Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in / Register
Toggle navigation
N
nghttp2
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
Libraries
nghttp2
Commits
8ccb6e46
Commit
8ccb6e46
authored
Mar 22, 2014
by
Tatsuhiro Tsujikawa
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
nghttpx: Use raw-string iteral to output help
parent
e4dacb2f
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
303 additions
and
308 deletions
+303
-308
src/shrpx.cc
src/shrpx.cc
+303
-308
No files found.
src/shrpx.cc
View file @
8ccb6e46
...
@@ -467,8 +467,8 @@ void print_version(std::ostream& out)
...
@@ -467,8 +467,8 @@ void print_version(std::ostream& out)
namespace
{
namespace
{
void
print_usage
(
std
::
ostream
&
out
)
void
print_usage
(
std
::
ostream
&
out
)
{
{
out
<<
"Usage: nghttpx [OPTIONS]... [<PRIVATE_KEY> <CERT>]
\n
"
out
<<
R"(Usage: nghttpx [OPTIONS]... [<PRIVATE_KEY> <CERT>]
<<
"A reverse proxy for HTTP/2, HTTP/1 and SPDY.
"
<<
std
::
endl
;
A reverse proxy for HTTP/2, HTTP/1 and SPDY.)
"
<<
std
::
endl
;
}
}
}
// namespace
}
// namespace
...
@@ -476,313 +476,308 @@ namespace {
...
@@ -476,313 +476,308 @@ namespace {
void
print_help
(
std
::
ostream
&
out
)
void
print_help
(
std
::
ostream
&
out
)
{
{
print_usage
(
out
);
print_usage
(
out
);
out
<<
"
\n
"
out
<<
R"(
<<
" <PRIVATE_KEY> Set path to server's private key. Required
\n
"
<PRIVATE_KEY> Set path to server's private key. Required
<<
" unless -p, --client or --frontend-no-tls
\n
"
unless -p, --client or --frontend-no-tls are
<<
" are given.
\n
"
given.
<<
" <CERT> Set path to server's certificate. Required
\n
"
<CERT> Set path to server's certificate. Required
<<
" unless -p, --client or --frontend-no-tls
\n
"
unless -p, --client or --frontend-no-tls are
<<
" are given.
\n
"
given.
<<
"Options:
\n
"
Options:
<<
" The options are categorized into several groups.
\n
"
The options are categorized into several groups.
<<
"
\n
"
<<
"Connections:
\n
"
Connections:
<<
" -b, --backend=<HOST,PORT>
\n
"
-b, --backend=<HOST,PORT>
<<
" Set backend host and port.
\n
"
Set backend host and port.
<<
" Default: '
"
Default: ')
"
<<
get_config
()
->
downstream_host
<<
","
<<
get_config
()
->
downstream_host
<<
","
<<
get_config
()
->
downstream_port
<<
"'
\n
"
<<
get_config
()
->
downstream_port
<<
R"('
<<
" -f, --frontend=<HOST,PORT>
\n
"
-f, --frontend=<HOST,PORT>
<<
" Set frontend host and port.
\n
"
Set frontend host and port.
<<
" Default: '"
Default: ')"
<<
get_config
()
->
host
<<
","
<<
get_config
()
->
port
<<
"'
\n
"
<<
get_config
()
->
host
<<
","
<<
get_config
()
->
port
<<
R"('
<<
" --backlog=<NUM> Set listen backlog size. If -1 is given,
\n
"
--backlog=<NUM> Set listen backlog size. If -1 is given,
<<
" libevent will choose suitable value.
\n
"
libevent will choose suitable value.
<<
" Default: "
Default: )"
<<
get_config
()
->
backlog
<<
"
\n
"
<<
get_config
()
->
backlog
<<
R"(
<<
" --backend-ipv4 Resolve backend hostname to IPv4 address
\n
"
--backend-ipv4 Resolve backend hostname to IPv4 address only.
<<
" only.
\n
"
--backend-ipv6 Resolve backend hostname to IPv6 address only.
