nginx+squid根据域名转发80+443端口
时间:2025-07-24 来源:未知 投稿:admin 点击:次
需求:
80 和 443端口,根据域名,泛解析,转发到不同的IP地址+端口。其他端口转发至不同的IP地址+端口。
squid配置文件:
例:
# 监听 80 端口,作为反向代理
http_port 80 accel vhost vport
# 定义 ACL(访问控制列表)
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl localnet src 10.0.0.0/8 # RFC1918 内网地址
acl localnet src 172.16.0.0/12
acl localnet src 192.168.0.0/16
# 定义要允许访问的域名
acl allowed_domains dstdomain -i .chaojiyun.com .gefeng.net
# 定义后端服务器
cache_peer 58.218.199.20 parent 80 0 no-query originserver name=chaojiyun.com
cache_peer_domain .chaojiyun.com chaojiyun.com
cache_peer 58.218.199.20 parent 80 0 no-query originserver name=gefeng.net
cache_peer_domain .gefeng.net gefeng.net
# 管理访问控制
http_access allow manager localhost
http_access deny manager
# 允许本地网络访问
http_access allow localnet
http_access allow localhost
# 允许指定的域名访问
http_access allow allowed_domains
# 默认拒绝所有其他请求
http_access deny all
# 禁用缓存
cache deny all
cache_mem 0 MB
maximum_object_size_in_memory 0 KB
cache_dir null /tmp
nginx配置:
例:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
stream {
server {
listen 1019;
proxy_connect_timeout 5s;
proxy_timeout 20s;
proxy_pass 103.60.166.74:1019;
}
server {
listen 1007;
proxy_connect_timeout 5s;
proxy_timeout 20s;
proxy_pass 103.60.166.74:1007;
}
server {
listen 1043;
proxy_connect_timeout 5s;
proxy_timeout 20s;
proxy_pass 103.60.166.74:1043;
}
#开始443根据域名转发
map $ssl_preread_server_name $name {
~^[a-zA-Z0-9.-]+.gefeng.net$ 58.218.199.20:443;
~^[a-zA-Z0-9.-]+.chaojiyun.com$ 58.218.199.20:443;
# 默认情况(可选)
default 127.0.0.1:0; # 拒绝未匹配的请求
}
server {
listen 443;
proxy_pass $name;
ssl_preread on;
access_log off;
}
}
80 和 443端口,根据域名,泛解析,转发到不同的IP地址+端口。其他端口转发至不同的IP地址+端口。
squid配置文件:
例:
# 监听 80 端口,作为反向代理
http_port 80 accel vhost vport
# 定义 ACL(访问控制列表)
acl manager proto cache_object
acl localhost src 127.0.0.1/32 ::1
acl localnet src 10.0.0.0/8 # RFC1918 内网地址
acl localnet src 172.16.0.0/12
acl localnet src 192.168.0.0/16
# 定义要允许访问的域名
acl allowed_domains dstdomain -i .chaojiyun.com .gefeng.net
# 定义后端服务器
cache_peer 58.218.199.20 parent 80 0 no-query originserver name=chaojiyun.com
cache_peer_domain .chaojiyun.com chaojiyun.com
cache_peer 58.218.199.20 parent 80 0 no-query originserver name=gefeng.net
cache_peer_domain .gefeng.net gefeng.net
# 管理访问控制
http_access allow manager localhost
http_access deny manager
# 允许本地网络访问
http_access allow localnet
http_access allow localhost
# 允许指定的域名访问
http_access allow allowed_domains
# 默认拒绝所有其他请求
http_access deny all
# 禁用缓存
cache deny all
cache_mem 0 MB
maximum_object_size_in_memory 0 KB
cache_dir null /tmp
nginx配置:
例:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
stream {
server {
listen 1019;
proxy_connect_timeout 5s;
proxy_timeout 20s;
proxy_pass 103.60.166.74:1019;
}
server {
listen 1007;
proxy_connect_timeout 5s;
proxy_timeout 20s;
proxy_pass 103.60.166.74:1007;
}
server {
listen 1043;
proxy_connect_timeout 5s;
proxy_timeout 20s;
proxy_pass 103.60.166.74:1043;
}
#开始443根据域名转发
map $ssl_preread_server_name $name {
~^[a-zA-Z0-9.-]+.gefeng.net$ 58.218.199.20:443;
~^[a-zA-Z0-9.-]+.chaojiyun.com$ 58.218.199.20:443;
# 默认情况(可选)
default 127.0.0.1:0; # 拒绝未匹配的请求
}
server {
listen 443;
proxy_pass $name;
ssl_preread on;
access_log off;
}
}
如果您的问题仍未解决,还可以加入服务器在线技术交流QQ群:8017413寻求帮助。
上一篇:nginx配置https证书
下一篇:没有了
下一篇:没有了
相关内容
