Re: DNS Resolver Issues

2019-03-24 Thread Daniel Schneller
start despite having the supposedly never failing 'default-server > init-addr last,libc,none' ? Is it possibly a good feature request to support > re-resolving a dns name for the addr setting as well ? > > Regards, > PiBa-NL (Pieter) > > Op 21-3-2019 om 20:37 schreef Danie

Re: DNS Resolver Issues

2019-03-21 Thread Daniel Schneller
records from the resolver. > > Can you please retest with the updated configuration and report back the > results? > > > Best regards, > > Bruno Henc > > ‐‐‐ Original Message ‐‐‐ > On Thursday, March 21, 2019 12:09 PM, Daniel Schneller

Re: DNS Resolver Issues

2019-03-21 Thread Daniel Schneller
Hello! Friendly bump :) I'd be willing to amend the documentation once I understand what's going on :D Cheers, Daniel > On 18. Mar 2019, at 20:28, Daniel Schneller > wrote: > > Hi everyone! > > I assume I am misunderstanding something, but I cannot figure out what it

DNS Resolver Issues

2019-03-18 Thread Daniel Schneller
systems : epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll. Available filters : [SPOE] spoe [COMP] compression [TRACE] trace -- Daniel Schneller Principal Cl

HAProxy keeps using outdated IPs when backend (ELB) address changes

2018-08-27 Thread Daniel Schneller
poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use epoll. Available filters : [COMP] compression [TRACE] trace [SPOE] spoe - -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH Rheinwerkallee 3 5

Re: Clarification re Timeouts and Session State in the Logs

2018-08-24 Thread Daniel Schneller
. > > On Thu, 23 Aug 2018 9:56 pm Daniel Schneller > <mailto:daniel.schnel...@centerdevice.com>> wrote: > Friendly bump. > I'd volunteer to do some documentation amendments once I understand the issue > better :D > >> On 21. Aug 2018, at 16:17, Daniel Schnelle

Re: Clarification re Timeouts and Session State in the Logs

2018-08-23 Thread Daniel Schneller
Friendly bump. I'd volunteer to do some documentation amendments once I understand the issue better :D > On 21. Aug 2018, at 16:17, Daniel Schneller > wrote: > > Hi! > > I am trying to wrap my head around an issue we are seeing where there are > many HTTP 504 response

Clarification re Timeouts and Session State in the Logs

2018-08-21 Thread Daniel Schneller
it is difficult to tell "who's to blame" for an inactivity timeout without knowledge about the content or final size of the request -- I just need some clarity on how the read the logs :) Thanks! Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice Gmb

Re: Bug when passing variable to mapping function

2018-07-09 Thread Daniel Schneller
example > 'distri.com' and after get_trash_chunk() smp->data.u.str.str > is '\000istri.com'. > > At the moment I don't have time to dig deeper, but hopefully this > helps a little bit. > > -Jarno > > -- > Jarno Huuskonen > > -- -- Daniel Schneller Princip

Bug when passing variable to mapping function

2018-06-25 Thread Daniel Schneller
header changes to: -- X-Distri-Mapped-From-Var: aaistri -- Looks like some off-by-one error? Cheers, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH Rheinwerkallee 3 53227 Bonn www.centerdevice.com ___

Re: Reverse String (or get 2nd level domain sample)?

2018-06-25 Thread Daniel Schneller
earlier versions IMO). Cheers, Daniel > On 25. Jun 2018, at 12:29, Daniel Schneller > wrote: > > Hi! > > Just double checking to make sure I am not simply blind: Is there a way to > reverse a string using a sample converter? > > Background: I need to extract

Reverse String (or get 2nd level domain sample)?

2018-06-25 Thread Daniel Schneller
le, I would like to avoid using maps to keep this thing as generic as possible. Thanks a lot! Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH Rheinwerkallee 3 53227 Bonn www.centerdevice.com __ Geschäftsführung: Dr. Patrick Peschlow, D

Re: 4xx statistics made useless through health checks?