<<
" --backend-ipv6 Resolve backend hostname to IPv6 address
\n
"
<<
" only.
\n
"
Performance:
<<
"
\n
"
-n, --workers=<CORES>
<<
"Performance:
\n
"
Set the number of worker threads.
<<
" -n, --workers=<CORES>
\n
"
Default: )"
<<
" Set the number of worker threads.
\n
"
<<
get_config
()
->
num_worker
<<
R"(
<<
" Default: "
--read-rate=<RATE>
<<
get_config
()
->
num_worker
<<
"
\n
"
Set maximum average read rate on frontend
<<
" --read-rate=<RATE> Set maximum average read rate on frontend
\n
"
connection. Setting 0 to this option means read
<<
" connection. Setting 0 to this option means
\n
"
rate is unlimited.
<<
" read rate is unlimited.
\n
"
Default: )"
<<
" Default: "
<<
get_config
()
->
read_rate
<<
R"(
<<
get_config
()
->
read_rate
<<
"
\n
"
--read-burst=<SIZE>
<<
" --read-burst=<SIZE>
\n
"
Set maximum read burst size on frontend
<<
" Set maximum read burst size on frontend
\n
"
connection. Setting 0 to this option means read
<<
" connection. Setting 0 to this option means
\n
"
burst size is unlimited.
<<
" read burst size is unlimited.
\n
"
Default: )"
<<
" Default: "
<<
get_config
()
->
read_burst
<<
R"(
<<
get_config
()
->
read_burst
<<
"
\n
"
--write-rate=<RATE>
<<
" --write-rate=<RATE>
\n
"
Set maximum average write rate on frontend
<<
" Set maximum average write rate on frontend
\n
"
connection. Setting 0 to this option means write
<<
" connection. Setting 0 to this option means
\n
"
rate is unlimited.
<<
" write rate is unlimited.
\n
"
Default: )"
<<
" Default: "
<<
get_config
()
->
write_rate
<<
R"(
<<
get_config
()
->
write_rate
<<
"
\n
"
--write-burst=<SIZE>
<<
" --write-burst=<SIZE>
\n
"
Set maximum write burst size on frontend
<<
" Set maximum write burst size on frontend
\n
"
connection. Setting 0 to this option means write
<<
" connection. Setting 0 to this option means
\n
"
burst size is unlimited.
<<
" write burst size is unlimited.
\n
"
Default: )"
<<
" Default: "
<<
get_config
()
->
write_burst
<<
R"(
<<
get_config
()
->
write_burst
<<
"
\n
"
--worker-read-rate=<RATE>
<<
" --worker-read-rate=<RATE>
\n
"
Set maximum average read rate on frontend
<<
" Set maximum average read rate on frontend
\n
"
connection per worker. Setting 0 to this option
<<
" connection per worker. Setting 0 to this
\n
"
means read rate is unlimited.
<<
" option means read rate is unlimited.
\n
"
Default: )"
<<
" Default: "
<<
get_config
()
->
worker_read_rate
<<
R"(
<<
get_config
()
->
worker_read_rate
<<
"
\n
"
--worker-read-burst=<SIZE>
<<
" --worker-read-burst=<SIZE>
\n
"
Set maximum read burst size on frontend
<<
" Set maximum read burst size on frontend
\n
"
connection per worker. Setting 0 to this option
<<
" connection per worker. Setting 0 to this
\n
"
means read burst size is unlimited.
<<
" option means read burst size is unlimited.
\n
"
Default: )"
<<
" Default: "
<<
get_config
()
->
worker_read_burst
<<
R"(
<<
get_config
()
->
worker_read_burst
<<
"
\n
"
--worker-write-rate=<RATE>
<<
" --worker-write-rate=<RATE>
\n
"
Set maximum average write rate on frontend
<<
" Set maximum average write rate on frontend
\n
"
connection per worker. Setting 0 to this option
<<
" connection per worker. Setting 0 to this
\n
"
means write rate is unlimited.
