remap.config文件配置模板

?

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182

# #  URL Remapping Config File # # Using remap.config allows you to accomplish two things: # #  1) Rewrite a URL (from the client) before sending it to the Origin Server. #  2) Protect the proxy server, to only allow certain requests. # #  With the default configurations, at least one remap rule is required. This #  can be relaxed with the following configuration in records.config: # #   CONFIG proxy.config.url_remap.remap_required INT 0 # # Be aware, doing so makes the proxy a generic, open-relay! # #  The format is: #      <map_type> client-URL origin-server-URL # # Where client-URL and origin-server-URL are both of the format #    <scheme>://<host>:<port>/<path_prefix> # #  Six different types of mappings are possible: #     map [with_recv_port | reverse] #     redirect [temporary] # #  the rule can have regular expression strings. See the last part of #  this description for more information on regex support. # #  The 'map' mapping is the most straightforward.  Requests that match the #  client-URL are rewritten into the origin-server-URL. The user agent will see #  the page on the remapped URL, but will not be notified of the address #  change. # #  The 'map with_recv_port' is exactly like 'map' except that it uses the port #  at which the request was received to perform the mapping instead of the port #  present in the request. When present, 'map with_recv_port' mappings are #  checked first. If there is a match, then it is chosen without evaluating the #  "regular" forward mapping rules. # #  The 'map reverse' mapping is used to rewrite location headers sent by the #  origin server.  The 'redirect' mapping creates a permanent redirect message #  and informs the browser of the URL change. # #  The 'redirect temporary' mapping acts in the same way but tells the browser #  that this redirect is only temporary.  We need to map the URL in reverse #  proxy mode so that user agents know to contact Traffic Server and not #  attempt to contact the Origin Server directly. # #  For example, you can set up a reverse proxy for www.example.com with the #  real content situated at server1.example.com with the rules: # #    map          http://www.example.com/      http://server1.example.com/ #    map reverse  http://server1.example.com/  http://www.example.com/ # #  Or you could permanently redirect users trying to access www.oldserver.com #  to www.newserver.com with the following rule: # #    redirect   http://www.oldserver.com/    http://www.newserver.com # #  If the redirect is only temporary, you want to only temporarily remap the #  URL.  You could use the following rule to divert users away from a failed #  server: # #  redirect temporary http://broken.firm.com http://working.firm.com # #  'redirect-URL' is a redirection URL specified according to RFC 2616 and can #  contain special formatting instructions for run-time modifications of the #  resulting redirection URL.  All regexes Perl compatible  regular expressions, #  which describes the content of the "Referer" header which must be #  verified. In case an actual request does not have "Referer" header or it #  does not match with referer regular expression, the HTTP request will be #  redirected to 'redirect-URL'. # #  At least one regular expressions must be specified in order to activate #  'deep linking protection'.  There are limitations for the number of referer #  regular expression strings - 2048.  In order to enable the 'deep linking #  protection' feature in Traffic Server, configure records.config with: # #    CONFIG proxy.config.http.referer_filter INT 1 # #  In order to enable run-time formatting for redirect0URL, configure # #    CONFIG proxy.config.http.referer_format_redirect INT 1 # #  When run-time formatting for redirect-URL was enabled the following format #  symbols can be used: # #    %r - to substitute original "Referer" header string #    %f - to substitute client-URL from 'map' record #    %t - to substitute origin-server-URL from 'map' record #    %o - to substitute request URL to origin server, which was created a #         the result of a mapping operation # # #  Regex support: Regular expressions can be specified in the rules with the #  following limitations: # #  1) Only the host field can have regexes - the scheme, port and other #     fields cannot. #  2) The number of capturing sub-patterns is limited to 9; #     this means $0 through $9 can be used as substitution place holders ($0 #     will be the entire input string) #  3) The number of substitutions in the expansion string is limited to 10. # # #   acl define allow_specified_client_access allow {   src_ip 0.0.0.0-255.255.255.255 }   acl define deny_all_client_access deny {   src_ip 0.0.0.0-255.255.255.255 }   acl define allow_only_administrator_access allow {   src_ip 127.0.0.1   src_ip 10.254.33.20 }   http 10.254.33.20:8828 {   acl check allow_only_administrator_access   acl check deny_all_client_access   map /cache-internal/ http://{cache-internal}   map /cache/ http://{cache}   map /stat/ http://{stat}   map /test/ http://{test}   map /hostdb/ http://{hostdb}   map /net/ http://{net}   map /http/ http://{http}   map /migrate/ http://{migrate} }   map http://(.+)/ http://$1/ {   acl check allow_specified_client_access   acl check deny_all_client_access }   map http://(.+):9999/ http://$1:9999/ {   acl check allow_specified_client_access   acl check deny_all_client_access }   map https://(.+)/ https://$1/ {   acl check allow_specified_client_access   acl check deny_all_client_access }   map http://(.+):81/ http://$1:81/ {   acl check allow_specified_client_access   acl check deny_all_client_access }   map http://(.+):82/ http://$1:82/ {   acl check allow_specified_client_access   acl check deny_all_client_access }   map http://(.+):443/ http://$1:443/ {   acl check allow_specified_client_access   acl check deny_all_client_access }   map http://(.+):8080/ http://$1:8080/ {   acl check allow_specified_client_access   acl check deny_all_client_access }   map http://(.+):8081/ http://$1:8081/ {   acl check allow_specified_client_access   acl check deny_all_client_access }   map http://(.+):8090/ http://$1:8090/ {   acl check allow_specified_client_access   acl check deny_all_client_access }   map http://(.+):9080/ http://$1:9080/ {   acl check allow_specified_client_access   acl check deny_all_client_access }