Update man pages
This commit is contained in:
parent
de5c821530
commit
453e12cd1f
|
@ -1,5 +1,5 @@
|
||||||
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.45.1.
|
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.45.1.
|
||||||
.TH H2LOAD "1" "May 2014" "h2load nghttp2/0.4.0-DEV" "User Commands"
|
.TH H2LOAD "1" "May 2014" "h2load nghttp2/0.4.0" "User Commands"
|
||||||
.SH NAME
|
.SH NAME
|
||||||
h2load \- HTTP/2 benchmarking tool
|
h2load \- HTTP/2 benchmarking tool
|
||||||
.SH SYNOPSIS
|
.SH SYNOPSIS
|
||||||
|
|
105
doc/nghttp.1
105
doc/nghttp.1
|
@ -1,43 +1,46 @@
|
||||||
.\" nghttp2 manual page
|
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.45.1.
|
||||||
.TH nghttp2 "1" "January 2014" "nghttp2" "User Commands"
|
.TH NGHTTP "1" "May 2014" "nghttp nghttp2/0.4.0" "User Commands"
|
||||||
.SH NAME
|
.SH NAME
|
||||||
nghttp2 \- HTTP2 experimental client
|
nghttp \- HTTP/2 experimental client
|
||||||
.SH SYNOPSIS
|
.SH SYNOPSIS
|
||||||
\fBnghttp\fP [\fIOPTIONS\fP] \fIURI\fP...
|
.B nghttp
|
||||||
|
[\fI\,OPTIONS\/\fR]... \fI\,<URI>\/\fR...
|
||||||
.SH DESCRIPTION
|
.SH DESCRIPTION
|
||||||
Experimental client for HTTP 2.0.
|
HTTP/2 experimental client
|
||||||
|
.TP
|
||||||
|
<URI>
|
||||||
|
Specify URI to access.
|
||||||
.SH OPTIONS
|
.SH OPTIONS
|
||||||
.TP
|
.TP
|
||||||
\fB\-v\fR, \fB\-\-verbose\fR
|
\fB\-v\fR, \fB\-\-verbose\fR
|
||||||
Print debug information such as reception/
|
Print debug information such as reception and
|
||||||
transmission of frames and name/value pairs.
|
transmission of frames and name/value pairs.
|
||||||
.TP
|
.TP
|
||||||
\fB\-n\fR, \fB\-\-null\-out\fR
|
\fB\-n\fR, \fB\-\-null\-out\fR
|
||||||
Discard downloaded data.
|
Discard downloaded data.
|
||||||
.TP
|
.TP
|
||||||
\fB\-O\fR, \fB\-\-remote\-name\fR
|
\fB\-O\fR, \fB\-\-remote\-name\fR
|
||||||
Save download data in the current directory.
|
Save download data in the current directory. The
|
||||||
The filename is dereived from URI. If URI
|
filename is dereived from URI. If URI ends with
|
||||||
ends with '/', 'index.html' is used as a
|
\&'/', 'index.html' is used as a filename. Not
|
||||||
filename. Not implemented yet.
|
implemented yet.
|
||||||
.TP
|
.TP
|
||||||
\fB\-t\fR, \fB\-\-timeout=\fR<N>
|
\fB\-t\fR, \fB\-\-timeout=\fR<N>
|
||||||
Timeout each request after <N> seconds.
|
Timeout each request after <N> seconds.
|
||||||
.TP
|
.TP
|
||||||
\fB\-w\fR, \fB\-\-window\-bits=\fR<N>
|
\fB\-w\fR, \fB\-\-window\-bits=\fR<N>
|
||||||
Sets the stream level initial window size
|
Sets the stream level initial window size to
|
||||||
to 2**<N>\-1.
|
2**<N>\-1.
|
||||||
.TP
|
.TP
|
||||||
\fB\-W\fR, \fB\-\-connection\-window\-bits=\fR<N>
|
\fB\-W\fR, \fB\-\-connection\-window\-bits=\fR<N>
|
||||||
Sets the connection level initial window
|
Sets the connection level initial window size to
|
||||||
size to 2**<N>\-1.
|
2**<N>\-1.
|
||||||
.TP
|
.TP
|
||||||
\fB\-a\fR, \fB\-\-get\-assets\fR
|
\fB\-a\fR, \fB\-\-get\-assets\fR
|
||||||
Download assets such as stylesheets, images
|
Download assets such as stylesheets, images and
|
||||||
and script files linked from the downloaded
|
script files linked from the downloaded resource.
|
||||||
resource. Only links whose origins are the
|
Only links whose origins are the same with the
|
||||||
same with the linking resource will be
|
linking resource will be downloaded.
|
||||||
downloaded.
|
|
||||||
.TP
|
.TP
|
||||||
\fB\-s\fR, \fB\-\-stat\fR
|
\fB\-s\fR, \fB\-\-stat\fR
|
||||||
Print statistics.
|
Print statistics.
|
||||||
|
@ -46,45 +49,61 @@ Print statistics.
|
||||||
Add a header to the requests.
|
Add a header to the requests.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-cert=\fR<CERT>
|
\fB\-\-cert=\fR<CERT>
|
||||||
Use the specified client certificate file.
|
Use the specified client certificate file. The
|
||||||
The file must be in PEM format.
|
file must be in PEM format.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-key=\fR<KEY>
|
\fB\-\-key=\fR<KEY>
|
||||||
Use the client private key file. The file
|
Use the client private key file. The file must
|
||||||
must be in PEM format.
|
be in PEM format.
|
||||||
.TP
|
.TP
|
||||||
\fB\-d\fR, \fB\-\-data=\fR<FILE>
|
\fB\-d\fR, \fB\-\-data=\fR<FILE>
|
||||||
Post FILE to server. If \- is given, data
|
Post FILE to server. If '\-' is given, data will
|
||||||
will be read from stdin.
