date:20170824

Re: Will HAProxy community supports mailers section?

2017-08-24 Thread Rajesh Kolli

Hi,

I am using latest version.

[root@DS-11-82-R7-CLST-Node1 ~]# haproxy -v

HA-Proxy version 1.7.8 2017/07/07
Copyright 2000-2017 Willy Tarreau 



On Thu, Aug 24, 2017 at 6:59 PM, Jérôme Magnin  wrote:

> On Thu, Aug 24, 2017 at 06:50:51PM +0530, Rajesh Kolli wrote:
> > Hi Daniel,
> >
> > Thanks for your quick response...
> >
> > i am getting this error if i use mailers section in my configuration.
> > 
> -
> > [root@DS-11-82-R7-CLST-Node1 ~]# systemctl status haproxy.service -l
> > haproxy.service - HAProxy Load Balancer
> >Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled)
> >Active: inactive (dead) since Thu 2017-08-24 18:43:23 IST; 4s ago
> >   Process: 6511 ExecStart=/usr/sbin/haproxy-systemd-wrapper -f
> > /etc/haproxy/haproxy.cfg -p /run/haproxy.pid (code=exited,
> status=0/SUCCESS)
> >  Main PID: 6511 (code=exited, status=0/SUCCESS)
> >
> > Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 systemd[1]: Starting HAProxy Load
> > Balancer...
> > Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 systemd[1]: Started HAProxy Load
> > Balancer.
> > Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> > [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:81] :
> unknown
> > keyword 'mailers' in 'listen' section
> > Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> > [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:82] :
> unknown
> > keyword 'mailer' in 'listen' section
> > Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> > [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:117] :
> > unknown keyword 'email-alert' in 'backend' section
> > Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> > [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:119] :
> > unknown keyword 'email-alert' in 'backend' section
> > Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> > [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:120] :
> > unknown keyword 'email-alert' in 'backend' section
> > Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> > [ALERT] 235/184323 (6512) : Error(s) found in configuration file :
> > /etc/haproxy/haproxy.cfg
> > Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> > [ALERT] 235/184323 (6512) : Fatal errors found in configuration.
> > Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> > haproxy-systemd-wrapper: exit, haproxy RC=256
> >
>
> Hello Rajesh,
>
> you are most likely running a version in which mailers is not implemented
> (<1.6).
>
> Jérôme
>



-- 




*Thanks & RegardsRajesh Kolli*

RE: HAProxy 1.7.8 compile problem with new OpenSSL

2017-08-24 Thread Denis Astahov

I
n case you still need it:



# Install required libraries
sudo yum -y update
sudo yum -y install make gcc perl pcre-devel zlib-devel openssl-devel

# Install Updated Openssl-1.1.0f
wget https://www.openssl.org/source/openssl-1.1.0f.tar.gz
tar -zxf openssl-1.1.0f.tar.gz
cd openssl-1.1.0f
./config
make
sudo make install
sudo cp -f /usr/local/bin/openssl/usr/bin
sudo cp -f /usr/local/lib64/libssl.so.1.1/usr/lib64
sudo cp -f /usr/local/lib64/libcrypto.so.1.1 /usr/lib64
cd /usr/lib64
sudo ln -sf libssl.so.1.1libssl.so
sudo ln -sf libcrypto.so.1.1 libcrypto.so
sudo ldconfig

# Install HAProxy 1.5 and Upgrade to 1.7
sudo yum -y install haproxy  # Install Generic Version (1.5) this will
create necessary folders, config files, etc.
wget https://www.haproxy.org/download/1.7/src/haproxy-1.7.8.tar.gz
tar -xzf haproxy-1.7.8.tar.gz
cd haproxy-1.7.8
make TARGET=linux2628 USE_PCRE=1 USE_PCRE_JIT=1 USE_OPENSSL=1 USE_ZLIB=1
USE_REGPARM=1
sudo make install
sudo cp -f /usr/local/sbin/haproxy /usr/sbin   # Overwrite version 1.5
with new 1.7
sudo service haproxy start
sudo chkconfig haproxy on




Respectfully,

*Denis Astahov*

RE: HAProxy 1.7.8 compile problem with new OpenSSL

2017-08-24 Thread Norman Branitsky

Thanks.
I see you solved the problem by copying the new version directly to /usr/bin 
and /usr/lib64.

