On Thu, May 28, 2015 at 03:20:09PM +0200, Kevin Maziere wrote: > But I'm still thinking that such behaviour will be a good improvement in > haproxy :)
In fact no. There has been a discussion about this a few years ago that could probably be found on the list. Doing so comes with a significant number of shortcomings, the first one being what to do when the spying server slows down. In practice, you can only forward data at the slowest speed of all participants. And that's quite a big problem. Also, I think that using Lua in 1.6 you should be able to achieve something like this at your own risk. In any case if it's only for debugging, haproxy -d does it pretty well to see headers and to report individual connections, and strace is your friend if you want to see the data. Simply run it like this : strace -tt -o log -s 20000 -e trace=sendto -p $(pgrep haproxy) That's what I'm doing when I'm debugging and it has never caused me any trouble. You don't even need root access nor to modify anything on your network. Regards, Willy