|
be read from stdin.
|
||||||
.TP
|
.TP
|
||||||
\fB\-m\fR, \fB\-\-multiply=\fR<N> Request each URI <N> times. By default, same
|
\fB\-g\fR, \fB\-\-compress\-data\fR
|
||||||
URI is not requested twice. This option
|
When used with \fB\-d\fR option, compress request body
|
||||||
disables it too.
|
on the fly using per\-frame compression.
|
||||||
.TP
|
.TP
|
||||||
\fB\-f\fR, \fB\-\-no\-flow\-control\fR
|
\fB\-m\fR, \fB\-\-multiply=\fR<N> Request each URI <N> times.
|
||||||
Disables connection and stream level flow
|
By default, same URI
|
||||||
controls.
|
is not requested twice. This option disables it
|
||||||
|
too.
|
||||||
.TP
|
.TP
|
||||||
\fB\-u\fR, \fB\-\-upgrade\fR
|
\fB\-u\fR, \fB\-\-upgrade\fR
|
||||||
Perform HTTP Upgrade for HTTP/2.0. This
|
Perform HTTP Upgrade for HTTP/2. This option is
|
||||||
option is ignored if the request URI has
|
ignored if the request URI has https scheme. If
|
||||||
https scheme.
|
\fB\-d\fR is used, the HTTP upgrade request is performed
|
||||||
If \fB\-d\fR is used, the HTTP upgrade request is
|
with OPTIONS method.
|
||||||
performed with OPTIONS method.
|
|
||||||
.TP
|
.TP
|
||||||
\fB\-p\fR, \fB\-\-pri=\fR<PRIORITY>
|
\fB\-p\fR, \fB\-\-weight=\fR<WEIGHT>
|
||||||
Sets stream priority. Default: 1073741824
|
Sets priority group weight. The valid value
|
||||||
|
range is [1, 256], inclusive.
|
||||||
|
Default: 16
|
||||||
.TP
|
.TP
|
||||||
\fB\-M\fR, \fB\-\-peer\-max\-concurrent\-streams=\fR<N>
|
\fB\-M\fR, \fB\-\-peer\-max\-concurrent\-streams=\fR<N>
|
||||||
Use <N> as SETTINGS_MAX_CONCURRENT_STREAMS
|
Use <N> as SETTINGS_MAX_CONCURRENT_STREAMS value
|
||||||
value of remote endpoint as if it is
|
of remote endpoint as if it is received in
|
||||||
received in SETTINGS frame. The default
|
SETTINGS frame. The default is large enough as
|
||||||
is large enough as it is seen as unlimited.
|
it is seen as unlimited.
|
||||||
.TP
|
.TP
|
||||||
\fB\-c\fR, \fB\-\-header\-table\-size=\fR<N>
|
\fB\-c\fR, \fB\-\-header\-table\-size=\fR<N>
|
||||||
Specify decoder header table size.
|
Specify decoder header table size.
|
||||||
.TP
|
.TP
|
||||||
|
\fB\-b\fR, \fB\-\-padding=\fR<N>
|
||||||
|
Add at most <N> bytes to a frame payload as
|
||||||
|
padding. Specify 0 to disable padding.
|
||||||
|
.TP
|
||||||
\fB\-\-color\fR
|
\fB\-\-color\fR
|
||||||
Force colored log output.
|
Force colored log output.
|
||||||
|
.TP
|
||||||
|
\fB\-\-continuation\fR
|
||||||
|
Send large header to test CONTINUATION.
|
||||||
|
.TP
|
||||||
|
\fB\-\-version\fR
|
||||||
|
Display version information and exit.
|
||||||
|
.TP
|
||||||
|
\fB\-h\fR, \fB\-\-help\fR
|
||||||
|
Display this help and exit.
|
||||||
.SH "SEE ALSO"
|
.SH "SEE ALSO"
|
||||||
nghttpd(1), nghttpx(1)
|
|
||||||
|
nghttpd(1), nghttpx(1), h2load(1)
|
||||||
|
|
|
@ -1,39 +1,45 @@
|
||||||
.\" nghttpd manual page
|
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.45.1.
|
||||||
.TH nghttpd "1" "January 2014" "nghttpd" "User Commands"
|
.TH NGHTTPD "1" "May 2014" "nghttpd nghttp2/0.4.0" "User Commands"
|
||||||
.SH NAME
|
.SH NAME
|
||||||
nghttpd \- HTTP 2.0 experimental server
|
nghttpd \- HTTP/2 experimental server
|
||||||
.SH SYNOPSIS
|
.SH SYNOPSIS
|
||||||
\fBnghttpd\fP [\fIOPTIONS\fP...] [\fIPRIVATE_KEY\fP \fICERT\fP]
|
.B nghttpd
|
||||||
|
[\fI\,OPTION\/\fR]... \fI\,<PORT> <PRIVATE_KEY> <CERT>\/\fR
|
||||||
|
.br
|
||||||
|
.B nghttpd
|
||||||
|
\fI\,--no-tls \/\fR[\fI\,OPTION\/\fR]... \fI\,<PORT>\/\fR
|
||||||
.SH DESCRIPTION
|
.SH DESCRIPTION
|
||||||
Experimental HTTP 2.0 server.
|
HTTP/2 experimental server
|
||||||
.SH "Positional arguments"
|
|
||||||
.TP
|
.TP
|
||||||
\fIPRIVATE_KEY\fP
|
<PORT>
|
||||||
|
Specify listening port number.
|
||||||
|
.TP
|
||||||
|
<PRIVATE_KEY>
|
||||||
Set path to server's private key. Required
|
Set path to server's private key. Required
|
||||||
unless either \fB\-p\fR or \fB\-\-client\fR is specified.
