[SPAM] Special Nonprofit Program. Dell Recertified Laptops & Desktops. Three Year Warranty.

2015-07-21 Thread Nonprofit Computers 

  

  

  
  

  

  
  

  

  



 



Click HERE to unsubscribe from our list

unsubscribe

2015-07-21 Thread Peter Mellquist

Service down with TCP

2015-07-21 Thread Thibault LABRUT 
Hello,

I implemented the tcp flow at my haproxy .

The problem is that since haproxy service stops after 5 minutes.

I have seen rine especially in logs except this:

kernel: Traps : haproxy [ 11939 ] Common IP protection : 7fe1ddc19f1a sp : 
7fff12c2d580 error: 0 in haproxy [ + 7fe1ddbd5000 b6000 ]
haproxy - systemd -wrapper : haproxy - systemd -wrapper : exit , haproxy RC = 0

Here is a sample configuration:

frontend tcp_33101
fashion tcp
tcplog option
option tcpka
capture request header Host len 200
bind 192.168.100.98:33101
default_backend prod_tools_tcp_33101

backend prod_tools_tcp_33101
fashion tcp
tcplog option
option tcpka
server srv- prod_tools_tcp_33101-01 XXX.XXX.XXX.XXX:33101 check weight 100

Best regards,

Thibault

unsubscribe

2015-07-21 Thread Christopher Opena

Re: Haproxy 1.5.9 logging

2015-07-21 Thread Baptiste 
Simply use the same statement to choose the severity level based on ACLs.
It works on both http-request and http-response.

Baptiste



On Sun, Jul 19, 2015 at 10:53 AM, Haim Ari  wrote:

>  Thank you it works.
> What would be the best way to separate each log type to different log
> files:
>
> 1. Errors
> 2. testing
> 3. some other acl...
>
> Thanks again
>
> On 07/14/2015 03:30 PM, Baptiste wrote:
>
> On Tue, Jul 14, 2015 at 10:57 AM, Haim Ari  
>  wrote:
>
>  Hello,
>
> How can log requests only if path begins with /testing
> I already use acl with path_beg to redirect to a backend.
>
> How can i use the same method for logging ? (or any other way for the above)
>
> Thank you,
> Haim
>
>
>  hi Aim,
>
> Simply use the statement "http-request set-log-level", like:
> http-request set-log-level silent unless { path_beg -i /testing }
>
> Baptiste
>
>
>
>
> --
>
> Haim Ari */* SysOps Manager
>
> M: 972.584563032 */* T: 972.722288367
>

RE: cookie prefix strange behavior

2015-07-21 Thread mlist 
It can make repeatable the test case per this issue. I do not know what is the 
problem, so I tell you situation in which this issue arise:


1.   I Set persistence method "cookie prefix" on haproxy for an application 
cookie (as ASP.NET_SessionId)

2.   I opened two or three Chrome session with some web pages different 
from the target application site for which we get this issue

3.   On one of these Chrome session, with ctrl-shift-N we opened an 
incognito Chrome entering the application URL

4.   Login on the application page and navigate on some pages / funtions to 
see if persistence works well (no problem for this session)

5.   I opened a new normal Chrome session entering the application URL . 
this session break out the issue

Sometimes the session at (5.) reuses the cookie for session at (4.), so no 
issue, as all Crome session share the some session with the application server. 
Often the new session send the strange cookie without server request to 
Set-Cookie, generating the issue.

I hope this can help you.
Best regards


Roberto



From: mlist
Sent: lunedì 20 luglio 2015 15.09
To: 'Willy Tarreau'
Cc: 'Baptiste'; haproxy@formilux.org
Subject: RE: cookie prefix strange behavior


I tested with 1.5.14. I think this is not a regression. The error is the same.



But using insert instead of prefix, also with 1.5.6 the strange cookie is 
managed in different manner "strange cookie" has a prefix, probably taken by 
old haproxy connection with prefix, this old cookie is marked ---NI instead of 
---IN and haproxy now configured with insert instead of prefix, insert a cookie 
so all works well. I think this is a bug or something you can manage in 
haproxy. If not only cookie insert can be used to have a robust cookie / 
session management with haproxy.



And more... Can be used sticky table as insert mode ? without specify an 
application cookie ?





This is the BLOCK1

Jul 20 14:39:49 haproxy_machine haproxy[2846]: 172.16.3.122:7144 
[20/Jul/2015:14:39:49.411] front_end~ back_end/SERVER1 132/0/1/89/222 302 541 
ASP.NET_SessionId=SERVER1_https~3k5uin550flaxa55dl1twd45 
ASP.NET_SessionId=qbasnn45mfhxi155lyncbw45 --NI 1/1/0/1/0 0/0 "GET /app1/ 
HTTP/1.1"

Jul 20 14:39:49 haproxy_machine haproxy[2846]: 172.16.3.122:7144 
[20/Jul/2015:14:39:49.633] front_end~ back_end/SERVER1 3/0/1/11/15 200 6444 
ASP.NET_SessionId=qbasnn45mfhxi155lyncbw45 - --VN 1/1/0/1/0 0/0 "GET 
/app1/login.aspx HTTP/1.1"

