blob: c4a8eb4a8628ef8d1c51a9a3c8d0e5fc5498602d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
|
interval 30
timeout 10000
prefork 5
log updates
EXT_IF = 83.150.2.48
table <euroweb> { euroweb.lan }
table <euroserver> { euroserver.lan }
http protocol "http_protocol" {
return error
match request header append "X-Forwarded-For" value "$REMOTE_ADDR"
match request header append "X-Forwarded-By" value "$SERVER_ADDR:$SERVER_PORT"
match request header set "Connection" value "close"
match request header set "Keep-Alive" value "$TIMEOUT"
match response header set "Server" value "None of your business"
tcp { nodelay, sack, socket buffer 65536, backlog 128 }
match request tag disallowed_host
match request quick header "Host" value "www.maschezuoz.ch" \
forward to <euroweb> no tag
match request quick header "Host" value "www-joomla.maschezuoz.ch" \
forward to <euroweb> no tag
match request quick header "Host" value "maschezuoz.ch" \
forward to <euroweb> no tag
match request quick header "Host" value "www.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "git.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "webmail.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "blog.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "cloud.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "mon.andreasbaumann.cc" \
forward to <euroserver> no tag
match request quick header "Host" value "imap.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "archlinux32.andreasbaumann.cc" \
forward to <euroweb> no tag
match request quick header "Host" value "www.pgfuse.org" \
forward to <euroweb> no tag
match request quick header "Host" value "pgfuse.org" \
forward to <euroweb> no tag
match request quick header "Host" value "www.openbsd-firewall.org" \
forward to <euroweb> no tag
match request quick header "Host" value "openbsd-firewall.org" \
forward to <euroweb> no tag
block request tagged disallowed_host label "BAD host"
}
relay http_relay {
listen on $EXT_IF port 80
protocol http_protocol
forward to <euroweb> port 80
forward to <euroserver> port 80
}
|