一个nat端口如何利用haproxy中转多个服务
haproxy 根据域名分流 配置如下:
nat小鸡 -> haproxy Sever --> 443 {v2*y s* tr*jan ssh}
[v_lvb]
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
defaults
log global
mode tcp
option tcplog
option dontlognull
#maxconn 2000
timeout connect 24h
timeout client 24h
timeout server 24h
frontend ssl
mode tcp
bind *:443
tcp-request inspect-delay 5s
tcp-request content accept if { req.ssl_hello_type 1 }
#acl ssh_payload payload(0,7) -m bin 5353482d322e30
acl v2-pr req_ssl_sni -i pr.v2ray.best
acl v2-gcp req_ssl_sni -i pr.v2ray.best
acl v2-tr req_ssl_sni -i pr.trojan.best
acl ss-gcp req_ssl_sni -i gcp.ss.best
use_backend gcp if v2-gcp
use_backend pr if v2-pr
use_backend tr if v2-tr
#use_backend shadowsocks if ss-gcp
use_backend defaultserv if { req.ssl_hello_type 1 } !v2-gcp !v2-tr !v2-pr !ss-gcp
backend gcp
mode tcp
option ssl-hello-chk
server server1 xxx.xxx.xxx.xxx:443
backend tr
mode tcp
option ssl-hello-chk
http-request set-header Host pr.trojan.best
#option httpclose
server server1 xxx.xxx.xxx.xxx:4431
backend pr
mode tcp
option ssl-hello-chk
server server1 xxx.xxx.xxx.xxx:443
backend defaultserv
mode tcp
server server1 www.baidu.com
[/v_lvb]
重点:trojan 域名 需要手动 指hosts ,v2ray则直接http伪装填写域名.
版权声明:
作者:John
链接:https://vps.la/2020/04/22/%e4%b8%80%e4%b8%aanat%e7%ab%af%e5%8f%a3%e5%a6%82%e4%bd%95%e5%88%a9%e7%94%a8haproxy%e4%b8%ad%e8%bd%ac%e5%a4%9a%e4%b8%aa%e6%9c%8d%e5%8a%a1/
来源:VPS啦
文章版权归作者所有,未经允许请勿转载。
共有 0 条评论