table <webpool> { 192.168.10.31 } table <rdrpool> { 192.168.10.78 }
http protocol somename { tcp { nodelay, sack, backlog 1024 } match header set "Proxy" value "filtered" match header set "X-Forwarded-For" value "$REMOTE_ADDR" match header set "X-Forwarded-By" value "$REMOTE_ADDR:$SERVER_PORT" match header set "Keep-Alive" value "$TIMEOUT" match request header remove "Proxy" match request path "/hello*" forward to <rdrpool> } relay somerelay { listen on 1.2.3.4 port 80 protocol somename forward to <webpool> port 80 mode roundrobin check http "/" code 200 forward to <rdrpool> port 92 mode roundrobin check tcp } Something like this. But there is a catch with PF in between. Once client hits http://whatever.org/hello , PF state will be created and if it tries to reach normal http://whatever.org it WILL BE redirected to servers housing /hello part. One way to solve it is to lower tcp.established towards internal machines. In example above, to <rdrpool>: pass out on { $INT_IF } proto tcp from self to <rdrpool> port 92 keep state (tcp.established 10) br P.S. In my env. I share file with tables between pf and relayd. eg include ”/etc/pf/tables” in relays.conf . > 23 feb. 2017 kl. 03:02 skrev Lyndon Nerenberg <lyn...@orthanc.ca>: > > My relayd.conf fu is lame and needs help. Given the following config: > > > ---8<---8<--- > > interval 60 > timeout 2000 > > table <webhosts> { w1.example.com w2.example.com w3.example.com } > > http protocol https { > > tcp { nodelay, sack } > match request header append "X-Forwarded-For" value "$REMOTE_ADDR" > match request header append "X-Forwarded-By" \ > value "$SERVER_ADDR:$SERVER_PORT" > match request header set "Connection" value "close" > > } > > relay web { > > listen on 203.0.113.5 port 443 tls > protocol https > > forward with tls to <webhosts> port https mode loadbalance \ > check https "/" code 200 > > } > > ---8<---8<--- > > I am trying to figure out how to intercept request paths beginning with "/xy/" > so that I can forward them to a different port in the same server pool. > I.e.: > > https://host.example.com/xy/mumblebarge -> > https://<webhosts>:5555/xy/mumblebarge > > https://host.example.com/anything_else -> https://<webhosts>/anything_else > > It seems this should be possible, but I just can't get my head around > relayd.conf(5) :-( > > --lyndon