I did this:

tar xvf /apps/Config/openssl-1.0.2-latest.tar.gz

cd openssl-1.0.2l

./config shared

make

make install

echo /usr/local/ssl/lib > /etc/ld.so.conf.d/libssl.conf

ldconfig

cd /tmp

tar xvf /apps/Config/haproxy-1.7.9.tar.gz

cd haproxy-1.7.9

yum install pcre-devel openssl-devel (If necessary.)

make TARGET=linux2628 USE_PCRE=1 USE_SLZ=1 USE_OPENSSL=1 
SSL_INC=/usr/local/ssl/include/openssl SSL_LIB=/usr/local/ssl/lib

make install

My main problem was the missing “shared” option for the “./config” command.

I see you use the following 2 make options:

USE_PCRE_JIT=1 USE_REGPARM=1

I didn’t notice them in the docs.
Are they recommended?

From: Denis Astahov [mailto:de...@trinimbus.com]
Sent: August-24-17 11:26 AM
To: Norman Branitsky 
Cc: haproxy@formilux.org
Subject: RE: HAProxy 1.7.8 compile problem with new OpenSSL

In case you still need it:

# Install required libraries
sudo yum -y update
sudo yum -y install make gcc perl pcre-devel zlib-devel openssl-devel

# Install Updated Openssl-1.1.0f
wget https://www.openssl.org/source/openssl-1.1.0f.tar.gz
tar -zxf openssl-1.1.0f.tar.gz
cd openssl-1.1.0f
./config
make
sudo make install
sudo cp -f /usr/local/bin/openssl/usr/bin
sudo cp -f /usr/local/lib64/libssl.so.1.1/usr/lib64
sudo cp -f /usr/local/lib64/libcrypto.so.1.1 /usr/lib64
cd /usr/lib64
sudo ln -sf libssl.so.1.1libssl.so
sudo ln -sf libcrypto.so.1.1 libcrypto.so
sudo ldconfig

# Install HAProxy 1.5 and Upgrade to 1.7
sudo yum -y install haproxy  # Install Generic Version (1.5) this will create 
necessary folders, config files, etc.
wget https://www.haproxy.org/download/1.7/src/haproxy-1.7.8.tar.gz
tar -xzf haproxy-1.7.8.tar.gz
cd haproxy-1.7.8
make TARGET=linux2628 USE_PCRE=1 USE_PCRE_JIT=1 USE_OPENSSL=1 USE_ZLIB=1 
USE_REGPARM=1
sudo make install
sudo cp -f /usr/local/sbin/haproxy /usr/sbin   # Overwrite version 1.5 with 
new 1.7
sudo service haproxy start
sudo chkconfig haproxy on

Respectfully,

Denis Astahov

Re: Will HAProxy community supports mailers section?

2017-08-24 Thread Frederic Lecaille


On 08/24/2017 03:35 PM, Rajesh Kolli wrote:

Hi Daniel,

I have changed my config file according to you, even though i am getting
the same error.
-
haproxy.service - HAProxy Load Balancer
   Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled)
   Active: inactive (dead) since Thu 2017-08-24 19:04:14 IST; 6s ago
  Process: 7641 ExecStart=/usr/sbin/haproxy-systemd-wrapper -f
/etc/haproxy/haproxy.cfg -p /run/haproxy.pid (code=exited, status=0/SUCCESS)
 Main PID: 7641 (code=exited, status=0/SUCCESS)

Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 systemd[1]: Starting HAProxy Load
Balancer...
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 systemd[1]: Started HAProxy Load
Balancer.
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
[ALERT] 235/190414 (7642) : parsing [/etc/haproxy/haproxy.cfg:9]:
unknown keyword 'mailers' out of section.
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
[ALERT] 235/190414 (7642) : parsing [/etc/haproxy/haproxy.cfg:10]:
unknown keyword 'mailer' out of section.
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
[ALERT] 235/190414 (7642) : parsing [/etc/haproxy/haproxy.cfg:121] :
unknown keyword 'email-alert' in 'backend' section


Well I would at least say that your haproxy does not support 
"email-alert" keyword ;)


If I configure a 1.7 haproxy *without* any "mailers" section *but* with 
a "email-alert mailers mta" setting in "backend" sections the parser 
does not say it does not known "email-alert" keyword. It says: unable to 
find "mailers" mta.


