mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-26 06:32:13 +00:00
b1285d5ce0
* the time-out fix introduced in 1.1.25 caused a corner case where it was possible for a client to keep a connection maintained regardless of the timeout if the server closed the connection during the HEADER phase, while the client ignored the close request while doing nothing in the other direction. This has been fixed now by ensuring that read timeouts are re-armed when switching to any SHUTW state. * enhanced error reporting in the logs. Now the proxy will precisely detect various error conditions related to the system and/or process limits, and generate LOG_EMERG logs indicating that a resource has been exhausted. * logs will contain two new characters for the error cause : 'R' indicates a resource exhausted, and 'I' indicates an internal error, though this one should never happen. * server connection timeouts can now be reported in the logs (sC), as well as connections refused because of maxconn limitations (PC). * new global configuration keyword "ulimit-n" may be used to raise the FD limit to usable values. * a warning is now displayed on startup if the FD limit is lower than the configured maximum number of sockets. * new configuration keyword "monitor-net" makes it possible to be monitored by external devices which connect to the proxy without being logged nor forwarded to any server. Particularly useful on generic TCPv4 relays.
155 lines
3.6 KiB
INI
155 lines
3.6 KiB
INI
global
|
|
log 127.0.0.1 local0
|
|
# log 127.0.0.1 local1
|
|
maxconn 4000
|
|
ulimit-n 8000
|
|
uid 0
|
|
gid 0
|
|
# chroot /tmp
|
|
# nbproc 2
|
|
# daemon
|
|
# debug
|
|
# quiet
|
|
|
|
listen proxy1 0.0.0.0:8000
|
|
mode http
|
|
# source 127.0.0.2:0
|
|
# log 127.0.0.1 local0
|
|
# log 127.0.0.1 local1
|
|
log global
|
|
#mode tcp
|
|
cookie SERVERID insert indirect
|
|
balance roundrobin
|
|
#dispatch 127.0.0.1:3130
|
|
#dispatch 127.0.0.1:31300
|
|
#dispatch 127.0.0.1:80
|
|
#dispatch 127.0.0.1:22
|
|
option httpchk
|
|
server test 10.1.1.2:80 cookie cookie1 check inter 300
|
|
# server nc 127.0.0.1:8080 cookie cookie1 check inter 300
|
|
# server tuxlocal0 10.101.23.9:80 cookie cookie1 check
|
|
# server tuxlocal1 127.0.0.1:80 cookie cookie1 check
|
|
# server tuxlocal2 127.0.0.1:80 cookie cookie2 check
|
|
# server tuxlocal3 127.0.0.1:80 cookie cookie3 check
|
|
# server tuxlocal4 127.0.0.1:80 cookie cookie4 check
|
|
# server vax 10.101.14.1:80 cookie cookie1 check
|
|
#server tuxceleron 10.101.0.1:80 cookie cookie2 check
|
|
#server telnet 127.0.0.1:23
|
|
#server ssh 127.0.0.1:22
|
|
#server local 127.0.0.1:3130 cookie cookie3 check
|
|
#server ko 127.0.0.1:0 cookie cookie3 check
|
|
#server local 127.0.0.1:8001 cookie cookie3 check
|
|
#server local 127.0.0.1:3130
|
|
#server celeron 10.101.0.1:80 cookie srv1
|
|
