remap.config文件配置模板

#
#  URL Remapping Config File
#
# Using remap.config allows you to accomplish two things:
#
#  1) Rewrite a URL (from the client) before sending it to the Origin Server.
#  2) Protect the proxy server, to only allow certain requests.
#
#  With the default configurations, at least one remap rule is required. This
#  can be relaxed with the following configuration in records.config:
#
#   CONFIG proxy.config.url_remap.remap_required INT 0
#
# Be aware, doing so makes the proxy a generic, open-relay!
#
#  The format is:
#      <map_type> client-URL origin-server-URL
#
# Where client-URL and origin-server-URL are both of the format
#    <scheme>://<host>:<port>/<path_prefix>
#
#  Six different types of mappings are possible:
#     map [with_recv_port | reverse]
#     redirect [temporary]
#
#  the rule can have regular expression strings. See the last part of
#  this description for more information on regex support.
#
#  The 'map' mapping is the most straightforward.  Requests that match the
#  client-URL are rewritten into the origin-server-URL. The user agent will see
#  the page on the remapped URL, but will not be notified of the address
#  change.
#
#  The 'map with_recv_port' is exactly like 'map' except that it uses the port
#  at which the request was received to perform the mapping instead of the port
#  present in the request. When present, 'map with_recv_port' mappings are
#  checked first. If there is a match, then it is chosen without evaluating the
#  "regular" forward mapping rules.
#
#  The 'map reverse' mapping is used to rewrite location headers sent by the
#  origin server.  The 'redirect' mapping creates a permanent redirect message
#  and informs the browser of the URL change.
#
#  The 'redirect temporary' mapping acts in the same way but tells the browser
#  that this redirect is only temporary.  We need to map the URL in reverse
#  proxy mode so that user agents know to contact Traffic Server and not
#  attempt to contact the Origin Server directly.
#
#  For example, you can set up a reverse proxy for www.example.com with the
#  real content situated at server1.example.com with the rules:
#
#    map          http://www.example.com/      http://server1.example.com/
#    map reverse  http://server1.example.com/  http://www.example.com/
#
#  Or you could permanently redirect users trying to access www.oldserver.com
#  to www.newserver.com with the following rule:
#
#    redirect	http://www.oldserver.com/    http://www.newserver.com
#
#  If the redirect is only temporary, you want to only temporarily remap the
#  URL.  You could use the following rule to divert users away from a failed
#  server:
#
#  redirect temporary http://broken.firm.com http://working.firm.com
#
#  'redirect-URL' is a redirection URL specified according to RFC 2616 and can
#  contain special formatting instructions for run-time modifications of the
#  resulting redirection URL.  All regexes Perl compatible  regular expressions,
#  which describes the content of the "Referer" header which must be
#  verified. In case an actual request does not have "Referer" header or it
#  does not match with referer regular expression, the HTTP request will be
#  redirected to 'redirect-URL'.
#
#  At least one regular expressions must be specified in order to activate
#  'deep linking protection'.  There are limitations for the number of referer
#  regular expression strings - 2048.  In order to enable the 'deep linking
#  protection' feature in Traffic Server, configure records.config with:
#
#    CONFIG proxy.config.http.referer_filter INT 1
#
#  In order to enable run-time formatting for redirect0URL, configure
#
#    CONFIG proxy.config.http.referer_format_redirect INT 1
#
#  When run-time formatting for redirect-URL was enabled the following format
#  symbols can be used:
#
#    %r - to substitute original "Referer" header string
#    %f - to substitute client-URL from 'map' record
#    %t - to substitute origin-server-URL from 'map' record
#    %o - to substitute request URL to origin server, which was created a
#         the result of a mapping operation
#
#
#  Regex support: Regular expressions can be specified in the rules with the
#  following limitations:
#
#  1) Only the host field can have regexes - the scheme, port and other
#     fields cannot.
#  2) The number of capturing sub-patterns is limited to 9;
#     this means $0 through $9 can be used as substitution place holders ($0
#     will be the entire input string)
#  3) The number of substitutions in the expansion string is limited to 10.
#
#
#

acl define allow_specified_client_access allow {
  src_ip 0.0.0.0-255.255.255.255
}

acl define deny_all_client_access deny {
  src_ip 0.0.0.0-255.255.255.255
}

acl define allow_only_administrator_access allow {
  src_ip 127.0.0.1
  src_ip 10.254.33.20
}

http 10.254.33.20:8828 {
  acl check allow_only_administrator_access
  acl check deny_all_client_access
  map /cache-internal/ http://{cache-internal}
  map /cache/ http://{cache}
  map /stat/ http://{stat}
  map /test/ http://{test}
  map /hostdb/ http://{hostdb}
  map /net/ http://{net}
  map /http/ http://{http}
  map /migrate/ http://{migrate}
}

map http://(.+)/ http://$1/ {
  acl check allow_specified_client_access
  acl check deny_all_client_access
}

map http://(.+):9999/ http://$1:9999/ {
  acl check allow_specified_client_access
  acl check deny_all_client_access
}

map https://(.+)/ https://$1/ {
  acl check allow_specified_client_access
  acl check deny_all_client_access
}

map http://(.+):81/ http://$1:81/ {
  acl check allow_specified_client_access
  acl check deny_all_client_access
}

map http://(.+):82/ http://$1:82/ {
  acl check allow_specified_client_access
  acl check deny_all_client_access
}

map http://(.+):443/ http://$1:443/ {
  acl check allow_specified_client_access
  acl check deny_all_client_access
}

map http://(.+):8080/ http://$1:8080/ {
  acl check allow_specified_client_access
  acl check deny_all_client_access
}

map http://(.+):8081/ http://$1:8081/ {
  acl check allow_specified_client_access
  acl check deny_all_client_access
}

map http://(.+):8090/ http://$1:8090/ {
  acl check allow_specified_client_access
  acl check deny_all_client_access
}

map http://(.+):9080/ http://$1:9080/ {
  acl check allow_specified_client_access
  acl check deny_all_client_access
}

 

posted @ 2017-11-29 14:23  西门运维  阅读(889)  评论(0编辑  收藏  举报