On Thu, Nov 28, 2019 at 9:33 PM yoav.cohen <nginx-fo...@forum.nginx.org>
wrote:
> Dear experts,
>
> We are evaluating nginx as a platform for the product of our new startup
> company.
>
> Our use-case requires a TCP proxy that will terminate TLS, which nginx
> handles very well. However, we need to be able to send all TCP traffic to
> another process for offline processing.
>
> Initially we thought we could write a NGX_STREAM_MODULE (call it
> tcp_mirror)
> that will be able to read both the downstream bytes (client <--> nginx) and
> upstream bytes (proxy <--> server) and send them to another process, but
> after looking at a few module examples and trying out a few things we
> understood that we can only use a single content handler for each stream
> configuration.
>
> For example, we were hoping the following mock configuration would work for
> us, but realized we can't have both proxy_pass and tcp_mirror under server
> because there can be only one content handler:
> stream {
> server {
> listen 12346;
> proxy_pass backend.example.com:12346;
> tcp_mirror processor.acme.com:6666;
> }
> }
>
> The above led us to the conclusion that in order to implement our use-case
> we would have to write a new proxy_pass module, more specifically we would
> have to re-write ngx_stream_proxy_module.c. The idea is that we would
> manage
> two upstreams, the server and the processor. The configuration would look
> something like this:
> stream {
> server {
> listen 12346;
> proxy_pass_mirror backend.example.com:12346
> processor.acme.com:6666;
> }
> }
>
> Before we begin implementation of this design, we wanted to consult with
> the
> experts here and understand whether anyone has a better idea on how to
> implement our use-case on top of nginx.
>
> Thanks in advance,
> Yoav Cohen.
>
>
Have you tried http://nginx.org/en/docs/http/ngx_http_mirror_module.html ?
Regards,
Marcin Wanat
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