<<
" option means write rate is unlimited.
\n
"
Default: )"
<<
" Default: "
<<
get_config
()
->
worker_write_rate
<<
R"(
<<
get_config
()
->
worker_write_rate
<<
"
\n
"
--worker-write-burst=<SIZE>
<<
" --worker-write-burst=<SIZE>
\n
"
Set maximum write burst size on frontend
<<
" Set maximum write burst size on frontend
\n
"
connection per worker. Setting 0 to this option
<<
" connection per worker. Setting 0 to this
\n
"
means write burst size is unlimited.
<<
" option means write burst size is unlimited.
\n
"
Default: )"
<<
" Default: "
<<
get_config
()
->
worker_write_burst
<<
R"(
<<
get_config
()
->
worker_write_burst
<<
"
\n
"
<<
"
\n
"
Timeout:
<<
"Timeout:
\n
"
--frontend-http2-read-timeout=<SEC>
<<
" --frontend-http2-read-timeout=<SEC>
\n
"
Specify read timeout for HTTP/2 and SPDY frontend
<<
" Specify read timeout for HTTP/2.0 and SPDY frontend
\n
"
connection.
<<
" connection. Default: "
Default: )"
<<
get_config
()
->
http2_upstream_read_timeout
.
tv_sec
<<
"
\n
"
<<
get_config
()
->
http2_upstream_read_timeout
.
tv_sec
<<
R"(
<<
" --frontend-read-timeout=<SEC>
\n
"
--frontend-read-timeout=<SEC>
<<
" Specify read timeout for HTTP/1.1 frontend
\n
"
Specify read timeout for HTTP/1.1 frontend
<<
" connection. Default: "
connection.
<<
get_config
()
->
upstream_read_timeout
.
tv_sec
<<
"
\n
"
Default: )"
<<
" --frontend-write-timeout=<SEC>
\n
"
<<
get_config
()
->
upstream_read_timeout
.
tv_sec
<<
R"(
<<
" Specify write timeout for all frontends.
\n
"
--frontend-write-timeout=<SEC>
<<
" connection. Default: "
Specify write timeout for all frontend
<<
get_config
()
->
upstream_write_timeout
.
tv_sec
<<
"
\n
"
connections.
<<
" --backend-read-timeout=<SEC>
\n
"
Default: )"
<<
" Specify read timeout for backend connection.
\n
"
<<
get_config
()
->
upstream_write_timeout
.
tv_sec
<<
R"(
<<
" Default: "
--backend-read-timeout=<SEC>
<<
get_config
()
->
downstream_read_timeout
.
tv_sec
<<
"
\n
"
Specify read timeout for backend connection.
<<
" --backend-write-timeout=<SEC>
\n
"
Default: )"
<<
" Specify write timeout for backend
\n
"
<<
get_config
()
->
downstream_read_timeout
.
tv_sec
<<
R"(
<<
" connection. Default: "
--backend-write-timeout=<SEC>
<<
get_config
()
->
downstream_write_timeout
.
tv_sec
<<
"
\n
"
Specify write timeout for backend connection.
<<
" --backend-keep-alive-timeout=<SEC>
\n
"
Default: )"
<<
" Specify keep-alive timeout for backend
\n
"
<<
get_config
()
->
downstream_write_timeout
.
tv_sec
<<
R"(
<<
" connection. Default: "
--backend-keep-alive-timeout=<SEC>
<<
get_config
()
->
downstream_idle_read_timeout
.
tv_sec
<<
"
\n
"
Specify keep-alive timeout for backend
<<
" --backend-http-proxy-uri=<URI>
\n
"
connection.
