Shulou(Shulou.com)06/01 Report--

Commonly used acl matching conditions

-I: insensitive to the case of pattern characters in

-f: loads the schema from the specified file

Path_beg: used to test whether the URL of the request begins with the specified mode

Example: matching url starts with / static, / p_w_picpaths, / javascript / stylesheets

Acl url_static path_beg-I / static / p_w_picpaths / javascript / stylesheets

Path_end: used to test whether the URL of the request ends in the specified mode

Example: matching url ends with jpg, gif, png, css, js

Acl url_static path_end-I .jpg .gif .png .css .js

Hdr_beg: used to test whether the beginning of the specified header of the request message conforms to the specified pattern

Example: the host matching the request starts with img, video, download or ftp

Acl host_static hdr_beg (host)-I img. Video. Download. Ftp.

That is, the domain name for matching access is img.baidu.com,video.baidu.com,download.baidu.com,ftp.baidu.com.

Url_beg: matches the entire url

Example: matching url is http://www.51yunv.com

Acl is_51yunv url_beg http://www.51yunv.com

Use_backend 51yunv if is_51yunv

Dst_port: determines the port of the request

Hdr_sub: judge the customer's user-agent

Example: determine whether the user-agent of the client is a mobile phone

Acl shouji hdr_sub (user-agent)-i android iphone

Define distribution rules:

Implement requests for different projects and distribute them to different backend according to the host header of the request

Hdr_beg (host): judge the host head

Acl is_www hdr_beg (host)-I www.51yunv.com

Acl is_wap hdr_beg (host)-I wap.51yunv.com

Acl is_erp hdr_beg (host)-I erp.51yunv.com

Acl is_interface hdr_beg (host)-I interface.51yunv.com

Use_backend tomcat_erp_v2 if is_erp

Use_backend tomcat_interface_v2 if is_interface

Use_backend tomcat_web_v2 if is_www

Use_backend tomcat_mobile_v2 if is_wap

By defining the above rules, you can access different domain names and distribute them to different backend.

Define redirection rules:

Prefix: indicates a redirected url

Location: indicates that the access path is redirected, that is, the url is unchanged and the path followed by the url is changed.

Redirect prefix http://weihu.51yunv.com/PC if is_www

Redirect prefix http://weihu.51yunv.com/H5 if is_wap

Description:

When accessing is_www, redirect to weihu.51yunv.com/PC

When accessing is_wap, redirect to weihu.51yunv.com/H5

Define release rules:

Release only verified IP addresses or IP range segments

Example: if you are accessing is_www, but the source IP is not the specified IP, use http-request deny to reject

Acl is_www hdr_beg (host)-I www.51yunv.com

Acl is_dns src 116.211.121.0/24 218.65.212.0/24

Http-request deny if is_www! is_dns (direct rejection if the condition is met)

It can also be written as:

Acl is_www hdr_beg (host)-I www.51yunv.com

Acl is_dns src 116.211.121.0/24 218.65.212.0/24

User_backend www if is_www is_dns (backend www is used only if both conditions are met)

Description:

When there are multiple source addresses, separate them with spaces

Define that the mobile phone can only access the mobile end, and the computer side can only access the rules on the computer side:

Forward to wap.51yunv.com when the phone accesses www.51yunv.com

Forward to www.51yunv.com when the computer accesses wap.51yunv.com

Acl is_shouji hdr_sub (user-agent)-i android iphone

Acl is_diannao hdr_beg (host) www

Redirect prefix http://wap.51yunv.com if shouji

Redirect prefix http://www.51yunv.com if is_diannao! is_shouji

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.