So even your haproxy could support "mailers" keyword, as it does not 
support "email-alert", this would be for nothing ;)


You should try the same thing: remove/comment your "mailers" section, 
and see if you still have "unknown keyword 'email-alert' in 'backend' 
section".


AFAIK, "email-alert" may be followed by a "mailers" keyword  ;)

Or perhaps I have missed something.

Re: Will HAProxy community supports mailers section?

2017-08-24 Thread Daniel Heitepriem

Hi Rajesh,

as far as I know (but may be wrong) the "mailers" config has to be
defined before any listen, frontend or backend directives. Also the
"email-alert" has to be defined after the backend. So in your case it
would look like this:

#-
# Global settings
#-
global
log 127.0.0.1 local2

chroot  /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
userhaproxy
group   haproxy
daemon

stats socket /var/lib/haproxy/stats

#-
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#-
defaults
modehttp
log global
option  httplog
option  dontlognull
#option log-health-checks
option http-server-close
option forwardfor   except 127.0.0.0/8 
option  redispatch
retries 3
timeout http-request10s
timeout queue   1m
timeout connect 10s
timeout client  1m
timeout server  1m
timeout http-keep-alive 10s
timeout check   10s
maxconn 3000

mailers mta
 mailer smtp1 127.0.0.1:25 

#-
#HAProxy Monitoring Config
#-
listen haproxy3-monitoring
bind :8080#Haproxy Monitoring run on port 8080
mode http
option forwardfor
option httpclose
stats enable
stats show-legends
stats refresh 5s
stats uri /stats #URL for HAProxy monitoring
stats realm Haproxy\ Statistics
stats auth root:sangbe#User and Password for login to
the monitoring dashboard
stats admin if TRUE
default_backend app#This is optionally for
monitoring backend

#-
# main frontend which proxys to the backends
#-
frontend main
bind :80
option http-server-close
option forwardfor
default_backend app


backend app
balance roundrobin
#option httpchk #HEAD / HTTP/1.1\r\nHost:\ localhost#Check the
server application is up and healty - 200 status code
server  11-80-R7-CLST-Node110.10.11.80:80
 check
server  DS-11-81-R7-CLST-Node210.10.11.81:80
 check

email-alert mailers mta
#email-alert level alert
email-alert from redm...@netrovert.net 
email-alert to rajesh.ko...@netrovert.net


Regards,
Daniel

Am 24.08.17 um 15:20 schrieb Rajesh Kolli:
> Hi Daniel,
>
> Thanks for your quick response...
>
> i am getting this error if i use mailers section in my configuration.
> -
> [root@DS-11-82-R7-CLST-Node1 ~]# systemctl status haproxy.service -l
> haproxy.service - HAProxy Load Balancer
>Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled)
>Active: inactive (dead) since Thu 2017-08-24 18:43:23 IST; 4s ago
>   Process: 6511 ExecStart=/usr/sbin/haproxy-systemd-wrapper -f
> /etc/haproxy/haproxy.cfg -p /run/haproxy.pid (code=exited,
> status=0/SUCCESS)
>  Main PID: 6511 (code=exited, status=0/SUCCESS)
>
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 systemd[1]: Starting HAProxy
> Load Balancer...
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 systemd[1]: Started HAProxy
> Load Balancer.
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:81] :
> unknown keyword 'mailers' in 'listen' section
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:82] :
> unknown keyword 'mailer' in 'listen' section
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:117] :
> unknown keyword 'email-alert' in 'backend' section
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:119] :
> unknown keyword 'email-alert' in 'backend' section
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:120] :
> unknown keyword 'email-alert' in 'backend' section
> Aug 24 18:43:23

