> On Jan 12, 2017, at Jan 12, 5:26 AM, Jürgen Haas
> wrote:
>
> Hi all,
>
> I wonder if I can change the uri that the server receives without doing
> a redirect.
You’re looking for http-request with set-uri or set-path + set-query:
https://cbonte.github.io/haproxy-dconv/1.6/configuration.ht
Hi,
I hope you are doing well. I was reviewing your website, and I noticed that
your company is leading within the Telecom industry.
Wanted to know whether you would be interested in below contact lists:
* Voip, IP PBX, 3CX users
* Avaya, Shoretel, Mitel, Polycom, Digium users
*
On Thu, Jan 12, 2017 at 05:42:35PM +, Carl Pettersson (BN) wrote:
> The interesting thing here is that we could look at the external volume of
> data (it passes through Akamai, without any caching, which lets us see how
> many connections etc they handle before passing it on to us), and it did
>
> On Thu, Jan 12, 2017 at 05:15:41PM +, Carl Pettersson (BN) wrote:
> > > > So, some questions:
> > > > 1. Does it seem reasonable that the orphaned socket could cause this
> > > >behaviour, or are they just a symptom?
> > >
> > > No, orphans have no such effect and your number was so l
On Thu, Jan 12, 2017 at 05:15:41PM +, Carl Pettersson (BN) wrote:
> > > So, some questions:
> > > 1. Does it seem reasonable that the orphaned socket could cause this
> > >behaviour, or are they just a symptom?
> >
> > No, orphans have no such effect and your number was so low that it cann
Hi Willy,
Thanks for having a look at this!
> On Thu, Jan 12, 2017 at 11:34:44AM +, Carl Pettersson (BN) wrote:
> > Hi,
> > We have a haproxy setup consisting of a pair of nodes with keepalived,
> > which then utilize the proxy protocol to pass requests (roundrobin) to
> > a second pair of h
Hi Carl,
On Thu, Jan 12, 2017 at 11:34:44AM +, Carl Pettersson (BN) wrote:
> Hi,
> We have a haproxy setup consisting of a pair of nodes with keepalived, which
> then utilize the proxy protocol to pass requests (roundrobin) to a second
> pair of haproxy nodes. The first pair mainly terminates
On Thu, Jan 12, 2017 at 01:28:06PM +, Patrick Hemmer wrote:
> This change is rather dangerous. It's not unlikely that people will have
> multiple config files in their `/etc/haproxy` directory. Such might
> happen if users keep backups of previous versions when they make a
> change, or if they
Christopher,
I suspect that below you spotted a deeper bug which probably also affects
older versions :
On Thu, Jan 12, 2017 at 04:45:44PM +0100, Christopher Faulet wrote:
> >From 73b8871a5e31004ec305a3eb2cd4747c4f569d5e Mon Sep 17 00:00:00 2001
> From: Christopher Faulet
> Date: Mon, 9 Jan 2017
--
Christopher
>From 73b8871a5e31004ec305a3eb2cd4747c4f569d5e Mon Sep 17 00:00:00 2001
From: Christopher Faulet
Date: Mon, 9 Jan 2017 16:33:19 +0100
Subject: [PATCH] BUG/MINOR: stream: Fix how backend-specific analyzers are set
on a stream
X-Bogosity: Ham, tests=bogofilter, spamicity=0.00,
On Thu, Jan 12, 2017 at 03:14:27PM +, Scott McKeown wrote:
> Doh, that would do it.
> Sorry wrong git branch.
>
> # haproxy -v
> HA-Proxy version 1.8-dev0 2016/11/25
> Copyright 2000-2016 Willy Tarreau
>
> # echo "show info json" | socat /tmp/haproxy.stat stdio | python -m
> json.tool
> [
>
Doh, that would do it.
Sorry wrong git branch.
# haproxy -v
HA-Proxy version 1.8-dev0 2016/11/25
Copyright 2000-2016 Willy Tarreau
# echo "show info json" | socat /tmp/haproxy.stat stdio | python -m
json.tool
[
{
"field": {
"name": "Name",
"pos": 0
},
Title: Re: HAproxy / Reverse proxy Debian
Bonjour Daniel,
From my first post, you can see the config with ssl.
To switch to TCP mode, I have removed:
- All ciphers
- In defaults, I have switch from "mode http" to "mode tcp"
- In frontend email-https, I have remove "reqadd X-Forwarded-Proto:\ ht
> This email server do have ssl/TLS activated.
As I expected. Apparently that iRedMail server uses nginx.
Right now, if you talk to haproxy, it decrypts the traffic and then sends it on
to nginx in plain text. However, on that port nginx expects encrypted traffic —
hence your 400 error message.
On Thu, Jan 12, 2017 at 01:27:37PM +, Scott McKeown wrote:
> Hi Simon,
>
> Output below:
...
Thanks
> On 12 January 2017 at 13:23, Simon Horman wrote:
>
> > Hi Scott,
> >
> > could you send the output of the following?