<<
" Specify proxy URI in the form
\n
"
Default: )"
<<
" http://[<USER>:<PASS>@]<PROXY>:<PORT>. If
\n
"
<<
get_config
()
->
downstream_idle_read_timeout
.
tv_sec
<<
R"(
<<
" a proxy requires authentication, specify
\n
"
--backend-http-proxy-uri=<URI>
<<
" <USER> and <PASS>. Note that they must be
\n
"
Specify proxy URI in the form
<<
" properly percent-encoded. This proxy is used
\n
"
http://[<USER>:<PASS>@]<PROXY>:<PORT>. If a
<<
" when the backend connection is HTTP/2.0. First,
\n
"
proxy requires authentication, specify <USER> and
<<
" make a CONNECT request to the proxy and
\n
"
<PASS>. Note that they must be properly
<<
" it connects to the backend on behalf of
\n
"
percent-encoded. This proxy is used when the
<<
" nghttpx. This forms tunnel. After that, nghttpx
\n
"
backend connection is HTTP/2. First, make a
<<
" performs SSL/TLS handshake with the
\n
"
CONNECT request to the proxy and it connects to
<<
" downstream through the tunnel. The timeouts
\n
"
the backend on behalf of nghttpx. This forms
<<
" when connecting and making CONNECT request
\n
"
tunnel. After that, nghttpx performs SSL/TLS
<<
" can be specified by --backend-read-timeout
\n
"
handshake with the downstream through the tunnel.
<<
" and --backend-write-timeout options.
\n
"
The timeouts when connecting and making CONNECT
<<
"
\n
"
request can be specified by
<<
"SSL/TLS:
\n
"
--backend-read-timeout and
<<
" --ciphers=<SUITE> Set allowed cipher list. The format of the
\n
"
--backend-write-timeout options.
<<
" string is described in OpenSSL ciphers(1).
\n
"
<<
" If this option is used, --honor-cipher-order
\n
"
SSL/TLS:
<<
" is implicitly enabled.
\n
"
--ciphers=<SUITE> Set allowed cipher list. The format of the
<<
" --honor-cipher-order
\n
"
string is described in OpenSSL ciphers(1). If
<<
" Honor server cipher order, giving the
\n
"
this option is used, --honor-cipher-order is
<<
" ability to mitigate BEAST attacks.
\n
"
implicitly enabled.
<<
" -k, --insecure Don't verify backend server's certificate
\n
"
--honor-cipher-order
<<
" if -p, --client or --http2-bridge are given
\n
"
Honor server cipher order, giving the ability to
<<
" and --backend-no-tls is not given
\n
"
mitigate BEAST attacks.
<<
" --cacert=<PATH> Set path to trusted CA certificate file
\n
"
-k, --insecure
<<
" if -p, --client or --http2-bridge are given
\n
"
Don't verify backend server's certificate if -p,
<<
" and --backend-no-tls is not given
\n
"
--client or --http2-bridge are given and
<<
" The file must be in PEM format. It can
\n
"
--backend-no-tls is not given.
<<
" contain multiple certificates. If the
\n
"
--cacert=<PATH> Set path to trusted CA certificate file if -p,
<<
" linked OpenSSL is configured to load system
\n
"
--client or --http2-bridge are given and
<<
" wide certificates, they are loaded
\n
"
--backend-no-tls is not given. The file must be
<<
" at startup regardless of this option.
\n
"
in PEM format. It can contain multiple
<<
" --private-key-passwd-file=<FILEPATH>
\n
"
certificates. If the linked OpenSSL is
<<
" Path to file that contains password for the
\n
"
configured to load system wide certificates, they
<<
" server's private key. If none is given and
\n
"
are loaded at startup regardless of this option.
<<
" the private key is password protected it'll
\n
"
--private-key-passwd-file=<FILEPATH>
<<
" be requested interactively.
\n
"
Path to file that contains password for the
<<
" --subcert=<KEYPATH>:<CERTPATH>
\n
"
server's private key. If none is given and the
<<
" Specify additional certificate and private
\n
"
private key is password protected it'll be
<<
" key file. nghttpx will choose certificates
\n
"
requested interactively.
<<
" based on the hostname indicated by client
\n
"
--subcert=<KEYPATH>:<CERTPATH>
<<
" using TLS SNI extension. This option can be
\n
"
Specify additional certificate and private key
<<
" used multiple times.