Jul 20 14:39:49 haproxy_machine haproxy[2846]: 172.16.3.122:7144 
[20/Jul/2015:14:39:49.649] front_end~ back_end/SERVER1 7/0/1/6/14 304 184 
ASP.NET_SessionId=qbasnn45mfhxi155lyncbw45 - --VN 1/1/0/1/0 0/0 "GET 
/app1/templatelibrary/menutop/templatenoheader.css HTTP/1.1"

Jul 20 14:39:49 haproxy_machine haproxy[2846]: 172.16.3.122:7144 
[20/Jul/2015:14:39:49.664] front_end~ back_end/SERVER1 1/0/1/9/11 304 184 
ASP.NET_SessionId=qbasnn45mfhxi155lyncbw45 - --VN 3/3/1/2/0 0/0 "GET 
/app1/templatelibrary/menutop/img/logoheader/logo.gif HTTP/1.1"

Jul 20 14:39:49 haproxy_machine haproxy[2846]: 172.16.3.122:7146 
[20/Jul/2015:14:39:49.664] front_end~ back_end/SERVER1 2/0/1/11/14 304 184 
ASP.NET_SessionId=qbasnn45mfhxi155lyncbw45 - --VN 3/3/0/1/0 0/0 "GET 
/app1/templatelibrary/menutop/common.css HTTP/1.1"

Jul 20 14:39:49 haproxy_machine haproxy[2846]: 172.16.3.122:7144 
[20/Jul/2015:14:39:49.675] front_end~ back_end/SERVER1 8/0/1/8/17 304 184 
ASP.NET_SessionId=qbasnn45mfhxi155lyncbw45 - --VN 3/3/1/2/0 0/0 "GET 
/app1/templatelibrary/menutop/aps/jquery-ui-1.10.3.custom.min.css HTTP/1.1"

Jul 20 14:39:49 haproxy_machine haproxy[2846]: 172.16.3.122:7146 
[20/Jul/2015:14:39:49.679] front_end~ back_end/SERVER1 3/0/1/14/18 304 184 
ASP.NET_SessionId=qbasnn45mfhxi155lyncbw45 - --VN 3/3/0/1/0 0/0 "GET 
/app1/templatelibrary/menutop/jquery.multiselect.css HTTP/1.1"

Jul 20 14:39:56 haproxy_machine haproxy[2846]: 172.16.3.122:7146 
[20/Jul/2015:14:39:49.697] front_end~ back_end/SERVER1 6495/0/3/132/6630 302 
6481 ASP.NET_SessionId=qbasnn45mfhxi155lyncbw45 - --VN 3/3/0/1/0 0/0 "POST 
/app1/login.aspx HTTP/1.1"

Jul 20 14:39:56 haproxy_machine haproxy[2846]: 172.16.3.122:7146 
[20/Jul/2015:14:39:56.327] front_end~ back_end/SERVER1 3/0/1/138/143 200 21668 
ASP.NET_SessionId=qbasnn45mfhxi155lyncbw45 - --VN 3/3/0/0/0 0/0 "GET /app1/ 
HTTP/1.1"

Jul 20 14:39:56 haproxy_machine haproxy[2846]: 172.16.3.122:7159 
[20/Jul/2015:14:39:56.486] front_end~ back_end/SERVER1 4/0/1/1/6 304 184 
ASP.NET_SessionId=qbasnn45mfhxi155lyncbw45 - --VN 6/6/3/4/0 0/0 "GET 
/app1/templatelibrary/menutop/img/module5.gif HTTP/1.1"

Jul 20 14:39:56 haproxy_machine haproxy[2846]: 172.16.3.122:7144 
[20/Jul/2015:14:39:49.692] front_end~ back_end/SERVER1 6796/0/1/9/6806 304 184 
ASP.NET_SessionId=qbasnn45mfhxi155lyncbw45 - --VN 6/6/3/4/0 0/0 "GET 
/app1/templatelibrary/menutop/img/homebackground/proclist.jpg HTTP/1.1"

Jul 20 14:39:56 haproxy_machine haproxy[2846]: 172.16.3.122:7159 
[20/Jul/2015:14:39:56.493] front_end~ back_end/SERVER1 1

Re: ocsp

2015-07-21 Thread Marc-Antoine 
Hi Lukas,

I used only one pem file per frontend instead of pem directory :

frontend cluster1:443
bind 1.2.3.4:443 ssl crt /home/provisionning/cluster1.d/8640.pem
default_backend cluster1

Regards,

On Mon, 20 Jul 2015 20:18:10 +0200,
Lukas Tribus  wrote :

> > Hi Lukas,
> >
> > I made a mistake in my previous email : it works locally AND remotely !
> 
> What fixed the problem? This may be useful for others as well.
> 
> 
> Lukas
> 
> 

-- 
Marc-Antoine