> On 31 May 2019, at 12:15, Kamil Andrusz <w...@mniam.net> wrote: > > Hello Misc! > > I’m trying to get relayd working in the following scenario: > - relayd listens on external IP port 443 with tls > - based on the path relay to one of two hosts: > o webhost listening on 443 with tls > o bwhost listening on 4567 just http > > Everything works fine for the webhost. For bwhost I get: > $ curl https://testhost.net/bwhost/index.php > curl: (52) Empty reply from server > > Is it possible to get this working? Am I missing something obvious? > > My relayd config is simple: > ext_if="10.0.0.1" > table <webhost> { 192.168.3.1 } > table <bwhost> { 192.168.3.2 } > > http protocol https { > match request header append "X-Forwarded-For" value "$REMOTE_ADDR" > match request header append "X-Forwarded-By” \ > value "$SERVER_ADDR:$SERVER_PORT" > match request header set "Connection" value "close" > > pass request path "/*" forward to <webhost> > pass request path "/bwhost/*" forward to <bwhost> > } > > relay https { > listen on $ext_if port 443 tls > protocol "https" > forward to <bwhost> port 4567 > forward with tls to <webhost> port 443 > } > > Thanks for help! > Silly to reply to my own mail, BUT. I "fixed” it. After a bit of debugging it turned out, that even though for <bwhost> there’s just „forward to”, relayd is using TLS to connect to it. So I worked around this by using the following solution. It works, even though it shouldn’t be necessary, I think. So, I added additional protocol section, where I pass all the traffic and a relay section just for that one host.
relay https { listen on $ext_if port 443 tls protocol "https" forward to <bwhost> port 8443 forward with tls to <webhost> port 443 } http protocol bwhostfilter { pass forward to <bwhost> } relay bwhostfilter { listen on 127.0.0.1 port 8443 tls protocol bwhostfilter forward to <bwhost> port 4567 } Any hints on how broken this idea is are welcome :) I’m begining to wonder, might this be a bug in relayd? Kamil