haproxy如何实现中转ws

jarmoku

以下是我目前的代码

1. global
   
2.         log /dev/log        local0
   
3.         log /dev/log        local1 notice
   
4.         chroot /var/lib/haproxy
   
5.         stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
   
6.         stats timeout 30s
   
7.         user haproxy
   
8.         group haproxy
   
9.         daemon
   
10. 
    
11.         # Default SSL material locations
    
12.         ca-base /etc/ssl/certs
    
13.         crt-base /etc/ssl/private
    
14. 
    
15.         # See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
    
16.         ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
    
17.         ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
    
18.         ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
    
19. 
    
20. defaults
    
21.         log        global
    
22.         mode        http
    
23.         option        httplog
    
24.         option        dontlognull
    
25.         timeout connect 5000
    
26.         timeout client  50000
    
27.         timeout server  50000
    
28.         errorfile 400 /etc/haproxy/errors/400.http
    
29.         errorfile 403 /etc/haproxy/errors/403.http
    
30.         errorfile 408 /etc/haproxy/errors/408.http
    
31.         errorfile 500 /etc/haproxy/errors/500.http
    
32.         errorfile 502 /etc/haproxy/errors/502.http
    
33.         errorfile 503 /etc/haproxy/errors/503.http
    
34.         errorfile 504 /etc/haproxy/errors/504.http
    
35. 
    
36. frontend http_frontend
    
37.     mode http
    
38.     option httplog
    
39.     bind *:31006
    
40.     option forwardfor
    
41.     acl host_sjc hdr_beg(host) -i sjc.com
    
42.     acl host_tyo hdr_beg(host) -i tyo.com
    
43. 
    
44.     use_backend http_sjc if host_sjc
    
45.     use_backend http_tyo if host_tyo
    
46. 
    
47. backend http_sjc
    
48.     mode http
    
49.     option httplog
    
50.     option forwardfor
    
51.     server sjc 029.NA.POP.BIGAIRPORT.NET:12356
    
52. 
    
53. backend http_tyo
    
54.     mode http
    
55.     option httplog
    
56.     option forwardfor
    
57.     server tyo 024.AP.POP.BIGAIRPORT.NET:12356

复制代码

acewf

我是这么转wss的，ws的你可以把ssl的去掉试试 我没试过

1. frontend pf_http_in
   
2.         bind :::2082
   
3.         bind :::2083 ssl crt /etc/haproxy/cert.pem
   
4. 
   
5.         acl pf_http_00_in hdr_beg(host) -i 域名1
   
6.         acl pf_http_01_in hdr_beg(host) -i 域名2
   
7. 
   
8.         use_backend pf_http_00_out if pf_http_00_in
   
9.         use_backend pf_http_01_out if pf_http_01_in
   
10.         use_backend pf_http_00_out if { ssl_fc_sni -i 域名1 }
    
11.         use_backend pf_http_01_out if { ssl_fc_sni -i 域名2 }
    
12.         default_backend pf_http_00_out
    
13. 
    
14. backend pf_http_00_out
    
15.         mode tcp
    
16.         #mode http
    
17.         #option forwardfor
    
18.         #balance source
    
19.         #timeout server 60s
    
20.         #option httpchk HEAD /
    
21.         server proxy00 落地IP:端口 maxconn 204800 ssl verify none
    
22. 
    
23. backend pf_http_01_out
    
24.         mode tcp
    
25.         server proxy00 落地IP:端口 maxconn 204800 ssl verify none

复制代码