|
unless \fB\-\-no\-tls\fR is specified.
|
||||||
.TP
|
.TP
|
||||||
\fICERT\fP
|
<CERT>
|
||||||
Set path to server's certificate. Required
|
Set path to server's certificate. Required
|
||||||
unless either \fB\-p\fR or \fB\-\-client\fR is specified.
|
unless \fB\-\-no\-tls\fR is specified.
|
||||||
.SH OPTIONS
|
.SH OPTIONS
|
||||||
.TP
|
.TP
|
||||||
\fB\-D\fR, \fB\-\-daemon\fR
|
\fB\-D\fR, \fB\-\-daemon\fR
|
||||||
Run in a background. If \fB\-D\fR is used, the
|
Run in a background. If \fB\-D\fR is used, the current
|
||||||
current working directory is changed to '/'.
|
working directory is changed to '/'. Therefore
|
||||||
Therefore if this option is used, \fB\-d\fR option
|
if this option is used, \fB\-d\fR option must be
|
||||||
must be specified.
|
specified.
|
||||||
.TP
|
.TP
|
||||||
\fB\-V\fR, \fB\-\-verify\-client\fR
|
\fB\-V\fR, \fB\-\-verify\-client\fR
|
||||||
The server sends a client certificate
|
The server sends a client certificate request.
|
||||||
request. If the client did not return a
|
If the client did not return a certificate, the
|
||||||
certificate, the handshake is terminated.
|
handshake is terminated. Currently, this option
|
||||||
Currently, this option just requests a
|
just requests a client certificate and does not
|
||||||
client certificate and does not verify it.
|
verify it.
|
||||||
.TP
|
.TP
|
||||||
\fB\-d\fR, \fB\-\-htdocs=\fR<PATH>
|
\fB\-d\fR, \fB\-\-htdocs=\fR<PATH>
|
||||||
Specify document root. If this option is
|
Specify document root. If this option is not
|
||||||
not specified, the document root is the
|
specified, the document root is the current
|
||||||
current working directory.
|
working directory.
|
||||||
.TP
|
.TP
|
||||||
\fB\-v\fR, \fB\-\-verbose\fR
|
\fB\-v\fR, \fB\-\-verbose\fR
|
||||||
Print debug information such as reception/
|
Print debug information such as reception/
|
||||||
|
@ -42,14 +48,36 @@ transmission of frames and name/value pairs.
|
||||||
\fB\-\-no\-tls\fR
|
\fB\-\-no\-tls\fR
|
||||||
Disable SSL/TLS.
|
Disable SSL/TLS.
|
||||||
.TP
|
.TP
|
||||||
\fB\-f\fR, \fB\-\-no\-flow\-control\fR
|
\fB\-c\fR, \fB\-\-header\-table\-size=\fR<N>
|
||||||
Disables connection and stream level flow
|
Specify decoder header table size.
|
||||||
controls.
|
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-color\fR
|
\fB\-\-color\fR
|
||||||
Force colored log output.
|
Force colored log output.
|
||||||
.TP
|
.TP
|
||||||
|
\fB\-p\fR, \fB\-\-push=\fR<PATH>=<PUSH_PATH,...>
|
||||||
|
Push resources <PUSH_PATH>s when <PATH> is
|
||||||
|
requested. This option can be used repeatedly to
|
||||||
|
specify multiple push configurations. <PATH> and
|
||||||
|
<PUSH_PATH>s are relative to document root. See
|
||||||
|
\fB\-\-htdocs\fR option. Example: \fB\-p\fR/=/foo.png
|
||||||
|
\fB\-p\fR/doc=/bar.css
|
||||||
|
.TP
|
||||||
|
\fB\-b\fR, \fB\-\-padding=\fR<N>
|
||||||
|
Add at most <N> bytes to a frame payload as
|
||||||
|
padding. Specify 0 to disable padding.
|
||||||
|
.TP
|
||||||
|
\fB\-n\fR, \fB\-\-workers=\fR<CORE>
|
||||||
|
Set the number of worker threads.
|
||||||
|
Default: 1
|
||||||
|
.TP
|
||||||
|
\fB\-e\fR, \fB\-\-error\-gzip\fR
|
||||||
|
Make error response gzipped.
|
||||||
|
.TP
|
||||||
|
\fB\-\-version\fR
|
||||||
|
Display version information and exit.
|
||||||
|
.TP
|
||||||
\fB\-h\fR, \fB\-\-help\fR
|
\fB\-h\fR, \fB\-\-help\fR
|
||||||
Print this help.
|
Display this help and exit.
|
||||||
.SH "SEE ALSO"
|
.SH "SEE ALSO"
|
||||||
nghttp(1), nghttpx(1)
|
|
||||||
|
nghttp(1), nghttpx(1), h2load(1)
|
||||||
|
|
366
doc/nghttpx.1
366
doc/nghttpx.1
|
@ -1,27 +1,26 @@
|
||||||
.\" nghttpx manual page
|
.\" DO NOT MODIFY THIS FILE! It was generated by help2man 1.45.1.
|
||||||
.TH nghttpx "1" "January 2014" "nghttpx" "User Commands"
|
.TH NGHTTPX "1" "May 2014" "nghttpx nghttp2/0.4.0" "User Commands"
|
||||||
.SH NAME
|
.SH NAME
|
||||||
nghttpx \- HTTP 2.0 experimental proxy
|
nghttpx \- HTTP/2 experimental proxy
|
||||||
.SH SYNOPSIS
|
.SH SYNOPSIS
|
||||||
\fBnghttpx\fP [\fIOPTIONS\fP...] [\fIPRIVATE_KEY\fP \fICERT\fP]
|
.B nghttpx
|
||||||
|
[\fI\,OPTIONS\/\fR]... [\fI\,<PRIVATE_KEY> <CERT>\/\fR]
|
||||||
.SH DESCRIPTION
|
.SH DESCRIPTION
|
||||||
Experimental HTTP 2.0 reverse proxy.
