Many thanks to Ivansceó Krisztián for working on the TPROXY patch for Pound for us, we can finally do SSL termination -> HAProxy -> backend with TPROXY.
http://blog.loadbalancer.org/transparent-proxy-of-ssl-traffic-using-pound-to-haproxy-backend-patch-and-howto/ Patches to Pound are here: http://www.loadbalancer.org/download/PoundSSL-Tproxy/poundtp-2.4.5.tgz Willy, You mentioned that it may be more sensible to do something like: source 0.0.0.0 usesrc hdr(x-forwarded-for) rather than having 2 sets of TPROXY set up.. but I don't think this is possible yet? -- Regards, Malcolm Turnbull. Loadbalancer.org Ltd. Phone: +44 (0)870 443 8779 http://www.loadbalancer.org/
