Harpoxy-报文修改
在http模式下,基于实际需求修改客户端的请求报文与响应报文,通过reqadd和reqdel在请求报文添加删除字段,通过rspadd与rspidel在响应报文中添加与删除字段。
注意:此功能的以下相关指令在2.1版本中已经取消
2.1版本以上用下面指令http-request和http-response代替
#在向前端客户端转发的响应报文尾部添加指定首部
rspadd <string> [{if | unless} <cond>]
示例: rspadd X-Via:\ HAPorxy
rspadd Server:\ wanginx
#从向前端客户端转发的响应报文中删除匹配正则表达式的首部
rspdel <search> [{if | unless} <cond>]
rspidel <search> [{if | unless} <cond>] #忽略大小写
示例:
rspidel ^server:.* #从响应报文删除server信息
rspidel X-Powered-By:.* #从响应报文删除X-Powered-By信息,一般此首部字段保存php版本信息
例子:
frontend zjol
bind 192.168.80.110:82
mode http
use_backend zjol_node
backend zjol_node
mode http
option forwardfor
rspadd X-Via:\ HAPorxy
rspidel ^server:.*
server web2 192.168.80.120:80 weight 1 check inter 3000 fall 3 rise 5
[root@localhost7e ~]# curl -I 192.168.80.110:82
HTTP/1.1 200 OK
server: nginx/1.20.1
date: Mon, 25 Jul 2022 02:12:21 GMT
content-type: text/html
content-length: 15
last-modified: Fri, 22 Jul 2022 08:50:22 GMT
etag: "62da64ce-f"
accept-ranges: bytes
[root@localhost7e ~]#
[root@localhost7e ~]#
[root@localhost7e ~]# curl -I 192.168.80.110:82
HTTP/1.1 200 OK
date: Mon, 25 Jul 2022 02:22:02 GMT
content-type: text/html
content-length: 15
last-modified: Fri, 22 Jul 2022 08:50:22 GMT
etag: "62da64ce-f"
accept-ranges: bytes
x-via: HAPorxy
#在向后端服务器转发的请求报文尾部添加指定首部
reqadd <string> [{if | unless} <cond>]
示例:reqadd X-Via:\ HAPorxy
#在向后端服务器转发的请求报文中删除匹配正则表达式的首部
reqdel <search> [{if | unless} <cond>]
reqidel <search> [{if | unless} <cond>] #忽略大小写
示例:reqidel user-agent
范例:
#添加向后端报务器发起的请求报文首部
vim haproxy.cfg
frontend main *:80
default_backend websrvs
reqidel user-agent
reqadd testheader:\ haporxyserver 加此行,只有一个个空格,并需要转义,类似自定义日志格式
#在后端httpd服务器
vim /etc/httpd/conf/httpd.conf
LogFormat "%{testheader}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
#使用nginx日志测试失败,只能通过浏览器的(F12)调试模式看到.(nginx模块 proxy_set_header field value也有这样问题。)
例:
frontend zjol
bind 192.168.80.110:82
mode http
use_backend zjol_node
backend zjol_node
mode http
option forwardfor
reqadd testheader:\ haporxyserver #apache日志格式 可以接收自定义的变量
#reqadd testheader:\ "$server_protocol" 传递不了nginx.
reqidel user-agent
server web2 192.168.80.120:80 weight 1 check inter 3000 fall 3 rise 5
后端nginx日志查看(reqidel user-agent说明)
tail -f /var/log/nginx/access.log
192.168.80.110 - - [25/Jul/2022:14:32:08 +0800] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" "192.168.80.1"
tail -f /var/log/nginx/access.log
192.168.80.110 - - [25/Jul/2022:14:33:06 +0800] "GET / HTTP/1.1" 304 0 "-" "-" "192.168.80.1"
2.1版本以上用下面指令http-request和http-response代替
http-request add-header <name> <fmt> [ { if | unless } <condition> ]
http-request del-header <name> [ { if | unless } <condition> ]
示例:http-request add-header X-Haproxy-Current-Date %T
http-response add-header <name> <fmt> [ { if | unless } <condition> ]
http-response del-header <name>
#示例:http-response del-header Server
范例:
listen web_port
bind 10.0.0.7:80
http-request add-header X-Haproxy-Current-Date %T
http-response del-header server
mode http
log global
option httpchk
http-check expect status 200
server web1 10.0.0.17:80 check inter 3000 fall 2 rise 5
server web2 10.0.0.27:80 check inter 3000 fall 2 rise 5
#查看后端服务器日志
tail –f /var/log/httpd/acesss_log
10.0.0.7 - - [05/Apr/2020:20:13:48 +0800] "GET / HTTP/1.1" 200 10 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) l
ibcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "05/Apr/2020:12:13:48 +0000"
