config/obr/relayd.conf


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59

interval 30

timeout 10000

prefork 5

log updates

EXT_IF = 83.150.2.48

table <euroweb> { euroweb.lan }
table <euroserver> { euroserver.lan }

http protocol "http_protocol" {

	return error

	match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
	match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT"
	match request header set "Connection" value "close"
	match request header set "Keep-Alive" value "$TIMEOUT"

	match response header set "Server" value "None of your business"

	tcp { nodelay, sack, socket buffer 65536, backlog 128 }

	match request tag disallowed_host
	match request quick header "Host" value "www.maschezuoz.ch" \
		forward to <euroweb> no tag
	match request quick header "Host" value "www-joomla.maschezuoz.ch" \
		forward to <euroweb> no tag
	match request quick header "Host" value "maschezuoz.ch" \
		forward to <euroweb> no tag
	match request quick header "Host" value "www.andreasbaumann.cc" \
		forward to <euroweb> no tag
	match request quick header "Host" value "andreasbaumann.cc" \
		forward to <euroweb> no tag
	match request quick header "Host" value "git.andreasbaumann.cc" \
		forward to <euroweb> no tag
	match request quick header "Host" value "webmail.andreasbaumann.cc" \
		forward to <euroweb> no tag
	match request quick header "Host" value "blog.andreasbaumann.cc" \
		forward to <euroweb> no tag
	match request quick header "Host" value "cloud.andreasbaumann.cc" \
		forward to <euroweb> no tag
	match request quick header "Host" value "mon.andreasbaumann.cc" \
		forward to <euroserver> no tag

	block request tagged disallowed_host label "BAD host"
}

relay http_relay {
	listen on $EXT_IF port 80
	protocol http_protocol

	forward to <euroweb> port 80
	forward to <euroserver> port 80
}