1berry/haproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CLEANUP: examples: update sample file option-http_proxy.cfg

Browse Source 
This one was still valid but emitted lots of warnings.
This commit is contained in:
Willy Tarreau 2015-10-13 15:43:39 +02:00
parent 677457e882
commit 05d50d0910
1 changed files with 7 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
examples/option-http_proxy.cfg
View File

@ -18,36 +18,35 @@ frontend test-proxy
log global log global
option httplog option httplog
option dontlognull option dontlognull
option httpclose
option nolinger option nolinger
option http_proxy option http_proxy
maxconn 8000 maxconn 8000
clitimeout 30000 timeout client 30s
# layer3: Valid users # layer3: Valid users
acl allow_host src 192.168.200.150/32 acl allow_host src 192.168.200.150/32
block if !allow_host http-request deny if !allow_host
# layer7: prevent private network relaying # layer7: prevent private network relaying
acl forbidden_dst url_ip 192.168.0.0/24 acl forbidden_dst url_ip 192.168.0.0/24
acl forbidden_dst url_ip 172.16.0.0/12 acl forbidden_dst url_ip 172.16.0.0/12
acl forbidden_dst url_ip 10.0.0.0/8 acl forbidden_dst url_ip 10.0.0.0/8
block if forbidden_dst http-request deny if forbidden_dst
default_backend test-proxy-srv default_backend test-proxy-srv
backend test-proxy-srv backend test-proxy-srv
mode http mode http
contimeout 5000 timeout connect 5s
srvtimeout 5000 timeout server 5s
retries 2 retries 2
option nolinger option nolinger
option http_proxy option http_proxy
# layer7: Only GET method is valid # layer7: Only GET method is valid
acl valid_method method GET acl valid_method method GET
block if !valid_method http-request deny if !valid_method
# layer7: protect bad reply # layer7: protect bad reply
rspdeny ^Content-Type:[\ ]*audio/mp3 http-response deny if { res.hdr(content-type) audio/mp3 }