2017-11-21 Thread Daniel Schneller
tp://cbonte.github.io/haproxy-dconv/1.8/snapshot/configuration.html#4.2-monitor-uri > It says it wont log or forward the request.. not sure but maybe stats will > also skip it. Yes, that’s exactly what’s shown in that linked repo. Thanks for chiming in :) > Regards, > PiBa-NL / Pieter > --

Re: 4xx statistics made useless through health checks?

2017-11-21 Thread Daniel Schneller
ot for your thoughts, so far :) Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711| Deutschland daniel.schnel...@centerdevice.de | www.centerdevice.

Re: 4xx statistics made useless through health checks?

2017-11-21 Thread Daniel Schneller
roxy” health checking that does not spoil the counters? Daniel Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711| Deutschland daniel.schnel...@centerdevice.de

4xx statistics made useless through health checks?

2017-11-21 Thread Daniel Schneller
in HTTP response ranges gets totally thrown off by all these health checks. Is there anything I can do to “make them both happy”? Any suggestions would be much appreciated. Thanks, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11

Encrypted Passwords Documentation Patch

2017-11-06 Thread Daniel Schneller
noticeable at all to it almost eating a full core, even for a not very busy site. Tested with 1.6, but this applies to all versions, if I am not mistaken. Cheers, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11

Re: HTTP DELETE command failing

2017-11-02 Thread Daniel Schneller
Hi! Please provide the configuration file (at least the relevant portion) showing frontend/backend and the ACLs. Otherwise it is difficult to judge what’s going on. Regards, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11

Re: Force Sticky session on HaProxy

2017-10-18 Thread Daniel Schneller
e same JSESSIONID gets to the same backend every time. As the information is in the cookie, there is no state to be lost on the haproxy side. Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen te

Re: Question related to gpc0_rate values in stick-table

2017-10-17 Thread Daniel Schneller
easonable starting point to figure out where the issue comes from. Regards, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711| Deutschland dani

Re: Inspect data sent through haproxy and create statistics

2017-09-28 Thread Daniel Schneller
tp-request set-var(txn.op) str(Unkwn) ... http-request set-var(txn.op) str(DocDelMul) if METH_POST rq_path_documents rq_content_type_json rq_body_action_delete# Delete Multiple Documents … Hope that helps. Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH

Re: Enable SSL Forward Secrecy

2017-09-01 Thread Daniel Schneller
Hi,inspired by this, I added a paragraph with links to the documentation.Small patch attached.Cheers,Daniel 0001-DOC-Refer-to-Mozilla-TLS-info-config-generator.patch Description: Binary data -- Daniel SchnellerPrincipal Cloud Engineer CenterDevice GmbH                  | Hochstraße 11           

[PATCH] DOC: Add note about "* " prefix in CSV stats

2017-09-01 Thread Daniel Schneller
Just a little documentation patch I wrote, after stumbling across this:https://github.com/dschneller/bosun/commit/6ca776dd6543d123a135b4a84a5e3e66093c3986 0001-DOC-Add-note-about-prefix-in-CSV-stats.patch Description: Binary data Cheers,Daniel -- Daniel SchnellerPrincipal Cloud Engineer 

Re: Enable SSL Forward Secrecy

2017-08-30 Thread Daniel Schneller
Darn! Looking at the “openssl ciphers” Julian provided earlier, my mind “autocompleted" the missing trailing “E” in ECDH (/me facepalms). Thanks, Cyril, for pointing that out! I was starting to doubt myself here :) Cheers, Daniel -- Daniel Schneller Principal Cloud Engineer CenterD

Re: Enable SSL Forward Secrecy

2017-08-30 Thread Daniel Schneller
ve any real traffic in there. Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711| Deutschland daniel.schnel...@centerdevice.de | www.centerdev

Re: Enable SSL Forward Secrecy

2017-08-30 Thread Daniel Schneller
are proxies/firewalls? Can you post a minimal haproxy config that reproduces the issue? Please verify you can see the requests coming in by checking haproxy’s log. You should be able to at least see the requests being rejected due to bad handshakes. Daniel -- Daniel Schneller Principal Cl