Re: Two way authentication issue

2017-08-24 Thread Keresztes Péter-Zoltán

Hello,

Sorry I was confused about what the client wanted. First I thought hat they 
want to talk ssl with the backend but they actually want a client certificate 
authentication. I have modified my haproxy.cfg with the following 
configurations:

log /dev/loglocal0
log 127.0.0.1 local2
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 600 level admin
stats timeout 30s
user haproxy
group haproxy
daemon
maxconn 2
#Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
ssl-default-bind-ciphers 
ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS
ssl-default-bind-options no-sslv3
tune.ssl.default-dh-param 2048
defaults
log global
modehttp
option forwardfor
option http-server-close
option  httplog
option  dontlognull
timeout connect 5000ms
timeout client 300s
timeout server 300s
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
stats enable
stats hide-version
#stats scope .
stats uri   /admin?stats
stats realm Haproxy\ Statistics
stats auth  admin:K1l1m4ndj4r0
stats refresh   5s
frontend  http-in
bind 10.0.0.2:80
redirect scheme https code 301 if !{ ssl_fc }
frontend  https-in
bind 10.0.0.2:443 ssl crt /etc/ssl/certs/veracityid.com.crt
mode http
acl client_ssl path_beg /service/ws 
redirect location https://10.0.0.2/service/ws if client_ssl
default_backend idfusion_all
frontend apidev
bind 10.0.0.2:443 ssl crt /etc/ssl/certs/veracityid.com.crt ca-file 
/etc/ssl/certs/ca-certificates.crt verify required
mode http
reqadd X-Forwarded-Proto:\ https if { ssl_fc }
acl client_ssl path_beg /service/ws
redirect location https://10.0.0.2/ if !client_ssl
default_backend idfusion_all
option forwardfor
backend idfusion_all
modehttp
balance leastconn
timeout connect 1s
timeout server  300s
timeout queue   30s
option redispatch
retries 3
cookie rc_cookie_vers insert indirect nocache secure
server usloft4778 192.168.0.1:8080 cookie rc_cookie_vers check inter 
1000 fastinter 500 rise 2 fall 1
server loft10179 192.168.0.1:8080 cookie rc_cookie_vers check inter 
1000 fastinter 500 rise 2 fall 1

This configuration is working on some browsers like safari but it does not work 
with Firefox or chrome since I am having SSL_ERROR_HANDSHAKE_FAILURE_ALERT 

Any idea how to fix it?

Regards,
Peter

> On 23 Aug 2017, at 10:42, Yann Cézard  wrote:
> 
> Hi Peter,
> 
> On 23/08/2017 00:48, Keresztes Péter-Zoltán wrote:
>> Hello,
>> 
>> I am trying to setup haproxy with two way authentication. While the frontend 
>> looks good one of the backends is giving me headaches with ssl handshake 
>> failures.
>> 
>> Here is how the frontends and backends does look like:
>> 
>> frontend  http-in
>> bind 69.64.57.197:80
>> redirect scheme https code 301 if !{ ssl_fc }
>> 
>> frontend  https-in
>> bind 10.0.0.2:443 ssl crt /etc/ssl/certs/veracityid.com.crt
>> mode http
>> acl client_ssl path_beg /service/ws
>> use_backend test_client_ssl if client_ssl
>> default_backend test_all
>> 
>> backend test_all
>> modehttp
>> balance leastconn
>> timeout connect 1s
>> timeout server  300s
>> timeout queue   30s
>> option redispatch
>> retries 3
>> cookie rc_cookie_vers insert indirect nocache secure
>> server usloft4778 192.168.0.1:8080 cookie rc_cookie_vers check inter 
>> 1000 fastinter 500 rise 2 fall 1
>> server loft10179 192.168.0.2:8080 cookie rc_cookie_vers check inter 
>> 1000 fastinter 500 rise 2 fall 1
>> 
>> backend test_client_ssl
>> modehttp
>> balance leastconn
>> timeout connect 1s
>> timeout server  300s
>> timeout queue   30s
>> option httpchk GET "/service/ws" "HTTP/1.0"
>> cookie rc_cookie_vers insert indirect nocache secure
>>  server usloft4778 192.168.0.1:8080 ssl verify required ca-file 
>> /etc/ssl/certs/ca_full.crt crt /etc/ssl/certs/client.crt
>>  server loft10179 192.168.0.2:8080 ssl verify required ca-file 
>> /etc/ssl/certs/ca_full.crt crt /etc/ssl/certs/client.crt
> You are using the same server:port for both HTTP and HTTPS backends, I
> doubt those backend are able to speak HTTP and HTTPS
> on the same port.
> Not sure what you are trying to achieve, but the config you sent means
> that you want :
> - to connect to the backend in HTTP mode if path does not begin with
> /service/ws
> - to connect to the backend in HTTPS mode

Will HAProxy community supports mailers section?