\n
"
file. nghttpx will choose certificates based on
<<
" --backend-tls-sni-field=<HOST>
\n
"
the hostname indicated by client using TLS SNI
<<
" Explicitly set the content of the TLS SNI
\n
"
extension. This option can be used multiple
<<
" extension. This will default to the backend
\n
"
times.
<<
" HOST name.
\n
"
--backend-tls-sni-field=<HOST>
<<
" --dh-param-file=<PATH>
\n
"
Explicitly set the content of the TLS SNI
<<
" Path to file that contains DH parameters in
\n
"
extension. This will default to the backend HOST
<<
" PEM format. Without this option, DHE cipher
\n
"
name.
<<
" suites are not available.
\n
"
--dh-param-file=<PATH>
<<
" --npn-list=<LIST> Comma delimited list of NPN/ALPN protocol sorted
\n
"
Path to file that contains DH parameters in PEM
<<
" in the order of preference. That means
\n
"
format. Without this option, DHE cipher suites
<<
" most desirable protocol comes first.
\n
"
are not available.
<<
" The parameter must be delimited by a single
\n
"
--npn-list=<LIST> Comma delimited list of NPN/ALPN protocol sorted
<<
" comma only and any white spaces are treated
\n
"
in the order of preference. That means most
<<
" as a part of protocol string.
\n
"
desirable protocol comes first. The parameter
<<
" Default: "
<<
DEFAULT_NPN_LIST
<<
"
\n
"
must be delimited by a single comma only and any
<<
" --verify-client Require and verify client certificate.
\n
"
white spaces are treated as a part of protocol
<<
" --verify-client-cacert=<PATH>
\n
"
string.
<<
" Path to file that contains CA certificates
\n
"
Default: )"
<<
DEFAULT_NPN_LIST
<<
R"(
<<
" to verify client certificate.
\n
"
--verify-client Require and verify client certificate.
<<
" The file must be in PEM format. It can
\n
"
--verify-client-cacert=<PATH>
<<
" contain multiple certificates.
\n
"
Path to file that contains CA certificates to
<<
" --client-private-key-file=<PATH>
\n
"
verify client certificate. The file must be in
<<
" Path to file that contains client private
\n
"
PEM format. It can contain multiple
<<
" key used in backend client authentication.
\n
"
certificates.
<<
" --client-cert-file=<PATH>
\n
"
--client-private-key-file=<PATH>
<<
" Path to file that contains client
\n
"
Path to file that contains client private key
<<
" certificate used in backend client
\n
"
used in backend client authentication.
<<
" authentication.
\n
"
--client-cert-file=<PATH>
<<
" --tls-proto-list=<LIST>
\n
"
Path to file that contains client certificate
<<
" Comma delimited list of SSL/TLS protocol to
\n
"
used in backend client authentication.
<<
" be enabled.
\n
"
--tls-proto-list=<LIST>
<<
" The following protocols are available:
\n
"
Comma delimited list of SSL/TLS protocol to be
<<
" TLSv1.2, TLSv1.1, TLSv1.0, SSLv3
\n
"
enabled. The following protocols are available:
<<
" The name matching is done in case-insensitive
\n
"
TLSv1.2, TLSv1.1, TLSv1.0 and SSLv3. The name
<<
" manner.
\n
"
matching is done in case-insensitive manner. The
<<
" The parameter must be delimited by a single
\n
"
parameter must be delimited by a single comma
<<
" comma only and any white spaces are treated
\n
"
only and any white spaces are treated as a part
<<
" as a part of protocol string.
\n
"
of protocol string.
