Re: Increased CPU usage after upgrading 1.5.15 to 1.5.16

2016-04-08 Thread Willy Tarreau
On Fri, Apr 08, 2016 at 03:15:22PM +0200, Janusz Dziemidowicz wrote: > 2016-04-07 17:47 GMT+02:00 Willy Tarreau : > > If someone who can reliably reproduce the issue could check whether 1.6 has > > the same issue, it would help me cut the problem in half. That obviously > > excludes

Re: Conditionally include unique-id-header

2016-04-08 Thread Thierry FOURNIER
It is avalaible in the development version (1.7dev). Thierry On Fri, 8 Apr 2016 16:23:44 + Scott Rankin wrote: > Hi Thierry, > > Thanks for the suggestion - but the %[unique-id] variable is empty when I use > the config below. I’m using HAProxy 1.6.4. Did you have to

Re: [PATCH] CLEANUP: .gitignore cleanup

2016-04-08 Thread Vincent Bernat
❦ 8 avril 2016 22:22 +0200, Vincent Bernat  : > .gitignore is an odd beast. All the stuff at the beginning is useless > since in the bottom part starts with /.* and /*. Therefore, the top part > is useless. Moreover, the bottom part makes unignore *.o and > friends. Add it back

[PATCH] CLEANUP: .gitignore cleanup

2016-04-08 Thread Vincent Bernat
From: Vincent Bernat .gitignore is an odd beast. All the stuff at the beginning is useless since in the bottom part starts with /.* and /*. Therefore, the top part is useless. Moreover, the bottom part makes unignore *.o and friends. Add it back at the bottom. --- .gitignore

[PATCH 2/2] BUG/MEDIUM: dns: fix alignment issue when building DNS queries

2016-04-08 Thread Vincent Bernat
From: Vincent Bernat On some architectures, unaligned access is not authorized. On most architectures, it is just slower. Therefore, we have to use memcpy() when an unaligned access is needed, specifically when writing the qinfo. Also remove the unaligned access when reading

[PATCH 1/2] BUG/MINOR: dns: fix DNS header definition

2016-04-08 Thread Vincent Bernat
From: Vincent Bernat Conforming to RFC 2535, section 6.1. This is not an important bug as those fields don't seem to be set to something else than 0 and to be checked on answers. --- include/types/dns.h | 14 +++--- 1 file changed, 7 insertions(+), 7 deletions(-)

Re: Conditionally include unique-id-header

2016-04-08 Thread Scott Rankin
Hi Thierry, Thanks for the suggestion - but the %[unique-id] variable is empty when I use the config below. I’m using HAProxy 1.6.4. Did you have to do anything else to get that to show up? Thanks! Scott On 4/8/16, 12:04 PM, "Thierry FOURNIER" wrote: >Hi, >

Re: Conditionally include unique-id-header

2016-04-08 Thread Thierry FOURNIER
Hi, I ve just submit a sample which returns the content of the unique-id. So, you can write: unique-id-format %{+X}o\ %ci-%cp-%rt-%pid-%Ts%fp acl unique_id_missing hdr_cnt(X-Unique-ID) eq 0 http-request add-header X-Unique-ID %[unique-id] if unique_id_missing Thierry On Fri, 8 Apr

Conditionally include unique-id-header

2016-04-08 Thread Scott Rankin
Hi all, I’m trying to replicate functionality from a previous load balancer in HAProxy, and the final sticking point seems to be the unique ID header. I found the unique-id-header and unique-id-format commands, which are great, but what I want to do is only add a unique-id-header if there is

Re: Increased CPU usage after upgrading 1.5.15 to 1.5.16

2016-04-08 Thread Janusz Dziemidowicz
2016-04-07 17:47 GMT+02:00 Willy Tarreau : > If someone who can reliably reproduce the issue could check whether 1.6 has > the same issue, it would help me cut the problem in half. That obviously > excludes all those running sensitive production of course. I can try to test 1.6 next

LUA: Skip HTTP headers and forward TCP traffic

2016-04-08 Thread Florian Aßmann
Hi everybody, I try to connect to an SSH process via proxytunnel. The incoming request carries normal HTTP headers that I have to skip those in order to forward further encrypted SSH traffic to an SSH process. I thought I could tackle this task using Lua and register_action, but since it’s my

[PATCH 1/4]: BUG/MINOR : server: risk of over reading the pref_net array.

2016-04-08 Thread David CARLIER
Hi, here a first patch among a small patchset. Kind regards. From 65b5807cfbdebf28f01695fa02a34cd0353d4212 Mon Sep 17 00:00:00 2001 From: David Carlier Date: Fri, 8 Apr 2016 10:26:44 +0100 Subject: [PATCH 1/4] BUG/MINOR: server: risk of over reading the pref_net array.

[PATCH 4/4]: CLEANUP: proto_uxst: initialize socket before setting.

2016-04-08 Thread David CARLIER
Hi, This one might not find this way as it might then having a performance hit, I was outweighting the outcome for this patch myself ... We ll see. Regards. From f8713e332f99aee682ef12c7bbbc39766be3d3ff Mon Sep 17 00:00:00 2001 From: David Carlier Date: Fri, 8 Apr 2016

CIDR Notation in ACL -- silent failure

2016-04-08 Thread Daniel Schneller
Hi! I noticed that while this ACL matches my source IP of 192.168.42.123: acl src_internal_net src 192.168.42.0/24 this one does _not_: acl src_internal_net src 192.168.42/24 While not strictly part of RFC 4632 (yet), leaving out trailing .0 octets is a very common notation and is

Re: ssl offloading

2016-04-08 Thread Gerd Mueller
wow! Thanks, again Gerd Weitergeleitete Nachricht Von: Pavlos Parissis An: Andrew Hayworth , Gerd Mueller Kopie: haproxy@formilux.org Betreff: Re: ssl offloading Datum: Sun, 3 Apr 2016