;cpre
>00204+ mium=false;url=http%3A//www.ZZZ.com/lala HTTP/1.1\r\n
I think that you should urlencode utf8 strings you want to put into URI
or query string.
Check out encodeURIComponent()
--
Brane F. Gračnar
skrbnik aplikacij/applications manager
e: brane.grac...@tsmedia.si
TSmedia, d.o.o.
a: Cigaletova 15, 1000 Ljubljana; Slovenia
t: +386 1 473 00 10
f: +386 1 473 00 16
On 06/26/2012 10:17 AM, Joeri Blokhuis | DongIT wrote:
> Thank you for your reply Bapiste.
>
> My setup is using HTTPS so I can't use your suggestion. Is there any
> other solution when using HTTPS?
Yes, you can put ssl offloader (stud, stunnel, nginx) in front of haproxy.
Cheers, Brane
On 05/14/2012 11:15 AM, Willy Tarreau wrote:
> IPv4 addresses can be cast to IPv6 addresses, so if you need to store
> both IPv4 and IPv6 addresses, just use the IPv6 one and your IPv4 entries
> will automatically be converted when stored :
>
> backend some_backend
> BEGIN: Sessi
10x for great progress!!!
I have a question regarding IP based stick tables. Currently i have the
following setup:
backend some_backend
BEGIN: Session stickyness
stick on src table STICK_some_backend
stick on src6 table STICK6_some_backend
backend STICK_some_backend
On 04/03/2012 08:21 AM, Willy Tarreau wrote:
> The protocol is described here :
>
> http://haproxy.1wt.eu/download/1.5/doc/proxy-protocol.txt
>
> Please let me know whether you're interested, then I'll check where I left
> the patch :-)
Here ya go :)
Best regards, Brane
diff -ru haproxy-1
On 03/29/2012 10:20 PM, Sander Klein wrote:
> Are you sure it's not an config error on the webserver side? I've been
> running dev7 for quite some time and do a lot of IPv6 checks. Never had
> any problems with it.
Same here.
Best regards, Brane
On 03/25/2012 07:55 AM, Aman Gupta wrote:
>>A 1 127.0.0.1:50869 - 127.0.0.1:9418
>>F 1 127.0.0.1:50869 - 127.0.0.1:9418 | 127.0.0.1:50870 - 127.0.0.1:6000
>>C 1 127.0.0.1:50869 - 127.0.0.1:9418
Is it possible to use [IP]:port format? We're already living in IPv6
world...
Best regards,
On 02/10/2012 10:53 AM, Michele Mazzucco wrote:
> Hello Brane,
>
> yes, but that is equivalent to running the script as root... the effective
> user ID is 0.
>
Nope, it's not :) You can configure sudo to allow specific user to run
only "/etc/init.d/haproxy reload" without entering password.
Yo
On 02/10/2012 10:35 AM, Michele Mazzucco wrote:
> Currently my script runs as a root. Would it be possible to restart haproxy
> (e.g. by issuing the command "/etc/init.d/haproxy restart") with lower
> privileges?
> The problem seems to be that I cannot re-bind port 80, unless the script runs
> w
On 01/24/2012 09:55 AM, Łukasz Michalski wrote:
> W dniu 2012-01-23 12:44, Thomas Bender pisze:
> > I have no idea why haproxy stops working from time to time..There is not
> > much traffic on this system and I can not see any reasons (no peaks,
> > etc) why it randomly crashes up to 10 times a
On 01/18/2012 01:59 PM, Agustin Lopez wrote:
>
> Hello!
>
> I will like to know if it is possible set one ACL to filter
> IPv6 addresses. I have read that IPv4 is Ok.
>
> Some like:
>
> frontend
> ...
> acl ipv6_ok src :XXX::0:0:0:0:0/48
Nope, matching ipv6 addr
Hello!
PCRE recently merged JIT support in version 8.20. It seems to provide
some serious performance gains with precompiled regexes, at least
according to http://sljit.sourceforge.net/pcre.html
JIT support must be enabled PCRE at compile time. Are there any plans to
implement PCRE JIT support in
On 12/13/2011 10:43 PM, David Prothero wrote:
> I've been using stunnel with the X-Forwarded-For patch. Is stud preferable to
> stunnel for some reason?
Stunnel usually uses thread-per-connection architecture - as you
probably know this programming model has serious scaling issues. Stud is
single
On 12/13/2011 09:02 PM, John Lauro wrote:
> Been using haproxy for some time… but have not used it with SSL yet.
>
> I do need to preserve the IP address of the original client. So either
> transparent (is that possible when going through stunnel or other and
> haproxy on the same box), or X-For
On Wednesday 23 of November 2011 07:58:26 Willy Tarreau wrote:
> It is possible there are random network issue from time to time, I remember
> that git is particularly sensible to this as I've already had trouble
> cloning kernels in the past.