<<
" Default: "
<<
DEFAULT_TLS_PROTO_LIST
<<
"
\n
"
Default: )"
<<
DEFAULT_TLS_PROTO_LIST
<<
R"(
<<
"
\n
"
<<
"HTTP/2.0 and SPDY:
\n
"
HTTP/2 and SPDY:
<<
" -c, --http2-max-concurrent-streams=<NUM>
\n
"
-c, --http2-max-concurrent-streams=<NUM>
<<
" Set the maximum number of the concurrent
\n
"
Set the maximum number of the concurrent streams
<<
" streams in one HTTP/2.0 and SPDY session.
\n
"
in one HTTP/2 and SPDY session.
<<
" Default: "
Default: )"
<<
get_config
()
->
http2_max_concurrent_streams
<<
"
\n
"
<<
get_config
()
->
http2_max_concurrent_streams
<<
R"(
<<
" --frontend-http2-window-bits=<N>
\n
"
--frontend-http2-window-bits=<N>
<<
" Sets the per-stream initial window size of HTTP/2.0
\n
"
Sets the per-stream initial window size of HTTP/2
<<
" SPDY frontend connection. For HTTP/2.0, the size is
\n
"
SPDY frontend connection. For HTTP/2, the size
<<
" 2**<N>-1. For SPDY, the size is 2**<N>
\n
"
is 2**<N>-1. For SPDY, the size is 2**<N>.
<<
" Default: "
Default: )"
<<
get_config
()
->
http2_upstream_window_bits
<<
"
\n
"
<<
get_config
()
->
http2_upstream_window_bits
<<
R"(
<<
" --frontend-http2-connection-window-bits=<N>
\n
"
--frontend-http2-connection-window-bits=<N>
<<
" Sets the per-connection window size of HTTP/2.0 and
\n
"
Sets the per-connection window size of HTTP/2 and
<<
" SPDY frontend connection. For HTTP/2.0, the size is
\n
"
SPDY frontend connection. For HTTP/2, the size
<<
" 2**<N>-1. For SPDY, the size is 2**<N>.
\n
"
is 2**<N>-1. For SPDY, the size is 2**<N>.
<<
" Default: "
Default: )"
<<
get_config
()
->
http2_upstream_connection_window_bits
<<
"
\n
"
<<
get_config
()
->
http2_upstream_connection_window_bits
<<
R"(
<<
" --frontend-no-tls Disable SSL/TLS on frontend connections.
\n
"
--frontend-no-tls Disable SSL/TLS on frontend connections.
<<
" --backend-http2-window-bits=<N>
\n
"
--backend-http2-window-bits=<N>
<<
" Sets the initial window size of HTTP/2.0 backend
\n
"
Sets the initial window size of HTTP/2 backend
<<
" connection to 2**<N>-1.
\n
"
connection to 2**<N>-1.
<<
" Default: "
Default: )"
<<
get_config
()
->
http2_downstream_window_bits
<<
"
\n
"
<<
get_config
()
->
http2_downstream_window_bits
<<
R"(
<<
" --backend-http2-connection-window-bits=<N>
\n
"
--backend-http2-connection-window-bits=<N>
<<
" Sets the per-connection window size of HTTP/2.0
\n
"
Sets the per-connection window size of HTTP/2
<<
" backend connection to 2**<N>-1.
\n
"
backend connection to 2**<N>-1.
<<
" Default: "
Default: )"
<<
get_config
()
->
http2_downstream_connection_window_bits
<<
"
\n
"
<<
get_config
()
->
http2_downstream_connection_window_bits
<<
R"(
<<
" --backend-no-tls Disable SSL/TLS on backend connections.
\n
"
--backend-no-tls Disable SSL/TLS on backend connections.
<<
" --http2-no-cookie-crumbling
\n
"
--http2-no-cookie-crumbling
<<
" Don't crumble cookie header field.
\n
"
Don't crumble cookie header field.
<<
" --padding=<N> Add at most <N> bytes to a HTTP/2 frame payload
\n
"
--padding=<N> Add at most <N> bytes to a HTTP/2 frame payload
<<
" as padding.
\n
"
as padding. Specify 0 to disable padding. This
<<
" Specify 0 to disable padding. This option is
\n
"
option is meant for debugging purpose and not
<<
" meant for debugging purpose and not intended
\n
"
intended to enhance protocol security.
