diff options
| author | Andreas Baumann <mail@andreasbaumann.cc> | 2017-10-19 14:23:13 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-10-19 14:23:13 +0200 |
| commit | 1e30c6fa62f8a083cc27ab463c310e87fc09e3a2 (patch) | |
| tree | c9579164fd89604d8d313fd3b5d074bebf3c2165 /config/obr/relayd.conf | |
| parent | c3736445d02c7fd6562d05bc6079eba85ee508f9 (diff) | |
| parent | 5247a4900bb79588094f9422833217ba78c3abc1 (diff) | |
| download | OpenBSD-firewall-1e30c6fa62f8a083cc27ab463c310e87fc09e3a2.tar.gz OpenBSD-firewall-1e30c6fa62f8a083cc27ab463c310e87fc09e3a2.tar.bz2 | |
Merge pull request #3 from andreasbaumann/master
upgrade to OpenBSD 6.2
Diffstat (limited to 'config/obr/relayd.conf')
| -rw-r--r-- | config/obr/relayd.conf | 29 |
1 files changed, 4 insertions, 25 deletions
diff --git a/config/obr/relayd.conf b/config/obr/relayd.conf index 3036e5f..6be42f6 100644 --- a/config/obr/relayd.conf +++ b/config/obr/relayd.conf @@ -20,17 +20,19 @@ http protocol "http_protocol" { match request header set "Connection" value "close" match request header set "Keep-Alive" value "$TIMEOUT" - match response header set "Server" value "Non of your business" + match response header set "Server" value "None of your business" tcp { nodelay, sack, socket buffer 65536, backlog 128 } match request tag disallowed_host match request quick header "Host" value "www.maschezuoz.ch" \ forward to <euroweb> no tag - match request quick header "Host" value "www.andreasbaumann.cc" \ + match request quick header "Host" value "www-joomla.maschezuoz.ch" \ forward to <euroweb> no tag match request quick header "Host" value "maschezuoz.ch" \ forward to <euroweb> no tag + match request quick header "Host" value "www.andreasbaumann.cc" \ + forward to <euroweb> no tag match request quick header "Host" value "andreasbaumann.cc" \ forward to <euroweb> no tag match request quick header "Host" value "git.andreasbaumann.cc" \ @@ -43,26 +45,10 @@ http protocol "http_protocol" { forward to <euroweb> no tag match request quick header "Host" value "mon.andreasbaumann.cc" \ forward to <euroserver> no tag - match request quick header "Host" value "www.maschezuoz.ch" \ - forward to <euroweb> no tag block request tagged disallowed_host label "BAD host" } -http protocol "https_protocol" { - - return error - - match request header append "X-Forwarded-For" value "$REMOTE_ADDR" - match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT" - match request header set "Connection" value "close" - match request header set "Keep-Alive" value "$TIMEOUT" - - match response header set "Server" value "Non of your business" - - tcp { nodelay, sack, socket buffer 65536, backlog 128 } -} - relay http_relay { listen on $EXT_IF port 80 protocol http_protocol @@ -70,11 +56,4 @@ relay http_relay { forward to <euroweb> port 80 forward to <euroserver> port 80 } - -relay https_relay { - listen on $EXT_IF port 443 tls - protocol https_protocol - - forward with tls to <euroweb> port 443 -} |