Nginx 4层反向代理

2021-07-08 10:32:14

L112

是基于TCP

Nginx 4层反向代理

Nginx 4层反向代理

Nginx 4层反向代理

Nginx 4层反向代理

Nginx 4层反向代理

Nginx 4层反向代理

Nginx 4层反向代理

POST_ACCEPT阶段 在建立连接后所做的事情

PREACCESS阶段  limit_conn 限流 与HTTP类似

ACCESS阶段 类似HTTP模块用于控制访问权限

SSL阶段  ssl请求

PREREAD阶段 ssl_preread 从头部取信息

CONTENT阶段 return,stream_proxy

LOG阶段 类似http log阶段

Syntax: stream { ... } 提供指定流服务器指令的配置文件上下文
Default:
Context: main
Syntax: server { ... }
Default:
Context: stream
Syntax: listen address:port [ssl] [udp] [proxy_protocol] [backlog=number] [rcvbuf=size] [sndbuf=size] [bind] [ipv6only=on|off] [reuseport] [so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]];
Default:
Context: server

模块 ngx_stream_return_module

Syntax: return value;
Default:
Context: server

需要编译进Nginx

http://nginx.org/en/docs/stream/ngx_stream_core_module.html

可以用 telnet 192.168.1.1 10004 方式查看数据

worker_processes auto;

error_log /var/log/nginx/error.log info;

events {

    worker_connections  ;

}

stream {

    upstream backend {

        hash $remote_addr consistent;

        server backend1.example.com: weight=;

        server 127.0.0.1:            max_fails= fail_timeout=30s;

        server unix:/tmp/backend3;

    }

    upstream dns {

       server 192.168.0.1:;

       server dns.example.com:;

    }

    server {

        listen ;

        proxy_connect_timeout 1s;

        proxy_timeout 3s;

        proxy_pass backend;

    }

    server {

        listen 127.0.0.1: udp reuseport;

        proxy_timeout 20s;

        proxy_pass dns;

    }

    server {

        listen [::]:;

        proxy_pass unix:/tmp/stream.socket;

    }

}

代码示列

stream {

    log_format basic '$remote_addr [$time_local] '

                 '$protocol $status $bytes_sent $bytes_received '

                 '$session_time';

    error_log logs/stream_error.log debug;

    access_log logs/stream_access.log basic;

    server {

        listen  proxy_protocol;

        return '10002 server get ip: $remote_addr!\n';

    }

    server {

        listen  proxy_protocol;

        return '10003 server get ip: $remote_addr!\n';

        }

    server {

        #listen ;

        listen  proxy_protocol;

        set_real_ip_from 127.0.0.1;

        allow 202.112.144.236;

        deny all;

        return '10004 vars:

bytes_received: $bytes_received

bytes_sent: $bytes_sent

proxy_protocol_addr: $proxy_protocol_addr

proxy_protocol_port: $proxy_protocol_port

remote_addr: $remote_addr

remote_port: $remote_port

realip_remote_addr: $realip_remote_addr

realip_remote_port: $realip_remote_port

server_addr: $server_addr

server_port: $server_port

session_time: $session_time

status: $status

protocol: $protocol

';

    }

}
上一篇:Nginx七层反向代理和负载均衡


下一篇:Unbutu网卡驱动安装(Intel内置网卡8086:15b8)