Re: Enable SSL Forward Secrecy

2017-08-30 Thread Daniel Schneller
Ok, so that’s not it. What about the ciphers output? -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711| Deutschland daniel.schnel...@centerdevice.de

Re: Enable SSL Forward Secrecy

2017-08-30 Thread Daniel Schneller
Also, please run haproxy -vv to get some idea about what SSL library it actually uses. -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711| Deutschland

Re: Enable SSL Forward Secrecy

2017-08-30 Thread Daniel Schneller
-AES128-SHA ECDHE-ECDSA-AES128-SHA SRP-DSS-AES-128-CBC-SHA SRP-RSA-AES-128-CBC-SHA SRP-AES-128-CBC-SHA ECDH-RSA-AES128-SHA ECDH-ECDSA-AES128-SHA AES128-SHA PSK-AES128-CBC-SHA Check the output on your load balancer — maybe the OpenSSL version just too old? Regards, Daniel -- Daniel Schneller

Re: Enable SSL Forward Secrecy

2017-08-30 Thread Daniel Schneller
handshakes and go through them — IIRC there is some “FS” vs. “No FS” marker there. Regards, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711

Re: req.cook_cnt() broken?

2017-08-25 Thread Daniel Schneller
1.8, 1.7.9, and 1.6.13 just now. Works as expected with all three. :D Any chance of getting this fix backported to the 1.7 and ideally 1.6 branches? It would come in handy on a production system currently running 1.6 that I cannot easily upgrade to 1.7. Cheers, Daniel -- Daniel S

Re: req.cook_cnt() broken?

2017-08-23 Thread Daniel Schneller
Kindly bumping this during the summer vacation time for potentially new recipients :) > On 21. Aug. 2017, at 21:14, Daniel Schneller > <daniel.schnel...@centerdevice.com> wrote: > > Hi! > > According to the documentation > > req.cook_cnt([]) : integ

req.cook_cnt() broken?

2017-08-21 Thread Daniel Schneller
So without being very C-savvy, this appears to exit early when there is no parameter of type string passed in. I hope someone can shed some light on this. :) Thanks in advance, Daniel -- Daniel Schneller Principal Cloud Engineer CenterD

Re: fields vs word converter, unexpected "0" result

2017-08-01 Thread Daniel Schneller
On 1. Aug. 2017, at 17:32, Holger Just wrote: > GET / HTTP/1.1 > Host: 127.0.0.1:8881 > User-Agent: curl/7.43.0 > Accept: */* > > The HTTP 1.1 specification requires that a Host header is always sent > along with the request. Curl specifically always sends the host from the

fields vs word converter, unexpected "0" result

2017-08-01 Thread Daniel Schneller
in “0” being logged? Ideally, I’d like this to show as “-“, but empty string would be fine, too. But “0” is pretty counter-intuitive. It’s not strictly horrible, but at least it is unexpected and would also collide with cases where the actual 2nd subdomain was called “0”. Is this a bug, or am I d

Re: haproxy does not capture the complete request header host sometimes

2017-06-22 Thread Daniel Schneller
ration files — which may or may not be what you expect when doing minor upgrades. Granted, when you currently use an out-of-range value, you probably _want_ this fix, but still might hit you unexpectedly. It should be made very prominent in the release notes. Cheers, Daniel -- Daniel Sch

Re: truncated request in log lines

2017-05-16 Thread Daniel Schneller
This is a limitation of the syslog protocol, IIRC. -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711| Deutschland daniel.schnel...@centerdevice.de

Re: Automatic Certificate Switching Idea

2017-05-15 Thread Daniel Schneller
> > That's perfect! Your feedback and possible trouble in doing this will > also definitely help! > Oh, if experience tells me one thing, no matter how “straightforward” this may look, there _will_ be trouble ;-) Cheers Daniel -- Daniel Schneller Principal Cloud Engineer

Re: Automatic Certificate Switching Idea

2017-05-12 Thread Daniel Schneller
ot-before” date. Daniel PS: This is an interesting discussion, and I am happy to continue it, if anyone feels the same. As I said, I will try to solve this via provisioning scripts in the meantime, so there is no time pressure. -- Daniel Schneller Princip

Re: Automatic Certificate Switching Idea

2017-05-09 Thread Daniel Schneller
it separated from our specific setup, I might then release it into the wild for the select few who might find it useful :) Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solinge

Re: Passing SNI value ( ssl_fc_sni ) to backend's verifyhost.