|
A reverse proxy for HTTP/2, HTTP/1 and SPDY.
|
||||||
.LP
|
|
||||||
The default mode is to accept HTTP/2.0, SPDY (if compiled in) and
|
|
||||||
HTTP/1.1 over SSL/TLS. If \fB\-\-frontend\-no\-tls\fR is used, accept
|
|
||||||
HTTP/2.0 and HTTP/1.1. The incoming HTTP/1.1 connection can be
|
|
||||||
upgraded to HTTP/2.0 through HTTP Upgrade. The protocol to the
|
|
||||||
backend is HTTP/1.1.
|
|
||||||
.SH "Positional arguments"
|
|
||||||
.TP
|
.TP
|
||||||
\fIPRIVATE_KEY\fP
|
<PRIVATE_KEY>
|
||||||
Set path to server's private key. Required
|
Set path to server's private key. Required
|
||||||
unless either \fB\-p\fR or \fB\-\-client\fR is specified.
|
unless \fB\-p\fR, \fB\-\-client\fR or \fB\-\-frontend\-no\-tls\fR are
|
||||||
|
given.
|
||||||
.TP
|
.TP
|
||||||
\fICERT\fP
|
<CERT>
|
||||||
Set path to server's certificate. Required
|
Set path to server's certificate. Required
|
||||||
unless either \fB\-p\fR or \fB\-\-client\fR is specified.
|
unless \fB\-p\fR, \fB\-\-client\fR or \fB\-\-frontend\-no\-tls\fR are
|
||||||
|
given.
|
||||||
.SH OPTIONS
|
.SH OPTIONS
|
||||||
|
.IP
|
||||||
|
The options are categorized into several groups.
|
||||||
|
.SS "Connections:"
|
||||||
.TP
|
.TP
|
||||||
\fB\-b\fR, \fB\-\-backend=\fR<HOST,PORT>
|
\fB\-b\fR, \fB\-\-backend=\fR<HOST,PORT>
|
||||||
Set backend host and port.
|
Set backend host and port.
|
||||||
|
@ -32,207 +31,278 @@ Set frontend host and port.
|
||||||
Default: '0.0.0.0,3000'
|
Default: '0.0.0.0,3000'
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-backlog=\fR<NUM>
|
\fB\-\-backlog=\fR<NUM>
|
||||||
Set listen backlog size.
|
Set listen backlog size. If \fB\-1\fR is given,
|
||||||
Default: 256
|
libevent will choose suitable value.
|
||||||
|
Default: \fB\-1\fR
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-backend\-ipv4\fR
|
\fB\-\-backend\-ipv4\fR
|
||||||
Resolve backend hostname to IPv4 address
|
Resolve backend hostname to IPv4 address only.
|
||||||
only.
|
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-backend\-ipv6\fR
|
\fB\-\-backend\-ipv6\fR
|
||||||
Resolve backend hostname to IPv6 address
|
Resolve backend hostname to IPv6 address only.
|
||||||
only.
|
.SS "Performance:"
|
||||||
.TP
|
.TP
|
||||||
\fB\-n\fR, \fB\-\-workers=\fR<CORES>
|
\fB\-n\fR, \fB\-\-workers=\fR<CORES>
|
||||||
Set the number of worker threads.
|
Set the number of worker threads.
|
||||||
Default: 1
|
Default: 1
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-read\-rate=\fR<RATE> Set maximum average read rate on frontend
|
\fB\-\-read\-rate=\fR<RATE>
|
||||||
connection. Setting 0 to this option means
|
Set maximum average read rate on frontend
|
||||||
read rate is unlimited.
|
connection. Setting 0 to this option means read
|
||||||
|
rate is unlimited.
|
||||||
Default: 1048576
|
Default: 1048576
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-read\-burst=\fR<SIZE>
|
\fB\-\-read\-burst=\fR<SIZE>
|
||||||
Set maximum read burst size on frontend
|
Set maximum read burst size on frontend
|
||||||
connection. Setting 0 to this option means
|
connection. Setting 0 to this option means read
|
||||||
read burst size is unlimited.
|
burst size is unlimited.
|
||||||
Default: 4194304
|
Default: 4194304
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-write\-rate=\fR<RATE>
|
\fB\-\-write\-rate=\fR<RATE>
|
||||||
Set maximum average write rate on frontend
|
Set maximum average write rate on frontend
|
||||||
connection. Setting 0 to this option means
|
connection. Setting 0 to this option means write
|
||||||
write rate is unlimited.
|
rate is unlimited.
|
||||||
Default: 0
|
Default: 0
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-write\-burst=\fR<SIZE>
|
\fB\-\-write\-burst=\fR<SIZE>
|
||||||
Set maximum write burst size on frontend
|
Set maximum write burst size on frontend
|
||||||
connection. Setting 0 to this option means
|
connection. Setting 0 to this option means write
|
||||||
write burst size is unlimited.
|
burst size is unlimited.
|
||||||
Default: 0
|
Default: 0
|
||||||
.TP
|
.TP
|
||||||
|
\fB\-\-worker\-read\-rate=\fR<RATE>
|
||||||
|
Set maximum average read rate on frontend
|
||||||
|
connection per worker. Setting 0 to this option
|
||||||
|
means read rate is unlimited.
|
||||||
|
Default: 0
|
||||||
|
.TP
|
||||||
|
\fB\-\-worker\-read\-burst=\fR<SIZE>
|
||||||
|
Set maximum read burst size on frontend
|
||||||
|
connection per worker. Setting 0 to this option
|
||||||
|
means read burst size is unlimited.