Willy, have you considered migration of git repository
On Tuesday 25 of October 2011 05:19:39 Amol wrote:
> Hi Brane, this time it worked (the server restarted fine after i added
> those lines) can you please elaborate how adding these lines has affected
> my configuration ? since i still see that on the clients that the php
> variable $_SERVER['HTTPS'
On Monday 24 of October 2011 23:13:54 Amol wrote:
> Thanks Brane for the reply
> but setting these options in my haproxy config
>
> reqidel ^Server-Protocol:
> reqadd Server-Protocol:\ https if src 127.0.0.1
>
> gives me these errors
>
> $ sudo /etc/init.d/haproxy restart
> * Restarting haproxy
On Monday 24 of October 2011 20:48:33 Amol wrote:
> Hi, i was trying to check on my php variables using the following code on
> both my servers
>
> if($_SERVER['HTTPS'])
> echo 'https';
> else
> echo 'Not Https';
>echo "";
> $port = $_SERVER['SERVER_PORT'];
> echo $port;
> echo "";
>
On Monday 24 of October 2011 14:29:07 Danie Weideman wrote:
> Is it possible to loadbalance between two active master ldap servers?
> If so I would like for one to be always persistent.
Something like:
frontend FE_ldap
bind1.2.3.4:389
modetcp
defailt_server BE_ld
On Wednesday 05 of October 2011 20:54:24 Deepak Jha wrote:
> Hi,
>
> I am new to HaProxy, so I need some information regarding HAProxy.
> Basically I want to communicate with HAProxy in a virtual environment.
> This may include requesting it for some data or giving it some data. I
> want to know i
On Monday 03 of October 2011 20:09:17 Hank A. Paulson wrote:
> I am not sure if these counts are exceeding the "never" threshold
>
> 500 when haproxy encounters an unrecoverable internal error, such as a
> memory allocation failure, which should never happen
>
> I am not sure what I
On Wednesday 28 of September 2011 12:06:48 Graeme Donaldson wrote:
> L on some pages. We have stunnel doing the SSL
> in front of HAproxy and app servers behind HAproxy running
> Apache+mod_wsgi. We need to be able to tell the app that a request is
> using SSL, because right now they just see plain
On Tuesday 27 of September 2011 21:13:01 Willy Tarreau wrote:
> Hi Brane,
>
> You can have only one type per stick-table but one stick-table per backend.
> So you can arbitrarily declare that the first backend stores IPv4 addresses
> and the second one stores IPv6 addresses. You can have several (
Hello!
Is there a possibility to use source-based session stickyness when same
backend is shared between many frontends, some with ipv6, some with ipv4
listeners?
Something like:
frontend FE4
bind 127.0.0.1:8001 accept-proxy
default_backend BACK
frontend FE6
bind 127.0
On Wednesday 21 of September 2011 17:30:05 Nick Chalk wrote:
> Afternoon all.
>
> We have come across an interesting problem with HAProxy 1.5-dev7: with
> the config below, the proxy attempts to connect to a real server port
> of twice the virtual server's port.
>
> listen v1
> bind 192.168
On Tuesday 20 of September 2011 02:02:27 Dean Hiller wrote:
> We are running haproxy at amazon and running some load tests and seem to be
> hitting some bottleneck between haproxy and webservers or haproxy itself.
>
> How can you tell when haproxy is maxed out? Will cpu hit 100% or is it
> some o
On Monday 19 of September 2011 06:18:45 Willy Tarreau wrote:
>frontend xxx
>bind 1.2.3.4:80
>bind /var/run/haproxy/sock-xxx accept-proxy
>
> But this requires that the ssl termination supports unix sockets and I
> believe that stud currently does not.
Just a quick question, Wi
On Thursday 08 of September 2011 11:21:34 Finn Arne Gangstad wrote:
> On Thu, Sep 08, 2011 at 07:43:46AM +0200, Willy Tarreau wrote:
> > Hi again,
> >
> > This morning I had an better idea : pass the "config directory" parameter
> > on the command line and have haproxy chdir() to it. That way, eve
On Sunday 14 of August 2011 22:01:53 Jeff Buchbinder wrote:
> I've been working on an "API" patch, where certain functionality is
> exposed over the stats HTTP service. The "fork" where I have been
> working on this is available here:
>
> https://github.com/jbuchbinder/haproxy
>
> The full patch
On Friday 12 of August 2011 20:17:11 Bryan Talbot wrote:
> What are my other options? There are multiple backends so having one
> shared front end and duplicating the backend sections and putting the XFF
> handling there isn't any better. Routing connections through the proxy
> twice for every hi
On Thursday 14 of July 2011 05:10:44 James Bardin wrote:
> > Some IT contracts suck. ;)
>
> Yes, they do :)
I guess your only option is nginx, which supports https upstreams. You can
nginx use nginx_http_upstream_fair
(http://wiki.nginx.org/HttpUpstreamFairModule) module to achieve fair load
d
On Friday 08 of July 2011 23:17:12 Sébastien Estienne wrote:
> http://devblog.bu.mp/introducing-stud ). Today we have the choice between:
> - haproxy 1.4 + patched stunnel
> - haproxy 1.5 dev + stud
> - patched haproxy 1.4 + stud
There is also fourth option:
- patched haproxy 1.4.x + patched stun
On Thursday 07 of July 2011 18:30:10 Sebastien Estienne wrote:
> Hello,
>
> I'd like to use stud https://github.com/bumptech/stud with Haproxy for
> SSL support.
