一个nat端口如何利用haproxy中转多个服务

John 学习教程

haproxy 根据域名分流 配置如下:
nat小鸡 -> haproxy Sever --> 443 {v2*y s* tr*jan ssh}

 

[v_lvb]

global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon

defaults
log global
mode tcp
option tcplog
option dontlognull
#maxconn 2000
timeout connect 24h
timeout client 24h
timeout server 24h

frontend ssl
mode tcp
bind *:443
tcp-request inspect-delay 5s
tcp-request content accept if { req.ssl_hello_type 1 }

#acl ssh_payload payload(0,7) -m bin 5353482d322e30
acl v2-pr req_ssl_sni -i pr.v2ray.best
acl v2-gcp req_ssl_sni -i pr.v2ray.best
acl v2-tr req_ssl_sni -i pr.trojan.best
acl ss-gcp req_ssl_sni -i gcp.ss.best

use_backend gcp if v2-gcp
use_backend pr if v2-pr
use_backend tr if v2-tr
#use_backend shadowsocks if ss-gcp
use_backend defaultserv if { req.ssl_hello_type 1 } !v2-gcp !v2-tr !v2-pr !ss-gcp

backend gcp
mode tcp
option ssl-hello-chk
server server1 xxx.xxx.xxx.xxx:443

backend tr
mode tcp
option ssl-hello-chk
http-request set-header Host pr.trojan.best
#option httpclose
server server1 xxx.xxx.xxx.xxx:4431

backend pr
mode tcp
option ssl-hello-chk
server server1 xxx.xxx.xxx.xxx:443
backend defaultserv
mode tcp
server server1 www.baidu.com

[/v_lvb]

 

重点:trojan 域名 需要手动 指hosts ,v2ray则直接http伪装填写域名.

 

版权声明:
作者:John
链接:https://vps.la/2020/04/22/%e4%b8%80%e4%b8%aanat%e7%ab%af%e5%8f%a3%e5%a6%82%e4%bd%95%e5%88%a9%e7%94%a8haproxy%e4%b8%ad%e8%bd%ac%e5%a4%9a%e4%b8%aa%e6%9c%8d%e5%8a%a1/
来源:VPS啦
文章版权归作者所有,未经允许请勿转载。

THE END
分享
二维码
< <上一篇
下一篇>>