55 lines
1.6 KiB
Plaintext
Executable File
55 lines
1.6 KiB
Plaintext
Executable File
-- host IP address is 192.168.0.8
|
|
-- Apache use ports 9080/90443
|
|
-- all HTTP requests on 80 will be redirected to 9080 except flower.databasepro.fr wich will go on 192.168.0.82:80
|
|
-- incoming HTTP 443 requests will be redirected to 9433 except flower.databasepro.fr wich will go on 192.168.0.82:443
|
|
-- incoming SSH requests on 443 port will be redirected to the port 22
|
|
-- incoming OpenVPN requests on 443 port will be redirected to 192.168.0.9:1194
|
|
|
|
|
|
frontend in_80
|
|
bind 192.168.0.8:80
|
|
default_backend out_80_default
|
|
# Define hosts
|
|
acl host_flower hdr(host) -i flower.databasepro.fr
|
|
# Figure out which one to use
|
|
use_backend out_80_flower if host_flower
|
|
|
|
backend out_80_default
|
|
server sv1 192.168.0.8:9080 maxconn 32
|
|
|
|
backend out_80_flower
|
|
server sv1 192.168.0.82:80 maxconn 32
|
|
|
|
|
|
frontend in_443
|
|
bind 192.168.0.8:443
|
|
mode tcp
|
|
option tcplog
|
|
tcp-request inspect-delay 5s
|
|
tcp-request content accept if HTTP
|
|
# Define hosts
|
|
acl host_flower hdr(host) -i flower.databasepro.fr
|
|
# Figure out which one to use
|
|
use_backend out_443_flower if { req_ssl_sni -i flower.databasepro.fr }
|
|
use_backend out_443_https if { req.ssl_hello_type 1 }
|
|
use_backend out_ssh if { payload(0,7) -m bin 5353482d322e30 }
|
|
default_backend openvpn
|
|
|
|
backend out_443_flower
|
|
server sv1 192.168.0.82:443
|
|
mode tcp
|
|
|
|
|
|
backend out_443_https
|
|
server sv1 192.168.0.8:9443
|
|
mode tcp
|
|
|
|
backend openvpn
|
|
mode tcp
|
|
server openvpn-server 192.168.0.9:1194
|
|
|
|
backend out_ssh
|
|
mode tcp
|
|
timeout server 2h
|
|
server ssh-local 192.168.0.8:22
|