> >
> > echo "show info json" | socat /tmp/haproxy.stat stdio
> >
> >
Title: Re: HAproxy / Reverse proxy Debian
Bonjour Daniel,
I am not sure to understand.
I am using iRedMail as email server.
This email server do have ssl/TLS activated.
**
listen 888 http2;
ssl on;
ssl_certificate /etc/ssl/certs/cert.chained.crt;
ssl_certificate_key /etc/ss
On 2017/1/12 06:42, Ricardo Fraile wrote:
> Hello,
>
>
> As 1.7 release allow to load multiple files from a directory:
>
>
> https://cbonte.github.io/haproxy-dconv/1.7/management.html
>
> -f : adds to the list of configuration files
> to be loaded. If is a directory, all the files (and only f
Hi Simon,
Output below:
# echo "show info json" | socat /tmp/haproxy.stat stdio
Name: HAProxy
Version: 1.6-dev1
Release_date: 2015/03/11
Nbproc: 1
Process_num: 1
Pid: 1611
Uptime: 0d 0h14m04s
Uptime_sec: 844
Memmax_MB: 0
Ulimit-n: 4037
Maxsock: 4037
Maxconn: 2000
Hard_maxconn: 2000
CurrConns: 1
C
Hi all,
I wonder if I can change the uri that the server receives without doing
a redirect.
Example:
Request from client: https://www.example.com/login/username?p1=something
Request received by server: /login.php?s=username&p1=something
More general:
- if path begins with /login/*[?*]
- add the
Hi Scott,
could you send the output of the following?
echo "show info json" | socat /tmp/haproxy.stat stdio
On Thu, Jan 12, 2017 at 01:18:54PM +, Scott McKeown wrote:
> Hi Guys,
> Sorry for the delay I got tied up with some other issues yesterday but I've
> just finished with Simons git repo
Sorry forgot to show the /tmp/ folder
# ls -latrh /tmp/
total 16K
-rw---. 1 root root0 Jan 9 11:00 yum.log
drwxrwxrwt. 2 root root 4.0K Jan 9 11:21 .ICE-unix
dr-xr-xr-x. 22 root root 4.0K Jan 9 11:21 ..
srw---. 1 root root0 Jan 9 14:39 haproxy.stat
-rw-r--r--. 1 root root
Hi Guys,
Sorry for the delay I got tied up with some other issues yesterday but I've
just finished with Simons git repo pull.
Simon are you sure this is correct as I thought this was for a 1.8-dev
build which could be why I had problems on Tuesday.
# haproxy -v
HA-Proxy version 1.6-dev1 2015/03/11
Sounds as if you have nginx set up for TLS termination, too.
This does not make sense, because haproxy will already have decrypted the
traffic.
Make sure nginx does not expect https on what in your config would be
ip_email_server:888.
--
Daniel Schneller
Principal Cloud Engineer
CenterDevic
Title: Re: HAproxy / Reverse proxy Debian
Bonjour Daniel,
I have resolved my problem, HAproxy do start now (ssl ok).
But when trying to reach my email server, I now do have a:
400 Bad gateway - The plain HTTP request was sent to HTTPS port - Nginx
It should not be the case because 'reqadd x-fo
Re-adding the list.
And:
> Do I have to "cat file.key file.crt file.pem > certi.chained.crt" ??
Yes. Though I am not sure what file.crt and file.pem are :)
Cheers,
Daniel
--
Daniel Schneller
Principal Cloud Engineer
CenterDevice GmbH | Hochstraße 11
Hello,
As 1.7 release allow to load multiple files from a directory:
https://cbonte.github.io/haproxy-dconv/1.7/management.html
-f : adds to the list of configuration files
to be loaded. If is a directory, all the files (and only files)
it contains are added in lexical order (using LC_COLL
Hi,
We have a haproxy setup consisting of a pair of nodes with keepalived, which
then utilize the proxy protocol to pass requests (roundrobin) to a second pair
of haproxy nodes. The first pair mainly terminates SSL and serves as a highly
available entrypoint, while second pair does all the logic
On Wed, Jan 11, 2017 at 12:17:26PM +0100, Willy Tarreau wrote:
> On Mon, Jan 09, 2017 at 08:47:17PM +, Robin H. Johnson wrote:
> > Maybe Willy would considering changing the name of the matches to 'prefix'
> > & 'suffix' instead of 'beg' & 'end', and just keep beg/end as legacy.
> Another appro
Thierry,
always helps to know the haproxy version you use.
As for your error message, do you have private key, your site’s certificate and
all necessary chain certificates in the crt files you reference in your config?
IIRC they need to be in the order
1. key
2. site cert (“leaf”)
3. intermedi
Hi,
Hi,
Seems to have a little problem with my SSL config:
...
...
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# Default ciphers to use on SSL-enabled listening sockets.
# For more information, see ciphers(1SSL). This l
30 matches
Mail list logo