blob: 425a06476f41c85997fcf56ff188d0893c2fb06f (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
interval 30
timeout 10000
prefork 5
log state changes
EXT_IF = 83.150.2.48
table <euroweb> { euroweb.lan }
table <euroserver> { euroserver.lan }
table <euromon> { euromon.lan }
http protocol "http_protocol" {
return error
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT"
match request header set "Connection" value "close"
match request header set "Keep-Alive" value "$TIMEOUT"
match response header set "Server" value "None of your business"
tcp { nodelay, sack, socket buffer 65536, backlog 128 }
match request tag disallowed_host
match request quick header "Host" value "www.maschezuoz.ch" \
forward to <euroweb> no tag
match request quick header "Host" value "www-joomla.maschezuoz.ch" \
forward to <euroweb> no tag
match request quick header "Host" value "maschezuoz.ch" \
forward to <euroweb> no tag
match request quick header "Host" value "www.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "git.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "webmail.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "blog.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "cloud.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "mon.andreasbaumann.cc" \
forward to <euromon> no tag
match request quick header "Host" value "imap.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "imap.maschezuoz.ch" \
forward to <euroweb> no tag
match request quick header "Host" value "smtp.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "smtp.maschezuoz.ch" \
forward to <euroweb> no tag
match request quick header "Host" value "archlinux32.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "www.pgfuse.org" \
forward to <euroweb> no tag
match request quick header "Host" value "pgfuse.org" \
forward to <euroweb> no tag
match request quick header "Host" value "www.openbsd-firewall.org" \
forward to <euroweb> no tag
match request quick header "Host" value "openbsd-firewall.org" \
forward to <euroweb> no tag
block request tagged disallowed_host label "BAD host"
}
relay http_relay {
listen on $EXT_IF port 80
protocol http_protocol
forward to <euroweb> port 80
forward to <euroserver> port 80
forward to <euromon> port 80
}
|