报文修改
在http模式下,基于实际需求修改客户端的请求报文与响应报文,通过reqadd和reqdel在请求报文添加删除字段,通过rspadd与rspidel在响应报文中添加与删除字段。
注意:此功能的以下相关指令在2.1版本中已经取消
官方文档:参看2.0的帮助文档
http://cbonte.github.io/haproxy-dconv/2.0/configuration.html#4-rspadd#在向后端服务器转发的请求报文尾部添加指定首部
reqadd <string> [{if | unless} <cond>]
示例:reqadd X-Via:\ HAPorxy
#在向后端服务器转发的请求报文中删除匹配正则表达式的首部
reqdel <search> [{if | unless} <cond>]
reqidel <search> [{if | unless} <cond>] #忽略大小写
示例:reqidel user-agent
#在向前端客户端转发的响应报文尾部添加指定首部
rspadd <string> [{if | unless} <cond>]
示例:
rspadd X-Via:\ HAPorxy
rspadd Server:\ wanginx
#从向前端客户端转发的响应报文中删除匹配正则表达式的首部
rspdel <search> [{if | unless} <cond>]
rspidel <search> [{if | unless} <cond>] #忽略大小写
示例:
rspidel ^server:.* #从响应报文删除server信息
rspidel X-Powered-By:.* #从响应报文删除X-Powered-By信息,一般此首部字段保存php版本信息2.1版本以上用下面指令http-request和http-response代替
官方文档:
http://cbonte.github.io/haproxy-dconv/2.1/configuration.html#4-http-request
http://cbonte.github.io/haproxy-dconv/2.1/configuration.html#4-http-response配置说明:
http-request add-header <name> <fmt> [ { if | unless } <condition> ]
示例:http-request add-header X-Haproxy-Current-Date %T
http-request del-header <name> [ { if | unless } <condition> ]
http-response add-header <name> <fmt> [ { if | unless } <condition> ]
http-response del-header <name>
#示例:
http-response del-header Server 范例:
#添加向后端报务器发起的请求报文首部
vim haproxy.cfg
frontend main *:80
# bind *:80
default_backend websrvs
reqadd testheader:\ haporxyserver 加此行,只有一 个空格,并需要转义
#在后端httpd服务器
vim /etc/httpd/conf/httpd.conf
LogFormat "%{testheader}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
#查看日志
tail –f /var/log/httpd/acesss_log 范例:
#添加响应报文首部
vim haproxy.cfg
frontend main *:80
# bind *:80
default_backend websrvs
rspadd X-Via:\ HAPorxy-1 #加此行
maxconn 5000
#客户端访问调试模式,查看reponse headers,看到
Server: Apache/2.2.15 (CentOS) 系统自带显示
X-Via: HAPorxy-1范例:
#删除响应报文中的server首部
vim haproxy.cfg
frontend main *:80
# bind *:80
default_backend websrvs
rspadd X-Via:\ HAPorxy-1
rspdel Server 或者 rspidel server #加此行 ,忽略大小写
rspidel X-Powered-By:.* #删除Php版本
maxconn 5000
#客户端访问调试模式,查看reponse headers,看到
Server: Apache/2.2.15 (CentOS) 此行消失
X-Via: HAPorxy-1范例:
#增加响应报文的首部,实现伪装Server首部
vim haproxy.cfg
frontend main *:80
# bind *:80
default_backend websrvs
rspadd X-Via:\ HAPorxy-1
rspdel Server #或者 rspidel server
rspadd Server:\ wanginx #增加此行
[root@internet ~]#curl -i 172.16.0.100
HTTP/1.1 200 OK
date: Thu, 09 Apr 2020 08:32:10 GMT
last-modified: Thu, 09 Apr 2020 01:23:18 GMT
etag: "f-5a2d17630635b"
accept-ranges: bytes
content-length: 15
content-type: text/html; charset=UTF-8
server: wanginx
RS1 10.0.0.17 范例:
[root@centos7 ~]#vim /etc/haproxy/haproxy.cfg
listen web_port
bind 10.0.0.7:80
http-request add-header X-Haproxy-Current-Date %T
http-response del-header server
mode http
log global
option httpchk
http-check expect status 200
server web1 10.0.0.17:80 check inter 3000 fall 2 rise 5
server web2 10.0.0.27:80 check inter 3000 fall 2 rise 5
#查看后端服务器日志
tail –f /var/log/httpd/acesss_log
10.0.0.7 - - [05/Apr/2020:20:13:48 +0800] "GET / HTTP/1.1" 200 10 "-" "curl/7.19.7 (x86_64-redhat-linux-gnu) l
ibcurl/7.19.7 NSS/3.27.1 zlib/1.2.3 libidn/1.18 libssh2/1.4.2" "05/Apr/2020:12:13:48 +0000"本文链接:https://www.yunweipai.com/35289.html
网友评论comments