<<
" to enhance protocol security.
\n
"
<<
"
\n
"
Mode:
<<
"Mode:
\n
"
(default mode) Accept HTTP/2, SPDY and HTTP/1.1 over SSL/TLS.
<<
" (default mode) Accept HTTP/2.0, SPDY and HTTP/1.1 over
\n
"
If --frontend-no-tls is used, accept HTTP/2 and
<<
" SSL/TLS. If --frontend-no-tls is used,
\n
"
HTTP/1.1. The incoming HTTP/1.1 connection can
<<
" accept HTTP/2.0 and HTTP/1.1. The incoming
\n
"
be upgraded to HTTP/2 through HTTP Upgrade. The
<<
" HTTP/1.1 connection can be upgraded to
\n
"
protocol to the backend is HTTP/1.1.
<<
" HTTP/2.0 through HTTP Upgrade.
\n
"
-s, --http2-proxy Like default mode, but enable secure proxy mode.
<<
" The protocol to the backend is HTTP/1.1.
\n
"
--http2-bridge Like default mode, but communicate with the
<<
" -s, --http2-proxy Like default mode, but enable secure proxy mode.
\n
"
backend in HTTP/2 over SSL/TLS. Thus the
<<
" --http2-bridge Like default mode, but communicate with the
\n
"
incoming all connections are converted to HTTP/2
<<
" backend in HTTP/2.0 over SSL/TLS. Thus the
\n
"
connection and relayed to the backend. See
<<
" incoming all connections are converted
\n
"
--backend-http-proxy-uri option if you are behind
<<
" to HTTP/2.0 connection and relayed to
\n
"
the proxy and want to connect to the outside
<<
" the backend. See --backend-http-proxy-uri
\n
"
HTTP/2 proxy.
<<
" option if you are behind the proxy and want
\n
"
--client Accept HTTP/2 and HTTP/1.1 without SSL/TLS. The
<<
" to connect to the outside HTTP/2.0 proxy.
\n
"
incoming HTTP/1.1 connection can be upgraded to
<<
" --client Accept HTTP/2.0 and HTTP/1.1 without SSL/TLS.
\n
"
HTTP/2 connection through HTTP Upgrade. The
<<
" The incoming HTTP/1.1 connection can be
\n
"
protocol to the backend is HTTP/2. To use
<<
" upgraded to HTTP/2.0 connection through
\n
"
nghttpx as a forward proxy, use -p option
<<
" HTTP Upgrade.
\n
"
instead.
<<
" The protocol to the backend is HTTP/2.0.
\n
"
-p, --client-proxy
<<
" To use nghttpx as a forward proxy, use -p
\n
"
Like --client option, but it also requires the
<<
" option instead.
\n
"
request path from frontend must be an absolute
<<
" -p, --client-proxy Like --client option, but it also requires
\n
"
URI, suitable for use as a forward proxy.
<<
" the request path from frontend must be
\n
"
<<
" an absolute URI, suitable for use as a
\n
"
Logging:
<<
" forward proxy.
\n
"
-L, --log-level=<LEVEL>
<<
"
\n
"
Set the severity level of log output. <LEVEL>
<<
"Logging:
\n
"
must be one of INFO, WARNING, ERROR and FATAL.
<<
" -L, --log-level=<LEVEL>
\n
"
Default: WARNING
<<
" Set the severity level of log output.
\n
"
--accesslog Print simple accesslog to stderr.
<<
" INFO, WARNING, ERROR and FATAL.
\n
"
--syslog Send log messages to syslog.
<<
" Default: WARNING
\n
"
--syslog-facility=<FACILITY>
<<
" --accesslog Print simple accesslog to stderr.
\n
"
Set syslog facility to <FACILITY>.
<<
" --syslog Send log messages to syslog.
\n
"
Default: )"
<<
" --syslog-facility=<FACILITY>
\n
"
<<
str_syslog_facility
(
get_config
()
->
syslog_facility
)
<<
R"(
<<
" Set syslog facility.
