Building the Network You Need with OpenBSD's PF: EuroBSDCon, St. Julian's, September 26th 2013 | ||
---|---|---|
Prev | Next |
load balances ssl services
http protocol "httpssl" { header append "$REMOTE_ADDR" to "X-Forwarded-For" header append "$SERVER_ADDR:$SERVER_PORT" to "X-Forwarded-By" header change "Keep-Alive" to "$TIMEOUT" query hash "sessid" cookie hash "sessid" path filter "*command=*" from "/cgi-bin/index.cgi" ssl { sslv2, ciphers "MEDIUM:HIGH" } tcp { nodelay, sack, socket buffer 65536, backlog 128 } } relay wwwssl { # Run as a SSL accelerator listen on $webserver port 443 ssl protocol "httpssl" table <webhosts> loadbalance check ssl }
Also see relayd-dsr