|
||||||
|
Default: 0
|
||||||
|
.TP
|
||||||
|
\fB\-\-worker\-write\-rate=\fR<RATE>
|
||||||
|
Set maximum average write rate on frontend
|
||||||
|
connection per worker. Setting 0 to this option
|
||||||
|
means write rate is unlimited.
|
||||||
|
Default: 0
|
||||||
|
.TP
|
||||||
|
\fB\-\-worker\-write\-burst=\fR<SIZE>
|
||||||
|
Set maximum write burst size on frontend
|
||||||
|
connection per worker. Setting 0 to this option
|
||||||
|
means write burst size is unlimited.
|
||||||
|
Default: 0
|
||||||
|
.SS "Timeout:"
|
||||||
|
.TP
|
||||||
\fB\-\-frontend\-http2\-read\-timeout=\fR<SEC>
|
\fB\-\-frontend\-http2\-read\-timeout=\fR<SEC>
|
||||||
Specify read timeout for HTTP/2.0 and SPDY frontend
|
Specify read timeout for HTTP/2 and SPDY frontend
|
||||||
connection. Default: 180
|
connection.
|
||||||
|
Default: 180
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-frontend\-read\-timeout=\fR<SEC>
|
\fB\-\-frontend\-read\-timeout=\fR<SEC>
|
||||||
Specify read timeout for HTTP/1.1 frontend
|
Specify read timeout for HTTP/1.1 frontend
|
||||||
connection. Default: 180
|
connection.
|
||||||
|
Default: 180
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-frontend\-write\-timeout=\fR<SEC>
|
\fB\-\-frontend\-write\-timeout=\fR<SEC>
|
||||||
Specify write timeout for all frontends.
|
Specify write timeout for all frontend
|
||||||
connection. Default: 60
|
connections.
|
||||||
|
Default: 60
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-backend\-read\-timeout=\fR<SEC>
|
\fB\-\-backend\-read\-timeout=\fR<SEC>
|
||||||
Specify read timeout for backend connection.
|
Specify read timeout for backend connection.
|
||||||
Default: 900
|
Default: 900
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-backend\-write\-timeout=\fR<SEC>
|
\fB\-\-backend\-write\-timeout=\fR<SEC>
|
||||||
Specify write timeout for backend
|
Specify write timeout for backend connection.
|
||||||
connection. Default: 60
|
Default: 60
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-backend\-keep\-alive\-timeout=\fR<SEC>
|
\fB\-\-backend\-keep\-alive\-timeout=\fR<SEC>
|
||||||
Specify keep\-alive timeout for backend
|
Specify keep\-alive timeout for backend
|
||||||
connection. Default: 60
|
connection.
|
||||||
|
Default: 60
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-backend\-http\-proxy\-uri=\fR<URI>
|
\fB\-\-backend\-http\-proxy\-uri=\fR<URI>
|
||||||
Specify proxy URI in the form
|
Specify proxy URI in the form
|
||||||
http://[<USER>:<PASS>@]<PROXY>:<PORT>. If
|
http://[<USER>:<PASS>@]<PROXY>:<PORT>. If a
|
||||||
a proxy requires authentication, specify
|
proxy requires authentication, specify <USER> and
|
||||||
<USER> and <PASS>. Note that they must be
|
<PASS>. Note that they must be properly
|
||||||
properly percent\-encoded. This proxy is used
|
percent\-encoded. This proxy is used when the
|
||||||
when the backend connection is HTTP/2.0. First,
|
backend connection is HTTP/2. First, make a
|
||||||
make a CONNECT request to the proxy and
|
CONNECT request to the proxy and it connects to
|
||||||
it connects to the backend on behalf of
|
the backend on behalf of nghttpx. This forms
|
||||||
nghttpx. This forms tunnel. After that, nghttpx
|
tunnel. After that, nghttpx performs SSL/TLS
|
||||||
performs SSL/TLS handshake with the
|
handshake with the downstream through the tunnel.
|
||||||
downstream through the tunnel. The timeouts
|
The timeouts when connecting and making CONNECT
|
||||||
when connecting and making CONNECT request
|
request can be specified by
|
||||||
can be specified by \fB\-\-backend\-read\-timeout\fR
|
\fB\-\-backend\-read\-timeout\fR and
|
||||||
and \fB\-\-backend\-write\-timeout\fR options.
|
\fB\-\-backend\-write\-timeout\fR options.
|
||||||
|
.SS "SSL/TLS:"
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-ciphers=\fR<SUITE>
|
\fB\-\-ciphers=\fR<SUITE>
|
||||||
Set allowed cipher list. The format of the
|
Set allowed cipher list. The format of the
|
||||||
string is described in OpenSSL ciphers(1).
|
string is described in OpenSSL ciphers(1). If
|
||||||
If this option is used, \fB\-\-honor\-cipher\-order\fR
|
this option is used, \fB\-\-honor\-cipher\-order\fR is
|
||||||
is implicitly enabled.
|
implicitly enabled.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-honor\-cipher\-order\fR
|
\fB\-\-honor\-cipher\-order\fR
|
||||||
Honor server cipher order, giving the
|
Honor server cipher order, giving the ability to
|
||||||
ability to mitigate BEAST attacks.
|
mitigate BEAST attacks.
|
||||||
.TP
|
.TP
|
||||||
\fB\-k\fR, \fB\-\-insecure\fR
|
\fB\-k\fR, \fB\-\-insecure\fR
|
||||||
When used with \fB\-p\fR or \fB\-\-client\fR, don't verify
|
Don't verify backend server's certificate if \fB\-p\fR,
|
||||||
backend server's certificate.