2017-05-08 Thread Daniel Schneller
-- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711| Deutschland daniel.schnel...@centerdevice.de | www.centerdevice.de Geschäftsführung: Dr. Patrick Peschlow, Dr

Re: Automatic Certificate Switching Idea

2017-04-30 Thread Daniel Schneller
e: > > HI. > > Am 28-04-2017 09:26, schrieb Daniel Schneller: > >> Hello! >> I am managing a few haproxy instances that each manage a good number of >> domains and do the TLS termination on behalf of what you might call "hosted" >> sites. >&

Automatic Certificate Switching Idea

2017-04-28 Thread Daniel Schneller
-- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711| Deutschland daniel.schnel...@centerdevice.de | www.centerdevice.de Geschäftsführung: Dr. Patrick Peschlow, Dr. Lukas

Re: Certificate order

2017-04-18 Thread Daniel Schneller
. Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711| Deutschland daniel.schnel...@centerdevice.de | www.centerdevice.de Geschäftsführung: Dr. Patrick

Re: SSL Termination or Passthrough

2017-02-17 Thread Daniel Schneller
Damn. I shouldn't respond to questions after midnight :-(. I completely overread this is about client certificates until now. Sorry for missing that, Sam; and thanks Willy for the interesting link. One question comes up for me though, after reading it (unless I am still not awake enough, in

Re: SSL Termination or Passthrough

2017-02-17 Thread Daniel Schneller
l client certificates? Just use >> mode TCP and passthrough? Is there a way to do that without turning off >> hostname verifier at the client level? >> >> Thanks, >> Sam >> >>> On February 17, 2017 at 7:13:23 PM, Daniel Schneller >>> (danie

Re: SSL Termination or Passthrough

2017-02-17 Thread Daniel Schneller
Sam, This not working the way you would like is the corner stone and one of the key features of TLS. It is designed to ensure there is nothing in the middle between the client and the server. If you need to inspect the traffic, by definition you cannot without the clients trusting your

Re: Haproxy issue

2017-02-14 Thread Daniel Schneller
t:8089/> > use_backend rest_services if host_rest_services > backend rest_services > server shstand 10.0.0.2:8089 ssl verify none > So It works > > De : Daniel Schneller [mailto:daniel.schnel...@centerdevice.com] > Envoyé : mardi 14 février 2017 17:17 > À :

Re: Haproxy issue

2017-02-14 Thread Daniel Schneller
a good idea to setup a `default backend` as a way to help > test where your requests are going. > For debugging these kinds of things I usually run haproxy in debug mode: haproxy -d -f haproxy.cfg That way it will echo incoming and outgoing headers. Daniel -- Daniel Schneller Princ

Re: ACL randomly failing

2017-02-13 Thread Daniel Schneller
. So I suggest you make sure first you have exactly one instance running, e. g. with “ps aux | grep haproxy”. Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711

Re: http-send-name-header for response?

2017-02-09 Thread Daniel Schneller
d also delete it from the request in the frontend on the way in to prevent the request from actually sticking to a single server. Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754

Re: Debug Log: Response headers logged before rewriting

2017-02-07 Thread Daniel Schneller
Hello everyone! While I have since figured out what my original problem was, the original question remains. Is this intentional, am I missing something, or both? :) Cheers, Daniel > On 3. Feb. 2017, at 13:40, Daniel Schneller > <daniel.schnel...@centerdevice.com> wr

Debug Log: Response headers logged before rewriting

2017-02-03 Thread Daniel Schneller
more cumbersome to debug, because I need to capture both the server’s and the client’s logs and merge them together. Is there a switch or config setting I am missing that would show what the server actually puts on the wire towards the client? Thanks Daniel -- Daniel Schneller Principal

TLS certificate precedence

2017-01-25 Thread Daniel Schneller
where the domain actually matches one of the the CN / SAN fields? Thanks, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711| Deutschland daniel.schnel.

