Nginx 代理TCP/UDP 端口

Nginx 在1.9版本后新增TCP/UDP 代理

Nginx默认是没有开启TCP/UDP代理。需要在编译Nginx是添加--with-stream进行开启。

编译安装Nginx

tar zxf cd nginx-1.16.1.tar.gz
cd nginx-1.16.1/
./configure  --user=www --prefix=/usr/local/nginx --with-http_ssl_module --with-http_stub_status_module --with-pcre --with-stream
make
make install

修改nginx.conf配置文件

user www www;
worker_processes 4;
error_log /data/log/nginx_log/nginx_error.log notice;
pid /usr/local/nginx/sbin/nginx.pid;
worker_rlimit_nofile 204800;
events
        {
        use epoll;
        worker_connections 204800;
        }
http
        {
        include mime.types;
        default_type  application/octet-stream;
        charset utf-8;
        server_tokens off;
        server_names_hash_bucket_size 512;
        client_header_buffer_size 512k;
        large_client_header_buffers 64 512k;
        client_max_body_size 100m;
        proxy_ignore_client_abort on;
        sendfile on;
        tcp_nopush on;
        keepalive_timeout 120;
        keepalive_requests 1024;
        fastcgi_cache_path /usr/local/nginx/fastcgi_cache levels=1:2 keys_zone=TEST:10m inactive=30d max_size=3096m;
        fastcgi_connect_timeout 300;
        fastcgi_send_timeout 300;
        fastcgi_read_timeout 300;
        fastcgi_buffer_size 4k;
        fastcgi_buffers 8 4k;
        fastcgi_busy_buffers_size 8k;
        fastcgi_temp_file_write_size 8k;
#       fastcgi_cache TEST;
        fastcgi_cache_valid 200 302 1h;
        fastcgi_cache_valid 301 1d;
        fastcgi_cache_valid any 1m;
        fastcgi_cache_min_uses 1;
        fastcgi_cache_use_stale error timeout invalid_header http_500;
        open_file_cache max=204800 inactive=20s;
        open_file_cache_min_uses 1;
        open_file_cache_valid 60s;
        tcp_nodelay on;
        gzip on;
        gzip_min_length 1k;
        gzip_buffers 16 64k;
        gzip_http_version 1.1;
        gzip_comp_level 6;
        gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
        gzip_vary on;
        log_format access '$remote_addr - $remote_user [$time_local] "$request" '
                         '"$status" $body_bytes_sent "$http_referer" '
                         '"$http_user_agent" "$http_x_forwarded_for" '
                         '"$upstream_addr" "$upstream_status" "$request_time" "$upstream_response_time" $bytes_sent $request_length';

include  /usr/local/nginx/conf/vhosts/*.conf;
}

stream
    {
        include  /usr/local/nginx/conf/ports/*.conf;
}

　由于http 和 stream是两个不同的模块，所以不能写在一些
   在http下面新增stream的配置信息

编写代理ports配置文件

代理UDP文件：
vi /usr/local/nginx/conf/ports/udp.conf
upstream backend {
        server 192.168.6.110:1812;
    }
server {
        listen 8686 udp reuseport;
        proxy_connect_timeout 8s;
        proxy_timeout 24h;   #代理超时
        proxy_pass backend;
        proxy_responses 1;
}

代理TCP

upstream backend {
        server 10.7.2.86:1521;
    }
server {
        listen 8686;
        proxy_connect_timeout 8s;
        proxy_timeout 24h;   #代理超时
        proxy_pass backend;
    }　　

启动Nginx，进行测试