Re: How can I change the URI when forwarding to a server

> On Jan 12, 2017, at Jan 12, 5:26 AM, Jürgen Haas > wrote: > > Hi all, > > I wonder if I can change the uri that the server receives without doing > a redirect. You’re looking for http-request with set-uri or set-path + set-query:

C Level, VP Level, Directors Info

Hi, I hope you are doing well. I was reviewing your website, and I noticed that your company is leading within the Telecom industry. Wanted to know whether you would be interested in below contact lists: * Voip, IP PBX, 3CX users * Avaya, Shoretel, Mitel, Polycom, Digium users *

Re: SV: SV: Sudden peak of orphaned sockets -> 100% cpu

On Thu, Jan 12, 2017 at 05:42:35PM +, Carl Pettersson (BN) wrote: > The interesting thing here is that we could look at the external volume of > data (it passes through Akamai, without any caching, which lets us see how > many connections etc they handle before passing it on to us), and it did

SV: SV: Sudden peak of orphaned sockets -> 100% cpu

> > On Thu, Jan 12, 2017 at 05:15:41PM +, Carl Pettersson (BN) wrote: > > > > So, some questions: > > > > 1. Does it seem reasonable that the orphaned socket could cause this > > > >behaviour, or are they just a symptom? > > > > > > No, orphans have no such effect and your number was so

Re: SV: Sudden peak of orphaned sockets -> 100% cpu

On Thu, Jan 12, 2017 at 05:15:41PM +, Carl Pettersson (BN) wrote: > > > So, some questions: > > > 1. Does it seem reasonable that the orphaned socket could cause this > > >behaviour, or are they just a symptom? > > > > No, orphans have no such effect and your number was so low that it

SV: Sudden peak of orphaned sockets -> 100% cpu

Hi Willy, Thanks for having a look at this! > On Thu, Jan 12, 2017 at 11:34:44AM +, Carl Pettersson (BN) wrote: > > Hi, > > We have a haproxy setup consisting of a pair of nodes with keepalived, > > which then utilize the proxy protocol to pass requests (roundrobin) to > > a second pair of

Re: Sudden peak of orphaned sockets -> 100% cpu

Hi Carl, On Thu, Jan 12, 2017 at 11:34:44AM +, Carl Pettersson (BN) wrote: > Hi, > We have a haproxy setup consisting of a pair of nodes with keepalived, which > then utilize the proxy protocol to pass requests (roundrobin) to a second > pair of haproxy nodes. The first pair mainly terminates

Re: [PATCH] MINOR: systemd unit works with cfgdir and cfgfile

On Thu, Jan 12, 2017 at 01:28:06PM +, Patrick Hemmer wrote: > This change is rather dangerous. It's not unlikely that people will have > multiple config files in their `/etc/haproxy` directory. Such might > happen if users keep backups of previous versions when they make a > change, or if they

Re: [PATCH] BUG/MINOR: stream: Fix how backend-specific analyzers are set, on a stream

Christopher, I suspect that below you spotted a deeper bug which probably also affects older versions : On Thu, Jan 12, 2017 at 04:45:44PM +0100, Christopher Faulet wrote: > >From 73b8871a5e31004ec305a3eb2cd4747c4f569d5e Mon Sep 17 00:00:00 2001 > From: Christopher Faulet >

[PATCH] BUG/MINOR: stream: Fix how backend-specific analyzers are set, on a stream

-- Christopher >From 73b8871a5e31004ec305a3eb2cd4747c4f569d5e Mon Sep 17 00:00:00 2001 From: Christopher Faulet Date: Mon, 9 Jan 2017 16:33:19 +0100 Subject: [PATCH] BUG/MINOR: stream: Fix how backend-specific analyzers are set on a stream X-Bogosity: Ham,

Re: [PATCH 0/2] MEDIUM: stats: Add JSON output option to show (info|stat)

On Thu, Jan 12, 2017 at 03:14:27PM +, Scott McKeown wrote: > Doh, that would do it. > Sorry wrong git branch. > > # haproxy -v > HA-Proxy version 1.8-dev0 2016/11/25 > Copyright 2000-2016 Willy Tarreau > > # echo "show info json" | socat /tmp/haproxy.stat stdio | python

Re: [PATCH 0/2] MEDIUM: stats: Add JSON output option to show (info|stat)

Doh, that would do it. Sorry wrong git branch. # haproxy -v HA-Proxy version 1.8-dev0 2016/11/25 Copyright 2000-2016 Willy Tarreau # echo "show info json" | socat /tmp/haproxy.stat stdio | python -m json.tool [ { "field": { "name": "Name",

Re: HAproxy / Reverse proxy Debian

Title: Re: HAproxy / Reverse proxy Debian Bonjour Daniel, From my first post, you can see the config with ssl. To switch to TCP mode, I have removed: - All ciphers - In defaults, I have switch from "mode http" to "mode tcp" - In frontend email-https, I have remove "reqadd X-Forwarded-Proto:\

Re: HAproxy / Reverse proxy Debian

> This email server do have ssl/TLS activated. As I expected. Apparently that iRedMail server uses nginx. Right now, if you talk to haproxy, it decrypts the traffic and then sends it on to nginx in plain text. However, on that port nginx expects encrypted traffic — hence your 400 error

Re: [PATCH 0/2] MEDIUM: stats: Add JSON output option to show (info|stat)

On Thu, Jan 12, 2017 at 01:27:37PM +, Scott McKeown wrote: > Hi Simon, > > Output below: ... Thanks > On 12 January 2017 at 13:23, Simon Horman wrote: > > > Hi Scott, > > > > could you send the output of the following? > > > > echo "show info json" | socat

