Merge branch 'packet_edit' into autotools-fix(releng)

[ultramonkey-l7/sslproxy.git] / conf / sslproxy.target.cf

diff --git a/conf/sslproxy.target_1.cf b/conf/sslproxy.target.cf
similarity index 55%
rename from conf/sslproxy.target_1.cf
rename to conf/sslproxy.target.cf
index 766e191..8be6ba4 100644 (file)
--- a/conf/sslproxy.target_1.cf
+++ b/conf/sslproxy.target.cf
@@ -3,8 +3,8 @@
 
 [sslproxy]
 # Global configuration.
-recv_endpoint = "10.144.169.70:33333"
-target_endpoint = "10.144.169.70:11111"
+recv_endpoint = "0.0.0.0:443"
+target_endpoint = "208.77.188.166:80"
 num_thread = 10
 timeout_sec = 30
 
@@ -22,8 +22,8 @@ private_key_passwd_from = "file"
 private_key_passwd_dir = "/etc/l7vs/sslproxy/"
 private_key_passwd_file = "passwd.txt"
 verify_options = "SSL_VERIFY_NONE"
-verify_options = "SSL_VERIFY_PEER"
-verify_options = "SSL_VERIFY_FAIL_IF_NO_PEER_CERT"
+#verify_options = "SSL_VERIFY_PEER"
+#verify_options = "SSL_VERIFY_FAIL_IF_NO_PEER_CERT"
 #verify_options = "SSL_VERIFY_CLIENT_ONCE"
 verify_cert_depth = 9
 #ssl_options = "SSL_OP_MICROSOFT_SESS_ID_BUG"
@@ -41,7 +41,7 @@ ssl_options = "SSL_OP_ALL"
 #ssl_options = "SSL_OP_COOKIE_EXCHANGE"
 #ssl_options = "SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION"
 #ssl_options = "SSL_OP_SINGLE_ECDH_USE"
-ssl_options = "SSL_OP_SINGLE_DH_USE"
+#ssl_options = "SSL_OP_SINGLE_DH_USE"
 #ssl_options = "SSL_OP_EPHEMERAL_RSA"
 #ssl_options = "SSL_OP_CIPHER_SERVER_PREFERENCE"
 #ssl_options = "SSL_OP_TLS_ROLLBACK_BUG"
@@ -52,8 +52,8 @@ ssl_options = "SSL_OP_NO_SSLv2"
 #ssl_options = "SSL_OP_PKCS1_CHECK_2"
 #ssl_options = "SSL_OP_NETSCAPE_CA_DN_BUG"
 #ssl_options = "SSL_OP_NETSCAPE_DEMO_CIPHER_CHANGE_BUG"
-tmp_dh_dir = "/etc/l7vs/sslproxy/"
-tmp_dh_file = "dh512.pem"
+#tmp_dh_dir = "/etc/l7vs/sslproxy/"
+#tmp_dh_file = "dh512.pem"
 cipher_list = "ALL:!ADH:!LOW:!EXP:!MD5:@STRENGTH"
 
 # SSL session cache configuration.
@@ -61,10 +61,43 @@ session_cache = "on"
 session_cache_size = 20480
 session_cache_timeout = 300
 
+# Packet edit configuration.
+# http_request_header:  Edit HTTP client request header message.
+# http_response_header: Edit HTTP server response header message.
+#   Format: "mode:header-field-name[:header-field-value[:replace-value]]
+#   Mode:   'set', 'unset', 'add' or 'replace'
+#   Macro:  %{CLIENT_ADDR} -> client IP address
+#           %{CLIENT_PORT} -> client port number
+#           %{SERVER_ADDR} -> server IP address
+#           %{SERVER_PORT} -> server port number
+#           %{RECV_ADDR}   -> sslproxy IP address
+#           %{RECV_PORT}   -> sslproxy port number
+#   Example: Insert or overwrite "X-Forwarded-Proto: https"
+#http_request_header = "set:X-Forwarded-Proto:https"
+#   Example: Change Host to real address
+#http_request_header = "set:Host:%{SERVER_ADDR}:%{SERVER_PORT}"
+#   Example: Remove "Cookie" field
+#http_request_header = "unset:Cookie"
+#   Example: Add "X-Forwarded-For: old-value,new-value"
+#            or insert "X-Forwarded-For: new-value"
+#http_request_header = "add:X-Forwarded-For:%{CLIENT_ADDR}"
+#   Example: Add or insert "Via"
+#http_request_header = "add:Via:HTTP/1.1 myserver (sslproxy/1.0)"
+#   Example: Replace keep-alive to close
+#http_request_header = "replace:Connection:keep-alive:close"
+#   Example: Replace MSIE User-Agent to Firefox (regex)
+#http_request_header = "replace:User-Agent:^.*MSIE.*$:Mozilla/5.0 (Windows; U; Windows NT 5.1) Firefox/3.0.0"
+#   Example: Add "Set-Cookie"
+#http_response_header = "add:Set-Cookie:sslproxy=on; path=/; secure"
+#   Example: Remove "Server"
+#http_response_header = "unset:Server"
+#   Example: Change "Content-Type" text/html to text/plain
+#http_response_header = "replace:Content-Type:html:plain"
+
 [logger]
 ## SSLProxy log configuration.
 # sslproxy logfile base name
-sslproxy_log_filename = "/var/log/l7vs/sslproxy/sslproxy.target_1.log"
+sslproxy_log_filename = "/var/log/l7vs/sslproxy/sslproxy.target.log"
 
 # sslproxy log rotate pattern
 sslproxy_rotation = "size"
@@ -86,7 +119,7 @@ sslproxy_max_filesize = "10M"
 conn_log_flag = "on"
 
 # connection logfile base name
-conn_log_filename = "/var/log/l7vs/sslproxy/sslproxy.target_1.conn_log"
+conn_log_filename = "/var/log/l7vs/sslproxy/sslproxy.target.conn_log"
 
 # connection log rotate pattern
 #conn_rotation = "size"
@@ -104,10 +137,12 @@ conn_rotation_timing = "month"
 conn_rotation_timing_value = "1 0:01"
 
 # Log categories level
-sslproxy_logger                        = "warn"
-sslproxy_parameter             = "warn"
-sslproxy_common                        = "warn"
-sslproxy_server                        = "warn"
-sslproxy_session               = "warn"
-sslproxy_connection            = "info"
+sslproxy_logger     = "warn"
+sslproxy_parameter  = "warn"
+sslproxy_common     = "warn"
+sslproxy_server     = "warn"
+sslproxy_session    = "warn"
+sslproxy_connection = "info"
+packet_edit         = "info"
+packet_edit_http    = "info"