Hi Christopher.

Am 16-02-2017 10:18, schrieb Christopher Faulet:
Le 15/02/2017 à 02:43, Aleksandar Lazic a écrit :

Due to the fact that I like this SPOE I have started to write about it


Is the concept displayed correct in the picture?
Are the data (tcp, http-header, http-body) quoted when HAProxy send it
to the SPOEA?

I'm interested to create a spoea for https://modsecurity.org/ do anyone
else see a need for this?

Hi Aleks,

Nice to see someone interested by the SPOE and by implementing a
service using it. Your picture is correct.

Thank you for the confirmation.

The protocol used to communicate with agents (the SPOP) is a binary
protocol. So data are not quoted.

Ah okay.

About the modsecurity, it is definitely a good candidate for a SPOA.
Note that for now, it is not possible to send all the HTTP request
(Header + Body). With the option "http-buffer-request", you could
handle simple/small requests. But it will not work for chunked or too
big payloads.

Thanks for info.

For now, I'm working on SPOE improvements. The current version is an
"experimental" version with many flaws and limited features. But the
payload filtering is definitely on the roadmap (without deadline
however). This requires changes in the HTTP parser, so it is a bit
tricky. And new sample fetches need to be added. So there is still a
lot of work before you can implement a fully functional WAF. But I'm
on it and all help/suggestion/remarks are welcome :)

Well due to the implementation of http/2 I'm sure the will be also some changes in the HTTP parser ;-).

Do you think that there will be also big changes in the protocol?


Reply via email to