|
\fB\-\-client\fR or \fB\-\-http2\-bridge\fR are given and
|
||||||
|
\fB\-\-backend\-no\-tls\fR is not given.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-cacert=\fR<PATH>
|
\fB\-\-cacert=\fR<PATH>
|
||||||
When used with \fB\-p\fR or \fB\-\-client\fR, set path to
|
Set path to trusted CA certificate file if \fB\-p\fR,
|
||||||
trusted CA certificate file.
|
\fB\-\-client\fR or \fB\-\-http2\-bridge\fR are given and
|
||||||
The file must be in PEM format. It can
|
\fB\-\-backend\-no\-tls\fR is not given. The file must be
|
||||||
contain multiple certificates. If the
|
in PEM format. It can contain multiple
|
||||||
linked OpenSSL is configured to load system
|
certificates. If the linked OpenSSL is
|
||||||
wide certificates, they are loaded
|
configured to load system wide certificates, they
|
||||||
at startup regardless of this option.
|
are loaded at startup regardless of this option.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-private\-key\-passwd\-file=\fR<FILEPATH>
|
\fB\-\-private\-key\-passwd\-file=\fR<FILEPATH>
|
||||||
Path to file that contains password for the
|
Path to file that contains password for the
|
||||||
server's private key. If none is given and
|
server's private key. If none is given and the
|
||||||
the private key is password protected it'll
|
private key is password protected it'll be
|
||||||
be requested interactively.
|
requested interactively.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-subcert=\fR<KEYPATH>:<CERTPATH>
|
\fB\-\-subcert=\fR<KEYPATH>:<CERTPATH>
|
||||||
Specify additional certificate and private
|
Specify additional certificate and private key
|
||||||
key file. nghttpx will choose certificates
|
file. nghttpx will choose certificates based on
|
||||||
based on the hostname indicated by client
|
the hostname indicated by client using TLS SNI
|
||||||
using TLS SNI extension. This option can be
|
extension. This option can be used multiple
|
||||||
used multiple times.
|
times.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-backend\-tls\-sni\-field=\fR<HOST>
|
\fB\-\-backend\-tls\-sni\-field=\fR<HOST>
|
||||||
Explicitly set the content of the TLS SNI
|
Explicitly set the content of the TLS SNI
|
||||||
extension. This will default to the backend
|
extension. This will default to the backend HOST
|
||||||
HOST name.
|
name.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-dh\-param\-file=\fR<PATH>
|
\fB\-\-dh\-param\-file=\fR<PATH>
|
||||||
Path to file that contains DH parameters in
|
Path to file that contains DH parameters in PEM
|
||||||
PEM format. Without this option, DHE cipher
|
format. Without this option, DHE cipher suites
|
||||||
suites are not available.
|
are not available.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-npn\-list=\fR<LIST>
|
\fB\-\-npn\-list=\fR<LIST>
|
||||||
Comma delimited list of NPN protocol sorted
|
Comma delimited list of NPN/ALPN protocol sorted
|
||||||
in the order of preference. That means
|
in the order of preference. That means most
|
||||||
most desirable protocol comes first.
|
desirable protocol comes first. The parameter
|
||||||
The parameter must be delimited by a single
|
must be delimited by a single comma only and any
|
||||||
comma only and any white spaces are treated
|
white spaces are treated as a part of protocol
|
||||||
as a part of protocol string.
|
string.
|
||||||
Default: HTTP\-draft\-07/2.0,http/1.1
|
Default: h2\-12,spdy/3.1,spdy/3,spdy/2,http/1.1
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-verify\-client\fR
|
\fB\-\-verify\-client\fR
|
||||||
Require and verify client certificate.
|
Require and verify client certificate.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-verify\-client\-cacert=\fR<PATH>
|
\fB\-\-verify\-client\-cacert=\fR<PATH>
|
||||||
Path to file that contains CA certificates
|
Path to file that contains CA certificates to
|
||||||
to verify client certificate.
|
verify client certificate. The file must be in
|
||||||
The file must be in PEM format. It can
|
PEM format. It can contain multiple
|
||||||
contain multiple certificates.
|
certificates.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-client\-private\-key\-file=\fR<PATH>
|
\fB\-\-client\-private\-key\-file=\fR<PATH>
|
||||||
Path to file that contains client private
|
Path to file that contains client private key
|
||||||
key used in backend client authentication.
|
used in backend client authentication.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-client\-cert\-file=\fR<PATH>
|
\fB\-\-client\-cert\-file=\fR<PATH>
|
||||||
Path to file that contains client
|
Path to file that contains client certificate
|
||||||
certificate used in backend client
|
used in backend client authentication.
|
||||||
authentication.
|
.TP
|
||||||
|
\fB\-\-tls\-proto\-list=\fR<LIST>
|
||||||
|
Comma delimited list of SSL/TLS protocol to be
|
||||||
|
enabled. The following protocols are available:
|
||||||
|
TLSv1.2, TLSv1.1, TLSv1.0 and SSLv3. The name
|
||||||
|
matching is done in case\-insensitive manner. The
|
||||||
|
parameter must be delimited by a single comma
|
||||||
|
only and any white spaces are treated as a part
|
||||||
|
of protocol string.
|
||||||
|
Default: TLSv1.2,TLSv1.1,TLSv1.0
|
||||||
|
.SS "HTTP/2 and SPDY:"
|
||||||
.TP
|
.TP
|
||||||
\fB\-c\fR, \fB\-\-http2\-max\-concurrent\-streams=\fR<NUM>
|
\fB\-c\fR, \fB\-\-http2\-max\-concurrent\-streams=\fR<NUM>
|
||||||
Set the maximum number of the concurrent
|
Set the maximum number of the concurrent streams
|
||||||
streams in one HTTP/2.0 and SPDY session.
|
in one HTTP/2 and SPDY session.
