallback backend server to use if we can not parse the client request
fallback localhost:8080
# Specify the source address for outgoing connections
# This address must be configured on the host
# NOTE: using this option prevents the operating system from selecting
# and source address and port optimally and may significantly reduce the
# maximum number of simultaneous connections possible.
# Do not include a port in this address, otherwise you will be limited
# to a single connection to each backend server.
source 192.0.2.10
# Log the content of bad requests
#bad_requests log
access_log {
# Same options as error_log
filename /tmp/sniproxy.log
}
}
listen 443 {
proto tls
table https_hosts
}
listen 192.0.2.10:80 {
protocol http
# this will use default table
}
listen [2001:0db8::10]:80 {
protocol http
# this will use default table
}
listen unix:/var/run/proxy.sock {
protocol http
# this will use default table
}
# named tables are defined with the table directive
table http_hosts {
example.com 192.0.2.10:8001
example.net 192.0.2.10:8002
example.org 192.0.2.10:8003
# Each table entry is composed of three parts:
#
# pattern:
# valid Perl-compatible Regular Expression that matches the
# hostname
#
# target:
# - a DNS name
# - an IP address and TCP port
# - an IP address (will connect to the same port as the listener received the
# connection)
# - '*' to use the hostname that the client requested
#
# pattern target
#.*\.itunes\.apple\.com$ *:443
#.* 127.0.0.1:4443
}
# named tables are defined with the table directive
table https_hosts {
# When proxying to local sockets you should use different tables since the
# local socket server most likely will not autodetect which protocol is
# being used
example.org unix:/var/run/server.sock
}
# if no table specified the default 'default' table is defined
table {
# if no port is specified default HTTP (80) and HTTPS (443) ports are
# assumed based on the listening port of each listener using this table
example.com 192.0.2.10
example.net 192.0.2.20
}