Hi Jarno, thanks for answer. I tried to run the haproxy in debug mode, but I do not see the request headers for the upstream in the log.
But I have found some new facts. Test these 2 scenarios, at this moment there is no valid certs http://web01.test.host.sk/test.php <http://web01.test.host.sk/test.php> https://web01.test.host.sk/test.php look for the X_SERVER_IP X_SERVER_PORT X_CLIENT_IP X_CLIENT_PORT See the difference? For the HTTP, the values are correct, for HTTPS not. I’m running RH SCL HAPROXY. I could try to compile newer version or are there any for CentOS7? regards Peter > On 4 Jul 2019, at 18:42, Jarno Huuskonen <jarno.huusko...@uef.fi> wrote: > > Hi, > > On Thu, Jul 04, Peter Hudec wrote: >> I have maybe found some bug in haproxy, submitted as >> https://github.com/haproxy/haproxy/issues/154 >> <https://github.com/haproxy/haproxy/issues/154>. > > 1.8.4 is fairly old, can you reproduce on more recent 1.8.x or latest 2.0.x ? > >> The variables dst, dst_port are identical with the src, src_port. >> >> Is there any other way how to get these /in this case dst/ values ?? >> >> What do I need is .. >> >> http-request set-header X-Server-IP %[dst] >> http-request set-header X-Server-Port %[dst_port] >> http-request set-header X-Client-IP %[src] >> http-request set-header X-Client-Port %[src_port] >> >> result is ;( >> >> 'HTTP_X_CLIENT_PORT' => '22696', >> 'HTTP_X_CLIENT_IP' => '217.73.20.190', >> 'HTTP_X_SERVER_PORT' => '22696', >> 'HTTP_X_SERVER_IP' => '217.73.20.190’, > > With this simple test config dst, dst_port etc. seem to work for me, does > this config work for you ? > > global > stats socket /tmp/stats level admin > > defaults > mode http > log global > option httplog > > frontend test > bind :8080 > > default_backend test_be > > backend test_be > http-request set-header X-Server-IP %[dst] > http-request set-header X-Server-Port %[dst_port] > http-request set-header X-Client-IP %[src] > http-request set-header X-Client-Port %[src_port] > > server srv1 127.0.0.1:9000 id 1 > > listen yeah > bind ipv4@127.0.0.1 <mailto:ipv4@127.0.0.1>:9000 > http-request deny deny_status 200 > > run with for example haproxy -d -f tmp.conf and > curl http://127.0.0.1:8080 <http://127.0.0.1:8080/> and you should see the > headers from haproxy debug > output. > > -Jarno > > -- > Jarno Huuskonen