\n
"
<<
" Default: "
Misc:
<<
str_syslog_facility
(
get_config
()
->
syslog_facility
)
<<
"
\n
"
--add-x-forwarded-for
<<
"
\n
"
Append X-Forwarded-For header field to the
<<
"Misc:
\n
"
downstream request.
<<
" --add-x-forwarded-for
\n
"
--no-via Don't append to Via header field. If Via header
<<
" Append X-Forwarded-For header field to the
\n
"
field is received, it is left unaltered.
<<
" downstream request.
\n
"
--frontend-http2-dump-request-header=<PATH>
<<
" --no-via Don't append to Via header field. If Via
\n
"
Dumps request headers received by HTTP/2 frontend
<<
" header field is received, it is left
\n
"
to the file denoted in <PATH>. The output is
<<
" unaltered.
\n
"
done in HTTP/1 header field format and each
<<
" --frontend-http2-dump-request-header=<PATH>
\n
"
header block is followed by an empty line. This
<<
" Dumps request headers received by HTTP/2.0
\n
"
option is not thread safe and MUST NOT be used
<<
" frontend to the file denoted in PATH.
\n
"
with option -n<N>, where <N> >= 2.
<<
" The output is done in HTTP/1 header field
\n
"
--frontend-http2-dump-response-header=<PATH>
<<
" format and each header block is followed by
\n
"
Dumps response headers sent from HTTP/2 frontend
<<
" an empty line.
\n
"
to the file denoted in <PATH>. The output is
<<
" This option is not thread safe and MUST NOT
\n
"
done in HTTP/1 header field format and each
<<
" be used with option -n=N, where N >= 2.
\n
"
header block is followed by an empty line. This
<<
" --frontend-http2-dump-response-header=<PATH>
\n
"
option is not thread safe and MUST NOT be used
<<
" Dumps response headers sent from HTTP/2.0
\n
"
with option -n<N>, where <N> >= 2.
<<
" frontend to the file denoted in PATH.
\n
"
-o, --frontend-frame-debug
<<
" The output is done in HTTP/1 header field
\n
"
Print HTTP/2 frames in frontend to stderr. This
<<
" format and each header block is followed by
\n
"
option is not thread safe and MUST NOT be used
<<
" an empty line.
\n
"
with option -n=N, where N >= 2.
<<
" This option is not thread safe and MUST NOT
\n
"
-D, --daemon
<<
" be used with option -n=N, where N >= 2.
\n
"
Run in a background. If -D is used, the current
<<
" -o, --frontend-frame-debug
\n
"
working directory is changed to '/'.
<<
" Print HTTP/2 frames in frontend to stderr.
\n
"
--pid-file=<PATH> Set path to save PID of this program.
<<
" This option is not thread safe and MUST NOT
\n
"
--user=<USER> Run this program as <USER>. This option is
<<
" be used with option -n=N, where N >= 2.
\n
"
intended to be used to drop root privileges.
<<
" -D, --daemon Run in a background. If -D is used, the
\n
"
--conf=<PATH> Load configuration from <PATH>.
<<
" current working directory is changed to '/'.
\n
"
Default: )"
<<
" --pid-file=<PATH> Set path to save PID of this program.
\n
"
<<
get_config
()
->
conf_path
<<
R"(
<<
" --user=<USER> Run this program as USER. This option is
\n
"
-v, --version Print version and exit.
<<
" intended to be used to drop root privileges.
\n
"
-h, --help Print this help and exit.)"
<<
" --conf=<PATH> Load configuration from PATH.
\n
"
<<
" Default: "
<<
get_config
()
->
conf_path
<<
"
\n
"
<<
" -v, --version Print version and exit.
\n
"
<<
" -h, --help Print this help and exit.
\n
"
<<
std
::
endl
;
<<
std
::
endl
;
}
}
}
// namespace
}
// namespace
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment