mirror of
https://git.FreeBSD.org/ports.git
synced 2024-10-19 19:59:43 +00:00
SNIproxy - Proxies incoming HTTP and TLS connections based on the
hostname contained in the initial request of the TCP session. This enables HTTPS name-based virtual hosting to separate backend servers without installing the private key on the proxy machine. Features: Name-based proxying of HTTPS without decrypting traffic. No keys or certificates required. Supports both TLS and HTTP protocols. Supports IPv4, IPv6 and Unix domain sockets for both back end servers and listeners. Supports multiple listening sockets per instance. Supports HAProxy proxy protocol to propagate original source address to backend servers. WWW: https://github.com/dlundquist/sniproxy
This commit is contained in:
parent
0b009e9058
commit
b8754765ff
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/head/; revision=468034
@ -1373,6 +1373,7 @@
|
||||
SUBDIR += smm++
|
||||
SUBDIR += sngrep
|
||||
SUBDIR += sniffit
|
||||
SUBDIR += sniproxy
|
||||
SUBDIR += sntop
|
||||
SUBDIR += sobby
|
||||
SUBDIR += socat
|
||||
|
42
net/sniproxy/Makefile
Normal file
42
net/sniproxy/Makefile
Normal file
@ -0,0 +1,42 @@
|
||||
# $FreeBSD$
|
||||
|
||||
PORTNAME= sniproxy
|
||||
DISTVERSION= 0.5.0
|
||||
CATEGORIES= net
|
||||
|
||||
MAINTAINER= krion@FreeBSD.org
|
||||
COMMENT= Proxy that routes based on TLS server name extension
|
||||
|
||||
LICENSE= BSD2CLAUSE
|
||||
LICENSE_FILE= ${WRKSRC}/COPYING
|
||||
|
||||
LIB_DEPENDS= libev.so:devel/libev \
|
||||
libpcre.so:devel/pcre \
|
||||
libudns.so:dns/udns
|
||||
|
||||
USES= autoreconf:build gettext pkgconfig
|
||||
|
||||
SUB_FILES= pkg-message
|
||||
USE_RC_SUBR= sniproxy
|
||||
|
||||
USE_GITHUB= yes
|
||||
GH_ACCOUNT= dlundquist
|
||||
|
||||
GNU_CONFIGURE= yes
|
||||
USE_LDCONFIG= yes
|
||||
|
||||
PLIST_FILES= man/man5/sniproxy.conf.5.gz \
|
||||
man/man8/sniproxy.8.gz \
|
||||
sbin/sniproxy \
|
||||
"@sample etc/sniproxy.conf.sample"
|
||||
|
||||
pre-configure:
|
||||
cd ${WRKSRC} && ${SH} autogen.sh
|
||||
|
||||
post-patch:
|
||||
@${REINPLACE_CMD} -e 's|/var/tmp/|/var/run/|' ${WRKSRC}/${PORTNAME}.conf
|
||||
|
||||
post-install::
|
||||
${INSTALL_DATA} ${WRKSRC}/sniproxy.conf ${STAGEDIR}${PREFIX}/etc/sniproxy.conf.sample
|
||||
|
||||
.include <bsd.port.mk>
|
3
net/sniproxy/distinfo
Normal file
3
net/sniproxy/distinfo
Normal file
@ -0,0 +1,3 @@
|
||||
TIMESTAMP = 1524378674
|
||||
SHA256 (dlundquist-sniproxy-0.5.0_GH0.tar.gz) = 0b8dd06f9aa9e1c4151b572caf645ffceacdd35a139ded16a7fb0035452c17e5
|
||||
SIZE (dlundquist-sniproxy-0.5.0_GH0.tar.gz) = 72654
|
9
net/sniproxy/files/pkg-message.in
Normal file
9
net/sniproxy/files/pkg-message.in
Normal file
@ -0,0 +1,9 @@
|
||||
*******************************************************************
|
||||
Enable sniproxy in /etc/rc.conf with the following line:
|
||||
|
||||
sniproxy_enable="YES"
|
||||
|
||||
A configuration template is available in
|
||||
%%PREFIX%%/etc/sniproxy.conf
|
||||
|
||||
*******************************************************************
|
39
net/sniproxy/files/sniproxy.in
Normal file
39
net/sniproxy/files/sniproxy.in
Normal file
@ -0,0 +1,39 @@
|
||||
#!/bin/sh
|
||||
#
|
||||
#$FreeBSD$
|
||||
#
|
||||
|
||||
# PROVIDE: sniproxy
|
||||
# REQUIRE: SERVERS cleanvar
|
||||
# BEFORE: DAEMON
|
||||
# KEYWORD: shutdown
|
||||
|
||||
#
|
||||
# Add the following lines to /etc/rc.conf to enable sniproxy:
|
||||
#
|
||||
# sniproxy_enable="YES"
|
||||
#
|
||||
#
|
||||
|
||||
. /etc/rc.subr
|
||||
|
||||
name=sniproxy
|
||||
rcvar=sniproxy_enable
|
||||
|
||||
command=%%PREFIX%%/sbin/sniproxy
|
||||
|
||||
pidfile=${sniproxy_pidfile:-"/var/run/sniproxy.pid
|
||||
|
||||
sniproxy_enable=${sniproxy_enable:-"NO"}
|
||||
sniproxy_conf=${sniproxy_conf:-"%%PREFIX%%/etc/sniproxy.conf"}
|
||||
|
||||
stop_postcmd="rm -f $pidfile"
|
||||
sig_reload="HUP"
|
||||
|
||||
load_rc_config ${name}
|
||||
|
||||
required_files=${sniproxy_conf}
|
||||
|
||||
command_args="-c ${sniproxy_conf}"
|
||||
run_rc_command "$1"
|
||||
|
21
net/sniproxy/pkg-descr
Normal file
21
net/sniproxy/pkg-descr
Normal file
@ -0,0 +1,21 @@
|
||||
SNIproxy - Proxies incoming HTTP and TLS connections based on the
|
||||
hostname contained in the initial request of the TCP session. This
|
||||
enables HTTPS name-based virtual hosting to separate backend servers
|
||||
without installing the private key on the proxy machine.
|
||||
|
||||
Features:
|
||||
|
||||
Name-based proxying of HTTPS without decrypting traffic. No keys or
|
||||
certificates required.
|
||||
|
||||
Supports both TLS and HTTP protocols.
|
||||
|
||||
Supports IPv4, IPv6 and Unix domain sockets for both back end
|
||||
servers and listeners.
|
||||
|
||||
Supports multiple listening sockets per instance.
|
||||
|
||||
Supports HAProxy proxy protocol to propagate original source address
|
||||
to backend servers.
|
||||
|
||||
WWW: https://github.com/dlundquist/sniproxy
|
Loading…
Reference in New Issue
Block a user