|
||||||
Default: 100
|
Default: 100
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-frontend\-http2\-window\-bits=\fR<N>
|
\fB\-\-frontend\-http2\-window\-bits=\fR<N>
|
||||||
Sets the initial window size of HTTP/2.0 and SPDY
|
Sets the per\-stream initial window size of HTTP/2
|
||||||
frontend connection to 2**<N>\-1.
|
SPDY frontend connection. For HTTP/2, the size
|
||||||
|
is 2**<N>\-1. For SPDY, the size is 2**<N>.
|
||||||
|
Default: 16
|
||||||
|
.TP
|
||||||
|
\fB\-\-frontend\-http2\-connection\-window\-bits=\fR<N>
|
||||||
|
Sets the per\-connection window size of HTTP/2 and
|
||||||
|
SPDY frontend connection. For HTTP/2, the size
|
||||||
|
is 2**<N>\-1. For SPDY, the size is 2**<N>.
|
||||||
Default: 16
|
Default: 16
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-frontend\-no\-tls\fR
|
\fB\-\-frontend\-no\-tls\fR
|
||||||
Disable SSL/TLS on frontend connections.
|
Disable SSL/TLS on frontend connections.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-backend\-http2\-window\-bits=\fR<N>
|
\fB\-\-backend\-http2\-window\-bits=\fR<N>
|
||||||
Sets the initial window size of HTTP/2.0 and SPDY
|
Sets the initial window size of HTTP/2 backend
|
||||||
|
connection to 2**<N>\-1.
|
||||||
|
Default: 16
|
||||||
|
.TP
|
||||||
|
\fB\-\-backend\-http2\-connection\-window\-bits=\fR<N>
|
||||||
|
Sets the per\-connection window size of HTTP/2
|
||||||
backend connection to 2**<N>\-1.
|
backend connection to 2**<N>\-1.
|
||||||
Default: 16
|
Default: 16
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-backend\-no\-tls\fR
|
\fB\-\-backend\-no\-tls\fR
|
||||||
Disable SSL/TLS on backend connections.
|
Disable SSL/TLS on backend connections.
|
||||||
.TP
|
.TP
|
||||||
|
\fB\-\-http2\-no\-cookie\-crumbling\fR
|
||||||
|
Don't crumble cookie header field.
|
||||||
|
.TP
|
||||||
|
\fB\-\-padding=\fR<N>
|
||||||
|
Add at most <N> bytes to a HTTP/2 frame payload
|
||||||
|
as padding. Specify 0 to disable padding. This
|
||||||
|
option is meant for debugging purpose and not
|
||||||
|
intended to enhance protocol security.
|
||||||
|
.SS "Mode:"
|
||||||
|
.TP
|
||||||
|
(default mode)
|
||||||
|
Accept HTTP/2, SPDY and HTTP/1.1 over SSL/TLS.
|
||||||
|
If \fB\-\-frontend\-no\-tls\fR is used, accept HTTP/2 and
|
||||||
|
HTTP/1.1. The incoming HTTP/1.1 connection can
|
||||||
|
be upgraded to HTTP/2 through HTTP Upgrade. The
|
||||||
|
protocol to the backend is HTTP/1.1.
|
||||||
|
.TP
|
||||||
\fB\-s\fR, \fB\-\-http2\-proxy\fR
|
\fB\-s\fR, \fB\-\-http2\-proxy\fR
|
||||||
Like default mode, but enable secure proxy mode.
|
Like default mode, but enable secure proxy mode.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-http2\-bridge\fR
|
\fB\-\-http2\-bridge\fR
|
||||||
Like default mode, but communicate with the
|
Like default mode, but communicate with the
|
||||||
backend in HTTP/2.0 over SSL/TLS. Thus the
|
backend in HTTP/2 over SSL/TLS. Thus the
|
||||||
incoming all connections are converted
|
incoming all connections are converted to HTTP/2
|
||||||
to HTTP/2.0 connection and relayed to
|
connection and relayed to the backend. See
|
||||||
the backend. See \fB\-\-backend\-http\-proxy\-uri\fR
|
\fB\-\-backend\-http\-proxy\-uri\fR option if you are behind
|
||||||
option if you are behind the proxy and want
|
the proxy and want to connect to the outside
|
||||||
to connect to the outside HTTP/2.0 proxy.
|
HTTP/2 proxy.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-client\fR
|
\fB\-\-client\fR
|
||||||
Accept HTTP/2.0 and HTTP/1.1 without SSL/TLS.
|
Accept HTTP/2 and HTTP/1.1 without SSL/TLS. The
|
||||||
The incoming HTTP/1.1 connection can be
|
incoming HTTP/1.1 connection can be upgraded to
|
||||||
upgraded to HTTP/2.0 connection through
|
HTTP/2 connection through HTTP Upgrade. The
|
||||||
HTTP Upgrade.
|
protocol to the backend is HTTP/2. To use
|
||||||
The protocol to the backend is HTTP/2.0.
|
nghttpx as a forward proxy, use \fB\-p\fR option
|
||||||
To use nghttpx as a forward proxy, use \fB\-p\fR
|
instead.
|
||||||
option instead.
|
|
||||||
.TP
|
.TP
|
||||||
\fB\-p\fR, \fB\-\-client\-proxy\fR Like \fB\-\-client\fR option, but it also requires
|
\fB\-p\fR, \fB\-\-client\-proxy\fR
|
||||||
the request path from frontend must be
|
Like \fB\-\-client\fR option, but it also requires the
|
||||||
an absolute URI, suitable for use as a
|
request path from frontend must be an absolute
|
||||||
forward proxy.
|
URI, suitable for use as a forward proxy.
|
||||||
|
.SS "Logging:"
|
||||||
.TP
|
.TP
|
||||||
\fB\-L\fR, \fB\-\-log\-level=\fR<LEVEL>
|
\fB\-L\fR, \fB\-\-log\-level=\fR<LEVEL>
|
||||||
Set the severity level of log output.
