Init-script example:
#!/bin/sh # # startup script for pound # POUNDBIN=/usr/local/pound/sbin/pound PIDFILE=/var/run/pound.pid CONF=/etc/pound.cfg #CHROOTDIR=/chroot/pound case "$1" in start) if [ -x "$POUNDBIN" ] ; then echo -n "Starting pound: " #$POUNDBIN -c -V -f $CONF -p $PIDFILE $POUNDBIN -f $CONF -p $PIDFILE echo -e "OK" exit fi ;; stop) echo -n "Stopping pound: " kill `cat $PIDFILE` rm $PIDFILE #echo "" > $PIDFILE echo -e "OK" exit ;; restart) $0 stop $0 start #$POUNDBIN stop #echo -n "Stopping Pound " #kill `cat $PIDFILE` #echo "" >> $PIDFILE #$POUNDBIN start #echo -n "Starting pound: " #$POUNDBIN -p $PIDFILE exit ;; status) if [ -f "$PIDFILE" ]; then read pound_pid < $PIDFILE if kill -0 "$pound_pid" 2>/dev/null ; then echo -e "POUND running ("$pound_pid")" exit else echo -e "POUND is not running, but PID file exists" exit 1 fi else echo -e "POUND is not running" exit 1 fi ;; configtest) $POUNDBIN -v -c -f $CONF -p $PIDFILE #$POUNDBIN -c -f $CONF -p $PIDFILE ;; *) echo "usage: $0 { start | stop | restart | status | configtest }" >&2 exit 1 ;; esac
Configuration file “pound.cfg”:
## Minimal sample pound.cfg ###################################################################### ## global options: User "root" Group "root" #RootJail "/chroot/pound" ## Logging: (goes to syslog by default) ## 0 no logging ## 1 normal ## 2 extended ## 3 Apache-style (common log format) #LogLevel 1 LogLevel 2 #local4 configured in /etc/syslog-ng/syslog-ng LogFacility local4 #LogFacility - ## check backend every X secs: Alive 30 ## use hardware-accelleration card supported by openssl(1): #SSLEngine "" #Pfad zur Socket-Datei Control "/var/run/pound.socket" ###################################################################### ## listen, redirect and ... to: # Here is a more complex example: assume your static images (GIF/JPEG) are to be served from a single back-end 192.168.0.10. In # addition, 192.168.0.11 is to do the hosting for www.myserver.com with URL-based sessions, and 192.168.0.20 (a 1GHz PIII) and # 192.168.0.21 (800Mhz Duron) are for all other requests (cookie-based sessions). The logging will be done by the back-end servers. # The configuration file may look like this: # Main listening ports #Access on Port 80 ListenHTTP #virtuelle IP Address 10.0.0.190 Port 80 Service #Stringsrequest during page-access HeadRequire "Host: .*testhost.testdomain.local.*" #Redirect all HTTP traffic to an SSL url #Redirect "https://my.example.com/" #Webserver-1 BackEnd Address 10.0.0.191 Port 80 Priority 3 End #Webserver-2 BackEnd Address 10.0.0.192 Port 80 Priority 3 End #Session COOKIE cookie-name N Session #Type IP Type COOKIE ID "userid" #ID "sess" TTL 300 End End End #Access on Port 443 ListenHTTPS #SSL-Request-Forwarding xHTTP 1 HeadRemove "X-SSL-Request" HeadRemove "X-Forwarded-For" AddHeader "X-SSL-Request: 1" #virtual IP Address 10.0.0.190 Port 443 #SSL-Zertifikat Cert "/etc/apache2/ssl.pem/testhost.pem" Service #Stringsrequest during page-access HeadRequire "Host: .*testhost.testdomain.local.*" #Webserver-1 BackEnd Address 10.0.0.191 Port 443 #Access on https https End #Webserver-2 BackEnd Address 10.0.0.192 Port 443 #Access on https https End #Save IP (Cookie) Session Type IP TTL 300 End End End ####################################################################################### ListenHTTPS Address 1.2.3.4 Port 443 Cert "/etc/ssl/certs/mydomain.com.pem" Service HeadRequire "Host:.*test1.mydomain.com.*" BackEnd Address 192.168.1.11 Port 80 End End Service HeadRequire "Host:.*test2.mydomain.com.*" BackEnd Address 192.168.1.12 Port 80 End End Service HeadRequire "Host:.*test3.mydomain.com.*" BackEnd Address 192.168.1.13 Port 80 End End End #[Optional] Images server(s) # Service # #URL ".*.(jpg|gif)" # URL "\.(jpg|gif|png|jpeg)$" # BackEnd # Address 10.0.0.195 # Port 80 # End # End