GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  HITCH (8)

NAME

Hitch - high performance TLS proxy \$1 \n[an-margin] level \n[rst2man-indent-level] level margin: \n[rst2man-indent\n[rst2man-indent-level]] - \n[rst2man-indent0] \n[rst2man-indent1] \n[rst2man-indent2]

CONTENTS

Synopsis
Description
Command Line Arguments
History

SYNOPSIS

hitch [OPTIONS] [PEM]

DESCRIPTION

Hitch is a network proxy that terminates TLS/SSL connections and forwards the unencrypted traffic to some backend. It\(aqs designed to handle 10s of thousands of connections efficiently on multicore machines.

Hitch has very few features -- it\(aqs designed to be paired with an intelligent backend like Varnish Cache. It maintains a strict 1:1 connection pattern with this backend handler so that the backend can dictate throttling behavior, maximum connection behavior, availability of service, etc.

The only required argument is a path to a PEM file that contains the certificate (or a chain of certificates) and private key. It should also contain DH parameter if you wish to use Diffie-Hellman cipher suites.

COMMAND LINE ARGUMENTS

--config=FILE
  Load configuration from specified file.
--tls TLSv1 (default. No SSLv3)
--ssl SSLv3 (enables SSLv3)
-c
--ciphers=SUITE
  Sets allowed ciphers (Default: "")
-e
--ssl-engine=NAME
  Sets OpenSSL engine (Default: "")
-O
--prefer-server-ciphers
  Prefer server list order
--client
  Enable client proxy mode
-b --backend=[HOST]:PORT Backend [connect] (default is "[127.0.0.1]:8000")
-f --frontend=[HOST]:PORT[+CERT] Frontend [bind] (default is "[*]:8443") (Note: brackets are mandatory in endpoint specifiers.)
-n
--workers=NUM
  Number of worker processes (Default: 1)
-B
--backlog=NUM
  Set listen backlog size (Default: 100)
-k
--keepalive=SECS
  TCP keepalive on client socket (Default: 3600)
-r
--chroot=DIR
  Sets chroot directory (Default: "")
-u
--user=USER
  Set uid/gid after binding the socket (Default: "")
-g
--group=GROUP
  Set gid after binding the socket (Default: "")
-q
--quiet Be quiet; emit only error messages
-s
--syslog
  Send log message to syslog in addition to stderr/stdout
--syslog-facility=FACILITY
  Syslog facility to use (Default: "daemon")
--daemon
  Fork into background and become a daemon; this also sets the --quiet option (Default: off)
--write-ip
  Write 1 octet with the IP family followed by the IP address in 4 (IPv4) or 16 (IPv6) octets little-endian to backend before the actual data (Default: off)
--write-proxy-v1
  Write HaProxy\(aqs PROXY v1 (IPv4 or IPv6) protocol line before actual data (Default: off)
--write-proxy-v2
  Write HaProxy\(aqs PROXY v2 binary (IPv4 or IPv6) protocol line before actual data (Default: off)
--write-proxy
  Equivalent to --write-proxy-v2. For PROXY version 1 use --write-proxy-v1 explicitly
--proxy-proxy
  Proxy HaProxy\(aqs PROXY (IPv4 or IPv6) protocol line before actual data (PROXY v1 only) (Default: off)
--sni-nomatch-abort
  Abort handshake when client submits an unrecognized SNI server name (Default: off)
-t
--test Test configuration and exit
-p
--pidfile=FILE
  PID file
-V
--version
  Print program version and exit
-h
--help This help message

HISTORY

Hitch was originally called stud and was written by Jamie Turner at Bump.com.

Search for    or go to Top of page |  Section 8 |  Main Index


HITCH (8)

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.