TCP with ACL possible?


#1

Hi,

Is it possible to route/proxy mode tcp someway similar to mode http with ACL rules?

We are short on public IP addresses and we want to route the requests to to private IPs depending on the header. I am aware that with the tcp mode we cannot use hdr(host). I am giving the example to visualize it.

Can it be done with a workaround or by any other linux based application?

For example:
mode tcp
option tcplog

bind *:1935

acl host_t01 hdr(host) -i t01.domain.com
acl host_t02 hdr(host) -i t02.domain.com
acl host_t03 hdr(host) -i t03.domain.com

use_backend backend_t01 if host_t01
use_backend backend_t02 if host_t02
use_backend backend_t03 if host_t03

Thanks


#2

You should be able to do this by using “mode http” on the frontend and “mode tcp” on the backend.