POUND - REVERSE-PROXY AND LOAD-BALANCER
http://www.apsis.ch/pound/index_html
http://freshmeat.net/projects/pound/
WHAT POUND IS:
1. a reverse-proxy: it passes requests from client browsers to one or more back-end servers.
2. a load balancer: it will distribute the requests from the client browsers among several back-end servers, while keeping session information.
3. an SSL wrapper: Pound will decrypt HTTPS requests from client browsers and pass them as plain HTTP to the back-end servers.
4. an HTTP/HTTPS sanitizer: Pound will verify requests for correctness and accept only well-formed ones.
5. a fail over-server: should a back-end server fail, Pound will take note of the fact and stop passing requests to it until it recovers.
6. a request redirector: requests may be distributed among servers according to the requested URL.
Pound is a very small program, easily audited for security problems. It can run as setuid/setgid and/or in a chroot jail. Pound does not access the hard-disk at all (except for reading the certificate file on start, if required) and should thus pose no security threat to any machine.
WHAT POUND IS NOT:
1. Pound is not a Web server: by itself, Pound serves no content - it contacts the back-end server(s) for that purpose.
2. Pound is not a Web accelerator: no caching is done - every request is passed "as is" to a back-end server.
STATUS
As of release 1.0 Pound is declared to be production-quality code.
Pound was tested on Linux, Solaris and OpenBSD, but it should work unchanged on just about any modern Unix-like system. You will require OpenSSL and libpthread. The PCRE package and the tcmalloc (or Hoard) library are strongly recommended.
VIRTUAL HOSTS (IN GENERAL)
Some people asked about the possibility of redirecting requests to back-ends as per some virtual hosts definition. While I believe this is not Pound's job, it can be done. As of version 0.10, Pound supports filtering requests based not only on the request URL, but also on the presence or absence of certain headers.
---
Squid
http://www.squid-cache.org/
---
DeleGate
http://www.delegate.org/delegate/
http://freshmeat.net/projects/delegate/
DeleGate is a multi-purpose application level gateway, or a proxy server which runs on multiple platforms (Unix, Windows, MacOS X and OS/2). DeleGate mediates communication of various protocols (HTTP, FTP, NNTP, SMTP, POP, IMAP, LDAP, Telnet, SOCKS, DNS, etc.), applying cache and conversion for mediated data, controlling access from clients and routing toward servers. It translates protocols between clients and servers, applying SSL(TLS) to arbitrary protocols, converting between IPv4 and IPv6, merging several servers into a single server view with aliasing and filtering. Born as a tiny proxy for Gopher in March 1994, it has steadily grown into a general purpose proxy server. Besides being a proxy, DeleGate can be used as a simple origin server for some protocols (HTTP, FTP and NNTP).
---
BFilter
http://bfilter.sourceforge.net/
BFilter is a filtering web proxy. It was originally intended for removing banner ads only, but since then its capabilities have been greatly extended. Unlike most of the similar tools, it doesn't rely on blacklists (although it does support them). The problem with blacklists is that advertisers are always one step ahead. You see an ad slip through, you update your blacklist, and in case it didn't help, you add a new entry yourself. Once I got tired of that, I decided to write a proxy that would detect ads heuristically, much like modern anti-virus software manages to detect many viruses unknown to it.
Features
* HTTP/0.9 - HTTP/1.1, WebDAV support.
* Persistent connections (HTTP/1.1 only).
* Pipelining (HTTP/1.1 only).
* HTTP compression.
* Forwarding to another proxy (HTTP and SOCKS proxies).
* A built-in javascript engine.
* Heuristic Flash analyzer.
* Ability to apply regular expressions to a page.
* Blacklists, whitelists, hint lists.
* All processing is done on the fly. It doesn't load the whole page before processing.
---
Polipo
http://freshmeat.net/redir/polipo/36867/url_homepage/polipo
Polipo is a lightweight caching Web proxy that was designed as a personal cache. It is able to cache incomplete objects and will complete them using range requests. It will use HTTP/1.1 pipelining if supported by the remote server.
---
SafeSquid
http://freshmeat.net/redir/safesquid/52761/url_homepage/html
SafeSquid is a content filtering proxy server. It supports 'profiled' Internet access, a browser based interface, very fast throughput, DNS caching, content caching, pre-fetching, bandwidth control, virus scanning, ICP, CARP, and ICAP clients, source, target, and time-based granular firewall style rules to allow or deny content like music, videos, Flash and Java applets, messengers, chats, cookies, ActiveX, scripts, etc., remote authentication, real-time text and image analysis for blocking pornography, and an URL filter.
---
Tinyproxy
Tinyproxy is a fast light-weight HTTP proxy for POSIX operating systems. Designed from the ground up to be fast and yet small, it is an ideal solution for sites where a full-featured HTTP proxy is required, but the system resources for a larger proxy are unavailable. Tinyproxy is fully compatible with all existing Web browsers and has a number of useful features.
[Operating System] POSIX
--- |
![[漫猫]动漫论坛](static/image/common/logo.svg){kind=logo}
IP卡
狗仔卡
提升卡
置顶卡
沉默卡
变色卡
显身卡