relayd.conf

# $OpenBSD: relayd.conf,v 1.5 2018/05/06 20:56:55 benno Exp $
#
# Macros
#
ext_IPv4="em0"					# egress freedns.afraid.org
ext_IPv6="2001:470:b35c:ed9e::ace:face"		# egress freedns.afraid.org
include "/etc/pf.conf.macro.relayd"		# vether0 fallback/relay.vedetta.lan

# Redirect/Relay
#web1_IPv4="172.16.5.172"			# vlan5 www1.vedetta.lan
#web1_IPv6="fd80:1fe9:fcee:acdc::bad:face"	# vlan5 www1.vedetta.lan
#web2_IPv4="192.168.7.192"			# vlan7 www2.vedetta.lan
#web2_IPv6="fd80:1fe9:fcee:baba::bad:face"	# vlan7 www2.vedetta.lan
#ssh1_IPv4=""					# carp0 router.vedetta.lan
#ssh1_IPv6=""					# carp0 router.vedetta.lan

#
# Each table will be mapped to a pf table.
#
#table <dnshosts> {}
#table <dnshosts6> {}
#table <ntphosts> {}
#table <ntphosts6> {}
#table <webhosts> { $web1_IPv4 $web2_IPv4 }
#table <webhosts6> { $web1_IPv6 $web2_IPv6 }
table <fallback> { $fb1_IPv4 retry 2 }
table <fallback6> { $fb1_IPv6 retry 2 }
#table <apphosts> {}

#
# Global Options
#
# interval 10
# timeout 200
# prefork 3
log state changes
log connection #errors

#
# Map NTP to a rdr rule
#
include "/etc/relayd.conf.redirect.ntp"

#
# Map HTTP to a rdr rule 
#
include "/etc/relayd.conf.redirect.http"

#
# Relay and protocol for HTTP layer 7 loadbalancing and SSL/TLS acceleration
#
include "/etc/relayd.conf.relay.https"

#
# DNS-sanitizing protocol: replace requested IDs in the DNS header with random values, and layer 7 loadbalancing
#
include "/etc/relayd.conf.relay.domain"

#
# Relay and protocol for simple TCP forwarding on layer 7
#
include "/etc/relayd.conf.relay.ssh"

#
# Relay and protocol for a transparent HTTP proxy
#
include "/etc/relayd.conf.proxy.http"

#
# Relay and protocol for a transparent HTTPS proxy
#
# (!) see https://github.com/vedetta-com/vedetta/issues/82
include "/etc/relayd.conf.proxy.https"