#server celeron 10.101.0.1:31300
|
|
#server local 10.101.23.9:31300
|
|
contimeout 3000
|
|
clitimeout 150000
|
|
srvtimeout 150000
|
|
maxconn 60000
|
|
redispatch
|
|
retries 3
|
|
grace 3000
|
|
#rsprep ^Server.* Server:\ IIS
|
|
#rspdel ^Server.*
|
|
#rspadd Set-Cookie:\ mycookie=0;\ path=/
|
|
#rsprep ^(Date:\ )([^,]*)(,\ )(.*) LaDate\ est:\ \4\ (\2)
|
|
# force connection:close
|
|
#reqidel ^Connection:
|
|
#rspidel ^Connection:
|
|
#reqadd Connection:\ close
|
|
#rspadd Connection:\ close
|
|
# processing options
|
|
#option keepalive
|
|
option forwardfor
|
|
option httplog
|
|
option dontlognull
|
|
# reqirep ^(Test:\ ) \0_toto_\1_toto
|
|
# reqidel ^X-Forwarded-for:
|
|
# reqirep ^(GET|POST)\ .* \0
|
|
# reqirep ^(Host:|Connection:|User-agent:|Cookie:)\ .* \0
|
|
# reqideny ^
|
|
|
|
listen proxy1 0.0.0.0:8001
|
|
mode http
|
|
#mode tcp
|
|
dispatch 127.0.0.1:80
|
|
#dispatch 127.0.0.1:31300
|
|
#dispatch 127.0.0.1:80
|
|
#dispatch 127.0.0.1:22
|
|
#server tuxlocal 127.0.0.1:80 cookie cookie1 check
|
|
#server tuxceleron 10.101.0.1:80 cookie cookie2 check
|
|
#server telnet 127.0.0.1:23
|
|
#server ssh 127.0.0.1:22
|
|
#server local 127.0.0.1:3130 cookie cookie3 check
|
|
#server local 127.0.0.1:3130
|
|
#server celeron 10.101.0.1:80 cookie srv1
|
|
#server celeron 10.101.0.1:31300
|
|
#server local 10.101.23.9:31300
|
|
contimeout 3000
|
|
clitimeout 150000
|
|
srvtimeout 150000
|
|
maxconn 60000
|
|
redispatch
|
|
retries 3
|
|
grace 3000
|
|
#rsprep ^Server.* Server:\ IIS
|
|
#rspdel ^Server.*
|
|
rspadd Set-Cookie:\ SERVERID=12345678;\ path=/
|
|
#rsprep ^(Date:\ )([^,]*)(,\ )(.*) LaDate\ est:\ \4\ (\2)
|
|
|
|
listen proxy1 0.0.0.0:3128
|
|
disabled
|
|
mode http
|
|
cookie SERVERID insert indirect
|
|
#dispatch 127.0.0.1:8080
|
|
server srv1 127.0.0.1:8080
|
|
#server srv2 192.168.12.3:8080
|
|
contimeout 3000
|
|
clitimeout 450000
|
|
srvtimeout 450000
|
|
maxconn 60000
|
|
redispatch
|
|
retries 3
|
|
grace 3000
|
|
rspdel ^Via:.*
|
|
monitor-net 192.168.12.252/30
|
|
|
|
|
|
listen proxy2 0.0.0.0:3129
|
|
disabled
|
|
mode http
|
|
transparent
|
|
# dispatch 127.0.0.1:80
|
|
contimeout 3000
|
|
clitimeout 150000
|
|
srvtimeout 150000
|
|
maxconn 60000
|
|
retries 3
|
|
grace 3000
|
|
|
|
# log 10.101.11.1 local1
|
|
# log 10.101.11.1 local2
|
|
|
|
# cliexp ^(.*ASPSESSIONID.*=)(.*) \1FENICGGCBECLFFEEOAEAIFGF
|
|
# cliexp ^(GET.*)(.free.fr)(.*) \1.online.fr\3
|
|
# cliexp ^(POST.*)(.free.fr)(.*) \1.online.fr\3
|
|
# cliexp ^Proxy-Connection:.* Proxy-Connection:\ close
|
|
# srvexp ^(Location:\ )([^:]*://[^/]*)(.*) \1\3
|
|
|
|
listen health 0.0.0.0:3130
|
|
mode health
|
|
clitimeout 1500
|
|
srvtimeout 1500
|
|
maxconn 6000
|
|
grace 0
|
|
|
|
|
|
listen health 0.0.0.0:31300
|
|
mode health
|
|
option httpchk
|
|
clitimeout 1500
|
|
srvtimeout 1500
|
|
maxconn 6000
|
|
grace 0
|