Re: HAproxy / Reverse proxy Debian

2017-01-12 Thread Daniel Schneller
age. If you want to configure TLS on the mail server / web server itself, there is no need to configure haproxy for TLS at all. Switch it to TCP mode and remove the TLS configuration. That way it will just hand the still encrypted traffic over to nginx. -- Daniel Schneller Principal Cl

Re: HAproxy / Reverse proxy Debian

2017-01-12 Thread Daniel Schneller
Sounds as if you have nginx set up for TLS termination, too. This does not make sense, because haproxy will already have decrypted the traffic. Make sure nginx does not expect https on what in your config would be ip_email_server:888. -- Daniel Schneller Principal Cloud Engineer

Re: HAproxy / Reverse proxy Debian

2017-01-12 Thread Daniel Schneller
Re-adding the list. And: > Do I have to "cat file.key file.crt file.pem > certi.chained.crt" ?? Yes. Though I am not sure what file.crt and file.pem are :) Cheers, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH

Re: HAproxy / Reverse proxy Debian

2017-01-12 Thread Daniel Schneller
. intermediates Make sure to have these files not world-readable as they contain secret crypto material. HTH, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Hochstraße 11 | 42697 Solingen tel: +49 1754155711

Re: Bytes in / out counters for TCP Keepalive Sessions

2016-09-15 Thread Daniel Schneller
.xx and that there is no good way to fix it. Is there any chance of it returning, or should it maybe marked as broken in the docs at least, maybe issue a warning on startup? http://www.serverphorums.com/read.php?10,747628 Thanks :) Daniel -- Daniel Schneller Principal Cloud Engineer

Re: Bytes in / out counters for TCP Keepalive Sessions

2016-09-08 Thread Daniel Schneller
Adding the list back. Sorry for dropping it earlier. > On 8 Sep 2016, at 19:56, PiBa-NL <piba.nl@gmail.com> wrote: > > Hi, > Op 8-9-2016 om 15:43 schreef Daniel Schneller: >>> http://cbonte.github.io/haproxy-dconv/1.7/snapshot/configuration.html#4.2-o

Bytes in / out counters for TCP Keepalive Sessions

2016-09-07 Thread Daniel Schneller
:5672 check on-marked-down shutdown-sessions Is this the expected behavior? If so, is there any configuration option we can change to show “live” stats of bytes flowing through the persistent connections? Thanks! Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH

Re: HTTP 429 Too Many Requests

2016-06-24 Thread Daniel Schneller
in the logs and being nice and readable :-) > On 24 Jun 2016, at 23:13, Cyril Bonté <cyril.bo...@free.fr> wrote: > >> Le 24/06/2016 à 22:57, Daniel Schneller a écrit : >> That is indeed pretty cool :-) >> Would the addition of a header work the way I originally suggeste

Re: HTTP 429 Too Many Requests

2016-06-24 Thread Daniel Schneller
deny_status ] > > Example : > http-request deny deny_status 429 > > [1] > http://www.haproxy.org/git?p=haproxy-1.6.git;a=commit;h=108b1dd69d4e26312af465237487bdb855b0de60 > [2] > http://www.haproxy.org/git?p=haproxy-1.6.git;a=commit;h=60f01f8c89e4fb2723d5a9f2046286e69

HTTP 429 Too Many Requests

2016-06-24 Thread Daniel Schneller
allow me to specify different values for the "Retry-After:" header to inform well-written clients after which time they should come back and try again. Does that sound like a sensible addition? Cheers, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH https://www.centerdevice.de