Re: HAproxy / Reverse proxy Debian

Title: Re: HAproxy / Reverse proxy Debian Bonjour Daniel, I am not sure to understand. I am using iRedMail as email server. This email server do have ssl/TLS activated. ** listen 888 http2;        ssl on;    ssl_certificate /etc/ssl/certs/cert.chained.crt;    ssl_certificate_key

Re: [PATCH] MINOR: systemd unit works with cfgdir and cfgfile

On 2017/1/12 06:42, Ricardo Fraile wrote: > Hello, > > > As 1.7 release allow to load multiple files from a directory: > > > https://cbonte.github.io/haproxy-dconv/1.7/management.html > > -f : adds to the list of configuration files > to be loaded. If is a directory, all the

Re: [PATCH 0/2] MEDIUM: stats: Add JSON output option to show (info|stat)

Hi Simon, Output below: # echo "show info json" | socat /tmp/haproxy.stat stdio Name: HAProxy Version: 1.6-dev1 Release_date: 2015/03/11 Nbproc: 1 Process_num: 1 Pid: 1611 Uptime: 0d 0h14m04s Uptime_sec: 844 Memmax_MB: 0 Ulimit-n: 4037 Maxsock: 4037 Maxconn: 2000 Hard_maxconn: 2000 CurrConns: 1

How can I change the URI when forwarding to a server

Hi all, I wonder if I can change the uri that the server receives without doing a redirect. Example: Request from client: https://www.example.com/login/username?p1=something Request received by server: /login.php?s=username=something More general: - if path begins with /login/*[?*] - add the

Re: [PATCH 0/2] MEDIUM: stats: Add JSON output option to show (info|stat)

Hi Scott, could you send the output of the following? echo "show info json" | socat /tmp/haproxy.stat stdio On Thu, Jan 12, 2017 at 01:18:54PM +, Scott McKeown wrote: > Hi Guys, > Sorry for the delay I got tied up with some other issues yesterday but I've > just finished with Simons git

Re: [PATCH 0/2] MEDIUM: stats: Add JSON output option to show (info|stat)

Sorry forgot to show the /tmp/ folder # ls -latrh /tmp/ total 16K -rw---. 1 root root0 Jan 9 11:00 yum.log drwxrwxrwt. 2 root root 4.0K Jan 9 11:21 .ICE-unix dr-xr-xr-x. 22 root root 4.0K Jan 9 11:21 .. srw---. 1 root root0 Jan 9 14:39 haproxy.stat -rw-r--r--. 1 root root

Re: [PATCH 0/2] MEDIUM: stats: Add JSON output option to show (info|stat)

Hi Guys, Sorry for the delay I got tied up with some other issues yesterday but I've just finished with Simons git repo pull. Simon are you sure this is correct as I thought this was for a 1.8-dev build which could be why I had problems on Tuesday. # haproxy -v HA-Proxy version 1.6-dev1

Re: HAproxy / Reverse proxy Debian

Sounds as if you have nginx set up for TLS termination, too. This does not make sense, because haproxy will already have decrypted the traffic. Make sure nginx does not expect https on what in your config would be ip_email_server:888. -- Daniel Schneller Principal Cloud Engineer

Re: HAproxy / Reverse proxy Debian

Title: Re: HAproxy / Reverse proxy Debian Bonjour Daniel, I have resolved my problem, HAproxy do start now (ssl ok). But when trying to reach my email server, I now do have a: 400 Bad gateway - The plain HTTP request was sent to HTTPS port - Nginx It should not be the case because 'reqadd

Re: HAproxy / Reverse proxy Debian

Re-adding the list. And: > Do I have to "cat file.key file.crt file.pem > certi.chained.crt" ?? Yes. Though I am not sure what file.crt and file.pem are :) Cheers, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11

[PATCH] MINOR: systemd unit works with cfgdir and cfgfile

Hello, As 1.7 release allow to load multiple files from a directory: https://cbonte.github.io/haproxy-dconv/1.7/management.html -f : adds to the list of configuration files to be loaded. If is a directory, all the files (and only files) it contains are added in lexical

Sudden peak of orphaned sockets -> 100% cpu

Hi, We have a haproxy setup consisting of a pair of nodes with keepalived, which then utilize the proxy protocol to pass requests (roundrobin) to a second pair of haproxy nodes. The first pair mainly terminates SSL and serves as a highly available entrypoint, while second pair does all the

Re: HAProxy Lua Map.end & reserved keywords

On Wed, Jan 11, 2017 at 12:17:26PM +0100, Willy Tarreau wrote: > On Mon, Jan 09, 2017 at 08:47:17PM +, Robin H. Johnson wrote: > > Maybe Willy would considering changing the name of the matches to 'prefix' > > & 'suffix' instead of 'beg' & 'end', and just keep beg/end as legacy. > Another

Re: HAproxy / Reverse proxy Debian

Thierry, always helps to know the haproxy version you use. As for your error message, do you have private key, your site’s certificate and all necessary chain certificates in the crt files you reference in your config? IIRC they need to be in the order 1. key 2. site cert (“leaf”) 3.

HAproxy / Reverse proxy Debian

Hi, Hi, Seems to have a little problem with my SSL config: ... ... # Default SSL material locations ca-base /etc/ssl/certs crt-base /etc/ssl/private # Default ciphers to use on SSL-enabled listening sockets. # For more information, see ciphers(1SSL). This