Haproxy配置Httpd-x-forward

2016-12-14 16:34:00
村里来的扫地僧
原创
1922

Haproxy配置X-Forwarded-For

安装Httpd服务:
[root@linux-01 ~]# yum install httpd
Loaded plugins: fastestmirror, security
Loading mirror speeds from cached hostfile
 * base: mirrors.nwsuaf.edu.cn
 * extras: mirror.bit.edu.cn
 * updates: mirror.bit.edu.cn
base                                                                                                          | 3.7 kB     00:0
extras                                                                                                        | 3.4 kB     00:0
updates                                                                                                       | 3.4 kB     00:0
updates/primary_db                                                                                            | 2.6 MB     00:0
Setting up Install Process
Resolving Dependencies
--> Running transaction check
---> Package httpd.x86_64 0:2.2.15-54.el6.centos will be installed
--> Processing Dependency: httpd-tools = 2.2.15-54.el6.centos for package: httpd-2.2.15-54.el6.centos.x86_64
--> Processing Dependency: apr-util-ldap for package: httpd-2.2.15-54.el6.centos.x86_64
--> Processing Dependency: libaprutil-1.so.0()(64bit) for package: httpd-2.2.15-54.el6.centos.x86_64
--> Processing Dependency: libapr-1.so.0()(64bit) for package: httpd-2.2.15-54.el6.centos.x86_64
--> Running transaction check
---> Package apr.x86_64 0:1.3.9-5.el6_2 will be installed
---> Package apr-util.x86_64 0:1.3.9-3.el6_0.1 will be installed
---> Package apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1 will be installed
---> Package httpd-tools.x86_64 0:2.2.15-54.el6.centos will be installed
--> Finished Dependency Resolution

Dependencies Resolved

===============================================================================================================================
 Package                          Arch                      Version                                 Repository                 
===============================================================================================================================
Installing:
 httpd                            x86_64                    2.2.15-54.el6.centos                    updates                    
Installing for dependencies:
 apr                              x86_64                    1.3.9-5.el6_2                           base                       
 apr-util                         x86_64                    1.3.9-3.el6_0.1                         base                       
 apr-util-ldap                    x86_64                    1.3.9-3.el6_0.1                         base                       
 httpd-tools                      x86_64                    2.2.15-54.el6.centos                    updates                    

Transaction Summary
===============================================================================================================================
Install       5 Package(s)

Total download size: 1.1 M
Installed size: 3.6 M
Is this ok [y/N]: y
Downloading Packages:
(1/5): apr-1.3.9-5.el6_2.x86_64.rpm                                                                           | 123 kB     00:0
(2/5): apr-util-1.3.9-3.el6_0.1.x86_64.rpm                                                                    |  87 kB     00:0
(3/5): apr-util-ldap-1.3.9-3.el6_0.1.x86_64.rpm                                                               |  15 kB     00:0
(4/5): httpd-2.2.15-54.el6.centos.x86_64.rpm                                                                  | 833 kB     00:0
(5/5): httpd-tools-2.2.15-54.el6.centos.x86_64.rpm                                                            |  79 kB     00:0
-------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                657 kB/s | 1.1 MB     00:0
Running rpm_check_debug
Running Transaction Test
Transaction Test Succeeded
Running Transaction
  Installing : apr-1.3.9-5.el6_2.x86_64                                                                                        
  Installing : apr-util-1.3.9-3.el6_0.1.x86_64                                                                                 
  Installing : httpd-tools-2.2.15-54.el6.centos.x86_64                                                                         
  Installing : apr-util-ldap-1.3.9-3.el6_0.1.x86_64                                                                            
  Installing : httpd-2.2.15-54.el6.centos.x86_64                                                                               
  Verifying  : httpd-tools-2.2.15-54.el6.centos.x86_64                                                                         
  Verifying  : apr-1.3.9-5.el6_2.x86_64                                                                                        
  Verifying  : httpd-2.2.15-54.el6.centos.x86_64                                                                               
  Verifying  : apr-util-1.3.9-3.el6_0.1.x86_64                                                                                 
  Verifying  : apr-util-ldap-1.3.9-3.el6_0.1.x86_64                                                                            

Installed:
  httpd.x86_64 0:2.2.15-54.el6.centos                                                                                          

Dependency Installed:
  apr.x86_64 0:1.3.9-5.el6_2                     apr-util.x86_64 0:1.3.9-3.el6_0.1      apr-util-ldap.x86_64 0:1.3.9-3.el6_0.1 
  httpd-tools.x86_64 0:2.2.15-54.el6.centos     

Complete!
配置Httpd,X-Forwarded-For

[root@linux-01 ~]# vim /etc/httpd/conf/httpd.conf 
httpd:
	//497: LogFormat "{X-Forwarded-For} %h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined

	
Acl应用配置案例
Redirect Example:
		acl clear      dst_port  80
		acl secure     dst_port  8080
		acl login_page url_beg   /login
		acl logout     url_beg   /logout
		acl uid_given  url_reg   /login?userid=[^&]+
		acl cookie_set hdr_sub(cookie) SEEN=1
		
		redirect prefix   https://mysite.com set-cookie SEEN=1 if !cookie_set
		redirect prefix   https://mysite.com           if login_page !secure
		redirect prefix   http://mysite.com drop-query if login_page !uid_given
		redirect location http://mysite.com/           if !login_page secure
		redirect location / clear-cookie USERID=       if logout
		
当用户通过80端口访问/haproxy?stats重定向8009端口上服务来提供此功能
	reqadd <string> [{if | unless} <cond>]
	
	<string>  is the complete line to be added. Any space or known delimiter
          must be escaped using a backslash (''). Please refer to section
          6 about HTTP header manipulation for more information.

	<cond> is an optional matching condition built from ACLs. It makes it
          possible to ignore this rule when other conditions are not met.
		  
	acl is-ssl  dst_port       81
	reqadd      X-Proto: SSL  if is-ssl
	
超时时长:timeout http-request
	timeout http-request <timeout>
	Set the maximum allowed time to wait for a complete HTTP request
	
实现访问控制:
	http-request :7层
	tcp-request :4层过滤
	

	//scheme://user:password@host:port/path;params?query#fragment
	

An Example
	acl url_static path_beg /static /images /img /css
	acl Url_static path_end .gif .png .jpg .css .js
	acl host_www hdr_beg(host) -i www
	acl host_static hdr_beg(host) -i img. viedo. download. ftp.
	
	use_backend static if host_static of url_static
	url_backend www if host_www

发表评论
肆 减 伍 =
评论通过审核后显示。