Hi Guys!
I'm playing with haproxy + nginx-naxsi setup, as described here:
http://blog.haproxy.com/2012/10/16/high-performance-waf-platform-with-naxsi-and-haproxy/
BTW Thanx Baptiste for posting this.
I try to connect to and from nginx via UDS. It works very well and
faster than via tcp ;-)
My question is: is there elegant way to detect if connection is via UDS?
In frontend i have:
bind :24000
bind unix@/var/run/haproxy.24000 mode 666
I need to skip WAF backend if connection to this frontend is via UDS
(already WAF scanned).
All I found is:
so_id : integer
Returns an integer containing the current listening socket's id. It
is useful in frontends involving many "bind" lines, or to stick all
users coming via a same socket to the same server.
But it seems not elegant to me. If I somehow change order of 'bind'
lines or add another, I need to recheck all so_id configuration then.
I'm missing something?
Thank You & best regards
Piotr Rybicki
P.S. nginx-naxsi is quite fast, faster than haproxy itself - with base
WAF ruleset ;-)