> Stud implement the haproxy proxy protocol, and i'd like to know if
> this will be backported to haproxy 1.4 ?
First, thanks for point
On Thursday 16 of June 2011 09:30:25 Stefano Sasso wrote:
> Hello folks,
> I wrote a simple perl daemon that acts as backend server weight
> watchdog, dynamically change server weight on haproxy configuration
> through its socket.
>
> The daemon polls the backends to a specific url, that should
On Wednesday 15 of June 2011 21:59:34 Igor wrote:
> Got a very long haproxy.conf, is there any way to separate config file
> by using any directive like include *.conf?
I wrote a patch for this some time ago, it applies to 1.4.15 and 1.5-dev6, i'm
using it in production.
http://www.mail-archive.
On Wednesday 15 of June 2011 09:12:00 Willy Tarreau wrote:
> The server address syntax is :
>
> server :
>
> So you should have a colon and not a space before '80' :
>
> 3ffe::21da:7:3c06:7c4c:8215:2:80
>
> Note that the syntax is non-ambiguous because the last colon is mandatory
On Friday 10 of June 2011 16:11:02 Gerd Müller wrote:
> same effect :(
Do you have "option http-server-close" in your backend specification?
Brane
On Wednesday 08 of June 2011 07:42:24 Willy Tarreau wrote:
> Hi all,
>
> The haproxy website was registered among about 300 other ones which
> participates to the world IPv6 day event :
Willy, preparations for IPv6 day would be a really big challenge if HaProxy
would not exist.
Thanks!
Best re
On Monday 06 of June 2011 11:56:05 Georgi Georgiev wrote:
> Hi to all ,
> Yesterday I’ve try to match on regexp from client user-agent and
> redirect it ..
>
> The configuration is on frontend is like this:
> ……
> acl test_match hdr_reg -i user\-agent:\
> test|android|avantgo|blackbe
Hello!
I'd like to use 10 assigned IPs on my nic as source addresses in haproxy
backend section.
I tried this:
backend NAME
# ...
source a.b.c.10
source a.b.c.11
source a.b.c.12
server ...
It seems that only the last source address is picked up. I hav
On Monday 20 of December 2010 18:24:51 Dan McLaughlin wrote:
> I'm looking for a way to get HAProxy to log all traffic for debugging Web
> Services. In particular I want to log the body of HTTP POST's to a web
> service that I'm load balancing. I can temporarily switch over to Apache
> using Dum
On Wednesday 15 of December 2010 23:55:16 you wrote:
> Hi Brane,
>
> I don't know if you saw that but you can already have a "conf.d"
> configuration style in haproxy without any modification of code : haproxy
> accepts several "-f" parameters.
I wasn't aware of that, but i think that patch is no
Hello!
I'd like to create IPv6 enabled stunnel + haproxy setup. It works, but i'm
unable to configure option forwardfor correctly, becouse it doesn't support
IPv6 addresses in except argument. Haproxy and stunnel both run on the same
machine. X-Forwarded-For is therefore always ::1 if option fo
On Wednesday 15 of December 2010 15:18:55 L. Alberto Giménez wrote:
> On 14/12/2010 20:30, Brane F. Gračnar wrote:
> > Hello :)
>
> Hi Brane,
>
> I haven't had time to test your patch, but after a "visual" review made
> some doubts to come up.
It also app
Hello :)
This patch (applies to 1.5-dev3) adds "include" configuration statement to
haproxy configuration parser. I wrote this patch becouse my haproxy
configuration became too big to be simply maintainable and becouse i really
like "conf.d" configuration style.
Usage:
include glob_pattern
I
Hello there!
I was wondering how to push information about SSL session (cipher, strength,
certificate info) to backends. This is usualy done by injecting request
headers before sending request to application servers or webserver handlers.
I've read proxy protocol specification and i don't see a
46 matches
Mail list logo