Re: Compilation problem: haproxy 1.6.5 (latest) on Solaris 11

2016-05-19 Thread Daniel Schneller
On the http://www.haproxy.org homepage there is a link to each version’s repo. Cheers, Daniel > On 19.05.2016, at 15:30, Jonathan Fisher wrote: > > Cool, thanks! > > Where is the git repo for haproxy? having trouble finding the official

Re: nbproc 1 vs >1 performance

2016-04-14 Thread Daniel Schneller
? If so, that would explain some issues I had in the past when quickly iterating config changes and restarting haproxy each time, but sometimes getting results that could only have come from an older config? Thanks, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH

Re: CIDR Notation in ACL -- silent failure

2016-04-12 Thread Daniel Schneller
On 12.04.2016, at 14:07, Willy Tarreau wrote:I will at least provide a documentation patch then, soon.OK.As promised, a few words, hopefully clarifying things in the docs. 0001-DOC-Clarify-IPv4-address-mask-notation-rules.patch Description: Binary data Cheers,Daniel

Re: CIDR Notation in ACL -- silent failure

2016-04-12 Thread Daniel Schneller
will be typos or other accidental mistakes in config files. I might be alone here, but I believe a warning (not a failure) about these rather unorthodox notations being used would improve things :) Thoughts? Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice G

Re: CIDR Notation in ACL -- silent failure

2016-04-09 Thread Daniel Schneller
Hi Pavlos! > On 09.04.2016, at 11:39, Pavlos Parissis <pavlos.paris...@gmail.com> wrote: > > On 08/04/2016 11:59 πμ, Daniel Schneller wrote: >> Hi! >> >> I noticed that while this ACL matches my source IP of 192.168.42.123: >> >> acl src_interna

CIDR Notation in ACL -- silent failure

2016-04-08 Thread Daniel Schneller
. Especially if ACLs are used for actual access control, this can have nasty consequences. What do you think? Cheers, Daniel -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH

Re: Segfault with stick-tables

2016-03-29 Thread Daniel Schneller
SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) Segmentation fault (core dumped) > On 29.03.2016, at 14:16, Daniel Schneller <daniel.schnel...@centerdevice.com> > wrote: > > Hi! > > I am seeing a segfault upon the first request coming through the > c

Segfault with stick-tables

2016-03-29 Thread Daniel Schneller
errors, rerun with: -v ==4628== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0) Segmentation fault (core dumped) -- Daniel Schneller Principal Cloud Engineer CenterDevice GmbH | Merscheider Straße 1 | 42699 Solingen tel: +49

DOC Patch: tune.vars.xxx-max-size

2016-03-21 Thread Daniel Schneller
From 29bddd461c30bc850633350ac81e3c9fd7b56cb8 Mon Sep 17 00:00:00 2001 From: Daniel Schneller <d...@danielschneller.de> Date: Mon, 21 Mar 2016 20:46:57 +0100 Subject: [PATCH] DOC: Clarify tunes.vars.xxx-max-size settings Adds a little more clarity to the description of the maximum

http-request capture id frontend/backend not working?

2016-03-19 Thread Daniel Schneller
Hi! I am trying to capture an HTTP Request Header that gets added under certain circumstances in the backend. From the documentation I understand I can use a capture slot for that. This is what I tried in my stripped down config file: ... frontend fe_http bind 192.168.1.3:80 declare

Re: http-request capture id frontend/backend not working?

2016-03-19 Thread Daniel Schneller
ll bail if it does find a referenced ID that is not declared in the current proxy entry. As my declaration is in the frontend, but the actual capture tries to reference it in the backend, they are in different proxies, making this check fail? Daniel > On 18.03.2016, at 13:43, Daniel Schneller <daniel

Re: SSL backends stopped working

2015-04-23 Thread Daniel Schneller
Have you checked the time/date on the Haproxy host? If they are wrong, the certificate might look bad from HAProxy’s point of view. Daniel -- Daniel Schneller Infrastructure Architect / Developer CenterDevice GmbH On 23.04.2015, at 10:00, i...@linux-web-development.de wrote: -BEGIN