I've solved my problem (many thansk to John) but now I've another problem
with url rewrite/redirection.
I need that www.domain.tld is redirected to www.domain.tld/folder/index.jsp
(I'm using resin behind haproxy).
Here's my cfg:
acl addr1 path_end /
redirect location /dnshst/index.jsp if addr1
It work but If I try to login, sometimes work, some time I obtain this url:
www.domain.tld/index.jsp (and not www.domain.tld/folder/index.jsp)
Have you got ideas on how to do it properly (my backend is in http mode with
cookie by SERVERID).
Thanks,
Carlo
-----Messaggio originale-----
Da: "L. Alberto Giménez" [mailto:agimenez-hapr...@sysvalve.homelinux.net]
Inviato: martedì 12 maggio 2009 23.06
A: Carlo Granisso
Cc: haproxy@formilux.org
Oggetto: Re: Transparent proxy
Carlo Granisso wrote:
> Hello everybody, I have a problem with haproxy (1.3.17) and kernel
> 2.6.29
>
> I have successfully recompiled my kernel with TPROXY modules and
> installed haproxy (compiled from source with tproxy option enabled)
> and installed iptables 1.4.3 (that have tproxy patch).
> Now I can't use transparent proxy function: if I leave in haproxy.cfg
> this line "source 0.0.0.0 usesrc clientip" haproxy say "503 - Service
> unavailable".
> If I comment out the line, everything work fine (without transparent
proxy).
>
> My situation:
>
> haproxy with two ethernet device: first one for public IP, sceond one
> for private IP (192.168.XX.XX) two web server with one ethernet for
> each one connected to my private network.
>
>
>
> Have you got ideas or you can provide me examples
Hi, I've just set up a transparent proxy with kernel 2.6.28 (the first one
with official tproxy support) and haproxy 1.3.15 (the version Debian comes
with, but rebuilding the package with the tproxy linux option enabled).
Just make sure your backends route their outgoing traffic through the load
balancer, since the response packets with the "fake" address MUST be seen by
the load blancer box to undo the transparent-proxy magic.
Regards,
L. Alberto Giménez
No virus found in this incoming message.
Checked by AVG - www.avg.com
Version: 8.5.325 / Virus Database: 270.12.25/2109 - Release Date: 05/11/09
16:14:00
