On Mon, 20 Jun 2011 16:05:28 +0200, Balazs Scheidler wrote:
On Wed, 2011-06-15 at 15:48 +0200, Csányi Krisztián wrote:
Sziasztok!
Egy Zorp 3.3-mon működő megoldást szeretnék 3.9-re átültetni. Röviden így néz ki:
Service('outside_HTTPS_wildcard.xyz.hu', HttpsPublicWildcardXyz, chainer=SideStackChainer(right_class=HttpPublicDirector, right_chainer=ConnectChainer(protocol=ZD_PROTO_AUTO)), router=TransparentRouter(forge_addr=TRUE)) Dispatcher(DBSockAddr(SockAddrInet('__IP_OUTSIDE', 50443, ZD_PROTO_TCP), 'outside_HTTPS_wildcard.xyz.hu', transparent=TRUE)
A HttpsPublicWildcardXyz egy sima PsslProxy aminek van egy self.client_cert_file és client_key_file megadva. (wildcardos)
A HttpPublicDirector pedig egy sima HttpProxy, ahol self.request_url_host alapján döntünk, hogy melyik szervernek dobódjon át a forgalom.
A kérdésem, hogy mi a fentieknek az elegáns megoldása 3.9 alatt? (Tekintettel arra, hogy már minden proxy támogat SSL-t) A fenti megoldás már nem működik 3.9-en.
be tudnad dobni a proxy class-t is? Persze:
########################### class PublicHttpProxyBase(HttpProxy): def config(self): HttpProxy.config(self) self.request['GET'] = (HTTP_REQ_POLICY, self.filterURL) self.request['POST'] = (HTTP_REQ_POLICY, self.filterURL) self.request['HEAD'] = (HTTP_REQ_POLICY, self.filterURL) self.response['*', '401'] = (HTTP_RSP_ACCEPT) self.response['*', '4'] = (HTTP_RSP_POLICY, self.filterError) self.response['*', '5'] = (HTTP_RSP_POLICY, self.filterError) self.response_headers['Server'] = (HTTP_HDR_DROP) self.response_headers['X-Powered-By'] = (HTTP_HDR_DROP) self.response_headers['X-AspNet-Version'] = (HTTP_HDR_DROP) self.error_silent = TRUE self.transparent_mode = TRUE self.permit_proxy_requests = FALSE def filterURL(self, method, url, version): log('http.info', 3, "%s: %s" % (method, url)) return HTTP_REQ_ACCEPT def filterError(self, method, url, version, response): self.error_status = 404 self.error_msg = 'not found' return HTTP_RSP_DENY ########################### class HttpPublicDirector(PublicHttpProxyBase): def config(self): PublicHttpProxyBase.config(self) def filterURL(self, method, url, version): if self.request_url_host == 'a.xyz.hu': self.session.setServer(SockAddrInet('192.168.168.100', 80)) elif self.request_url_host == 'b.xyz.hu': self.session.setServer(SockAddrInet('192.168.168.25', 80)) elif self.request_url_host == 'c.xyz.hu': self.session.setServer(SockAddrInet('192.168.169.10', 80)) elif self.request_url_host == '192.168.169.10': self.session.setServer(SockAddrInet('192.168.169.10', 80)) else: log('http.info', 3, "Public http access denied: %s: %s" % (method, url)) return HTTP_REQ_ABORT log('http.info', 3, "%s: %s" % (method, url)) return HTTP_REQ_ACCEPT def __destroy__(self): log(self.session.session_id, CORE_DEBUG, 3, "Accounting data: client_address='%s', server_address='%s', client_stream_recvd='%s', client_stream_sent='%s'", (self.session.client_address, self.session.server_address, self.session.client_stream.bytes_recvd,self.session.client_stream.bytes_sent)) PublicHttpProxyBase.__destroy__(self) ########################### class HttpsPublicWildcardXyz(PsslProxy): def config(self): PsslProxy.config(self) self.client_cert_file = "/etc/zorp/certs/wildcard.xyz.hu-cert.pem" self.client_key_file = "/etc/zorp/certs/wildcard.xyz.hu-key.pem"