-
Notifications
You must be signed in to change notification settings - Fork 18
/
haproxy.cfg
46 lines (42 loc) · 1017 Bytes
/
haproxy.cfg
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
defaults
log global
mode tcp
option tcplog
option dontlognull
maxconn 2000
timeout connect 5000
timeout client 500000
timeout server 500000
frontend ssl
mode tcp
bind x.x.x.x:443
tcp-request inspect-delay 3s
tcp-request content accept if { req.ssl_hello_type 1 }
acl www req_ssl_sni -i isol.me
acl ssh_payload payload(0,7) -m bin 5353482d322e30
use_backend nginx if www { req.ssl_hello_type 1 }
use_backend ocserv if { req.ssl_hello_type 1 }
use_backend openssh if ssh_payload
use_backend openssh if !{ req.ssl_hello_type 1 } { req.len 0 }
use_backend shadowsocks if !{ req.ssl_hello_type 1 } !{ req.len 0 }
backend openssh
mode tcp
timeout server 3h
server openssh 127.0.0.1:22
backend ocserv
mode tcp
timeout server 24h
server sslvpn 127.0.0.1:9443
backend nginx
mode tcp
server webserver 127.0.0.1:8443
backend shadowsocks
mode tcp
server socks 127.0.0.1:45