Hi Jinge,

Im not exactly sure how this is supposed to work.. did manage to get transparent proxy for the server side working.. (the server is presented with a connection from original client ip.) This works with haproxy 1.5dev19 on FreeBSD8.3 with help of some ipfw fwd rules..

Your config also seams to be working (used some parts their-of to test..)

Did require the following ipfw rule for me..:
    ipfw add 90 fwd localhost tcp from any to any 2222 in recv em1
Actually on pfSense it also needs "-x haproxy" as it is a bit customized.. And because i run 'ipfw' combined with 'pf' i also needed to configure pf with floating 'pass on match' rules to allow the 'strange traffic'.. That pf cannot handle..

If you however have FreeBSD 9 you might want to look into the divert-to rules that pf can make. Might make stuff simpler if it turns out to work..

Please report back your required settings (&config if it changes) when you manage to get it working.

Greetings PiBa-NL

Op 9-7-2013 12:55, jinge schreef:

We use haproxy and FreeBSD for our cache system. And we want to use the transparent option http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4-option%20transparent which for some compatiable things.
But found it doest work. Here is the configure which worked in Ubuntu.

frontend tcp-in
        bind :2222
        mode tcp
        log global
        option tcplog

        #distingush HTTP and non-HTTP
        tcp-request inspect-delay 30s
        tcp-request content accept if HTTP

        default_backend Direct

backend Direct
        mode tcp
        log global
        option tcplog
        no option httpclose
        no option http-server-close
        no option accept-invalid-http-response
        option transparent

Can anyone tell my if is the FreeBSD can not support transparent here or my configure is not correct ? And how to make transparent work right.



Reply via email to