|
Set the severity level of log output. <LEVEL>
|
||||||
INFO, WARNING, ERROR and FATAL.
|
must be one of INFO, WARNING, ERROR and FATAL.
|
||||||
Default: WARNING
|
Default: WARNING
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-accesslog\fR
|
\fB\-\-accesslog\fR
|
||||||
|
@ -242,32 +312,69 @@ Print simple accesslog to stderr.
|
||||||
Send log messages to syslog.
|
Send log messages to syslog.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-syslog\-facility=\fR<FACILITY>
|
\fB\-\-syslog\-facility=\fR<FACILITY>
|
||||||
Set syslog facility.
|
Set syslog facility to <FACILITY>.
|
||||||
Default: daemon
|
Default: daemon
|
||||||
|
.SS "Misc:"
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-add\-x\-forwarded\-for\fR
|
\fB\-\-add\-x\-forwarded\-for\fR
|
||||||
Append X\-Forwarded\-For header field to the
|
Append X\-Forwarded\-For header field to the
|
||||||
downstream request.
|
downstream request.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-no\-via\fR
|
\fB\-\-no\-via\fR
|
||||||
Don't append to Via header field. If Via
|
Don't append to Via header field. If Via header
|
||||||
header field is received, it is left
|
field is received, it is left unaltered.
|
||||||
unaltered.
|
.TP
|
||||||
|
\fB\-\-altsvc=\fR<PROTOID,PORT[,HOST,[ORIGIN]]>
|
||||||
|
Specify protocol ID, port, host and origin of
|
||||||
|
alternative service. <HOST> and <ORIGIN> are
|
||||||
|
optional. They are advertised in alt\-svc header
|
||||||
|
field or HTTP/2 ALTSVC frame. This option can be
|
||||||
|
used multiple times to specify multiple
|
||||||
|
alternative services. Example: \fB\-\-altsvc\fR=\fI\,h2\/\fR,443
|
||||||
|
.TP
|
||||||
|
\fB\-\-add\-response\-header=\fR<HEADER>
|
||||||
|
Specify additional header field to add to
|
||||||
|
response header set. This option just appends
|
||||||
|
header field and won't replace anything already
|
||||||
|
set. This option can be used several times to
|
||||||
|
specify multiple header fields.
|
||||||
|
Example: \fB\-\-add\-response\-header=\fR"foo: bar"
|
||||||
|
.TP
|
||||||
|
\fB\-\-frontend\-http2\-dump\-request\-header=\fR<PATH>
|
||||||
|
Dumps request headers received by HTTP/2 frontend
|
||||||
|
to the file denoted in <PATH>. The output is
|
||||||
|
done in HTTP/1 header field format and each
|
||||||
|
header block is followed by an empty line. This
|
||||||
|
option is not thread safe and MUST NOT be used
|
||||||
|
with option \fB\-n\fR<N>, where <N> >= 2.
|
||||||
|
.TP
|
||||||
|
\fB\-\-frontend\-http2\-dump\-response\-header=\fR<PATH>
|
||||||
|
Dumps response headers sent from HTTP/2 frontend
|
||||||
|
to the file denoted in <PATH>. The output is
|
||||||
|
done in HTTP/1 header field format and each
|
||||||
|
header block is followed by an empty line. This
|
||||||
|
option is not thread safe and MUST NOT be used
|
||||||
|
with option \fB\-n\fR<N>, where <N> >= 2.
|
||||||
|
.TP
|
||||||
|
\fB\-o\fR, \fB\-\-frontend\-frame\-debug\fR
|
||||||
|
Print HTTP/2 frames in frontend to stderr. This
|
||||||
|
option is not thread safe and MUST NOT be used
|
||||||
|
with option \fB\-n\fR=\fI\,N\/\fR, where N >= 2.
|
||||||
.TP
|
.TP
|
||||||
\fB\-D\fR, \fB\-\-daemon\fR
|
\fB\-D\fR, \fB\-\-daemon\fR
|
||||||
Run in a background. If \fB\-D\fR is used, the
|
Run in a background. If \fB\-D\fR is used, the current
|
||||||
current working directory is changed to '/'.
|
working directory is changed to '/'.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-pid\-file=\fR<PATH>
|
\fB\-\-pid\-file=\fR<PATH>
|
||||||
Set path to save PID of this program.
|
Set path to save PID of this program.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-user=\fR<USER>
|
\fB\-\-user=\fR<USER>
|
||||||
Run this program as USER. This option is
|
Run this program as <USER>. This option is
|
||||||
intended to be used to drop root privileges.
|
intended to be used to drop root privileges.
|
||||||
.TP
|
.TP
|
||||||
\fB\-\-conf=\fR<PATH>
|
\fB\-\-conf=\fR<PATH>
|
||||||
Load configuration from PATH.
|
Load configuration from <PATH>.
|
||||||
Default: \fI/etc/nghttpx/nghttpx.conf\fP
|
Default: \fI\,/etc/nghttpx/nghttpx.conf\/\fP
|
||||||
.TP
|
.TP
|
||||||
\fB\-v\fR, \fB\-\-version\fR
|
\fB\-v\fR, \fB\-\-version\fR
|
||||||
Print version and exit.
|
Print version and exit.
|
||||||
|
@ -275,4 +382,5 @@ Print version and exit.
|
||||||
\fB\-h\fR, \fB\-\-help\fR
|
\fB\-h\fR, \fB\-\-help\fR
|
||||||
Print this help and exit.
|
Print this help and exit.
|
||||||
.SH "SEE ALSO"
|
.SH "SEE ALSO"
|
||||||
nghttp(1), nghttpd(1)
|
|
||||||
|
nghttp(1), nghttpd(1), h2load(1)
|
||||||
|
|
Loading…
Reference in New Issue