Provided by: slt_0.0.git20140301-4_amd64 bug

NAME
       slt - multiplex a port for multiple TLS applications with SNI


SYNOPOSIS
       slt config-file


DESCRIPTION
       slt  is  a  TLS  reverse-proxy which allows an administrator to run multiple TLS applications on a single
       port. slt multiplexes incoming connections by inspecting the Server Name Indication (SNI) extension  data
       and appropriately forwarding the connection to the appropriate upstream server.


CONFIGURATION FILE
       Configure  slt  with  a  simple  YAML file. Specify a bind_addr to instuct slt where it should listen for
       incoming connections. slt may listen for any number of frontends. Each frontend is identified by the name
       to  match in the SNI data. Each frontend forwards to any number of backends. You may specify each backend
       with a hash of values. The only required attribute is addr. When more than one backend is enumerated, slt
       performs simple round-robin load balancing among them.

       An  example  configuration follows for listening on port 443 of all local interfaces multiplexing traffic
       for two applications, v1.example.com and v2.example.com. v1.example.com forwards  to  a  single  upstream
       server on port 1234. v2.example.com forwards to two upstream hosts on different addresses:

           bind_addr: ":443"

           frontends:
             v1.example.com:
               backends:
                 - addr: ":1234"

             v2.example.com:
               backends:
                 - addr: "192.168.0.2:443"
                 - addr: "192.168.0.1:443"

       By  default,  slt  does  not  terminate any TLS traffic. slt only inspects connections for their SNI data
       before being forwarded upstream. slt may terminate TLS traffic for any frontend by providing paths to the
       TLS public certificate and private key files, like so:

           frontends:
             v1.example.com:
               tls_key: /path/to/v1.example.com.key
               tls_crt: /path/to/v1.example.com.crt

       Designate  one  frontend to be the default in the case that no SNI data is present in the connection like
       so:

           frontends:
             v1.example.com:
               default: true


EXIT STATUS
       Exit status is 0 on success, non-zero on failure.


LINKS
       Source code and documentation
              https://github.com/inconshreveable/slt

       Server Name Indication
              http://www.ietf.org/rfc/rfc3546.txt


AUTHOR
       Alan Shreve (@inconshreveable)


SEE ALSO
       ssl(3) stunnel(8)

                                                  February 2018                                           SLT(8)