67 lines
1.1 KiB
Plaintext
67 lines
1.1 KiB
Plaintext
[system]
|
|
nr_worker_threads=1
|
|
enable_kni_v1=0
|
|
enable_kni_v2=1
|
|
|
|
[kni]
|
|
uxdomain=/home/server_unixsocket_file
|
|
ip=127.0.0.1
|
|
scm_port=8888
|
|
send_switch=1
|
|
|
|
[ssl]
|
|
ssl_max_version=tls13
|
|
ssl_min_version=ssl3
|
|
no_session_cache=0
|
|
no_session_ticket=0
|
|
log_master_key=0
|
|
trusted_cert_file=resource/tfe/tls-ca-bundle.pem
|
|
trusted_cert_dir=resource/tfe/trusted_storage
|
|
key_log_file=log/sslkeylog.log
|
|
no_alpn=0
|
|
stek_group_num=4
|
|
stek_rotation_time=3600
|
|
service_cache_succ_as_app_not_pinning_cnt=3
|
|
|
|
[key_keeper]
|
|
#Mode: debug - generate cert with ca_path, normal - generate cert with cert store
|
|
#0 on cache 1 off cache
|
|
no_cache=0
|
|
mode=normal
|
|
cert_store_host=192.168.10.8
|
|
cert_store_port=9991
|
|
ca_path=resource/tfe/tango-ca-trust-ca.pem
|
|
untrusted_ca_path=resource/tfe/tango-ca-untrust-ca.pem
|
|
|
|
[debug]
|
|
passthrough_all_tcp=0
|
|
|
|
[ratelimit]
|
|
#read_rate=200000
|
|
#read_burst=200000
|
|
#write_rate=200000
|
|
#write_burst=200000
|
|
|
|
[tcp]
|
|
so_keepalive=1
|
|
tcp_keepcnt=8
|
|
tcp_keepintvl=15
|
|
tcp_keepidle=30
|
|
tcp_user_timeout=30
|
|
tcp_ttl_upstream=75
|
|
tcp_ttl_downstream=70
|
|
|
|
[log]
|
|
level=10
|
|
|
|
[stat]
|
|
statsd_server=192.168.10.72
|
|
statsd_port=8126
|
|
|
|
[http]
|
|
loglevel=20
|
|
|
|
[traffic_mirror]
|
|
device=eth4
|
|
type=1
|