Hello,

Thanks for answer. Yes, I would prefer to say no as well but I am not the CTO here ;) I thought about tcpdump as well even if it will kill the performance !


Anyway, I found in the ML archives some relevant informations like this one :


https://www.mail-archive.com/haproxy@formilux.org/msg25964.html


but in my case, it logs nothing. Trying to log the req.len gives a size of 0 for the buffer as well. I did something like that, in the frontend section :


frontend  localnode
    mode                    tcp
#    option                  tcplog
#    log                     global
    bind                    192.168.1.4:4300
    default_backend         uxdaemon
    declare capture request len 80
    tcp-request inspect-delay 3s
#    tcp-request content capture dst len 15
    tcp-request content capture req.payload(0,80) len 80
#    tcp-request content capture req.len len 80
     log-format              "%[capture.req.hdr(0)]"

I tried with and without the

declare capture request len 80

just in case it was required to declared the buffer prior, but I have got nothing but a dash in the logs :/ Too, commented out "option tcp log " and "log global" as well but no changes.

Best regards,
Florent

Le 2018-04-10 02:24, Jonathan Matthews a écrit :
On 10 April 2018 at 00:04,  <flor...@chantret.com> wrote:
Hello everybody,

For an application, I use haproxy in TCP mode but I would need to log, from the main load balancer machine, all the TCP transactions (incoming packets sent to the node then the answer that is sent back from the node to the
client through the haproxy load balancer machine).

Is it possible to do such a thing ? I started to dig in the ML and found few information about capturing the tcp-request, which does not work for now... and I need the response as well... so preferred to ask if someone have got
an experience doing this. Sure, it will have a performance penalty but
exhaustive logging is more important than that and it it the best solution
to avoid a lot of changes in the existing infrastructure we just
load-balanced.

I don't believe this is possible inside haproxy right now.

If I *had* to do this, I'd start by saying "no", and then I'd work out
how to run a tcpdump process on the machine with carefully tuned
filters and a -w parameter. Then I'd drink something strong.

J


Reply via email to