2017-08-24 Thread Rajesh Kolli


Hello,

I am new to HAProxy, present i am using community version of haproxy, 
and i am trying to configure alerting in my configuration, after i 
configure "mailers" section and after restart of service it is throwing 
"unknown keyword mailers" in frontend.


Now, my doubt is... will HAProxy community supports mailers/alerting?

Thanks in advance if you suggest something on this.

Thanks and Regards

Rajesh Kolli

Re: Will HAProxy community supports mailers section?

2017-08-24 Thread Daniel Heitepriem

Hi Rajesh,

the community version supports mailers. Here is a working section from
my configuration:

mailers mymailserver
mailer smtp1 10.1.0.251:25

frontend frontend_CHANGEME

bind *:443 ssl crt /opt/etc/haproxy/haproxy-t.pem force-tlsv12 no-sslv3

#
# backend configuration
#

backend booking-backend
compression algo gzip
compression type text/html text/plain text/css
server server1-t server1-t:8443 check ssl verify none maxconn 4000

backend vakanz-backend
compression algo gzip
compression type text/html text/plain text/css application/xml
server server2-t server2-t:8080 check verify none force-tlsv12 backup
server server3-t server3-t:8443 check ssl verify none no-sslv3

email-alert mailers mymailserver
email-alert from haprox...@mydomain.com
email-alert to myn...@mydomain.com

I hope it helps

Regards,
Daniel

Am 24.08.17 um 14:35 schrieb Rajesh Kolli:
> Hello,
>
> I am new to HAProxy, present i am using community version of haproxy,
> and i am trying to configure alerting in my configuration, after i
> configure "mailers" section and after restart of service it is
> throwing "unknown keyword mailers" in frontend.
>
> Now, my doubt is... will HAProxy community supports mailers/alerting?
>
> Thanks in advance if you suggest something on this.
>
> Thanks and Regards
>
> Rajesh Kolli
>
>

Re: Will HAProxy community supports mailers section?

2017-08-24 Thread Rajesh Kolli

Hi Daniel,

I have changed my config file according to you, even though i am getting
the same error.
-
haproxy.service - HAProxy Load Balancer
   Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled)
   Active: inactive (dead) since Thu 2017-08-24 19:04:14 IST; 6s ago
  Process: 7641 ExecStart=/usr/sbin/haproxy-systemd-wrapper -f
/etc/haproxy/haproxy.cfg -p /run/haproxy.pid (code=exited, status=0/SUCCESS)
 Main PID: 7641 (code=exited, status=0/SUCCESS)

Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 systemd[1]: Starting HAProxy Load
Balancer...
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 systemd[1]: Started HAProxy Load
Balancer.
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
[ALERT] 235/190414 (7642) : parsing [/etc/haproxy/haproxy.cfg:9]: unknown
keyword 'mailers' out of section.
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
[ALERT] 235/190414 (7642) : parsing [/etc/haproxy/haproxy.cfg:10]: unknown
keyword 'mailer' out of section.
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
[ALERT] 235/190414 (7642) : parsing [/etc/haproxy/haproxy.cfg:121] :
unknown keyword 'email-alert' in 'backend' section
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
[ALERT] 235/190414 (7642) : parsing [/etc/haproxy/haproxy.cfg:123] :
unknown keyword 'email-alert' in 'backend' section
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
[ALERT] 235/190414 (7642) : parsing [/etc/haproxy/haproxy.cfg:124] :
unknown keyword 'email-alert' in 'backend' section
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
[ALERT] 235/190414 (7642) : Error(s) found in configuration file :
/etc/haproxy/haproxy.cfg
Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
[ALERT] 235/190414 (7642) : Fatal errors found in configuration.
Aug 24 19:04:15 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
haproxy-systemd-wrapper: exit, haproxy RC=256


On Thu, Aug 24, 2017 at 6:57 PM, Daniel Heitepriem <
daniel.heitepr...@pribas.com> wrote:

> Hi Rajesh,
>
> as far as I know (but may be wrong) the "mailers" config has to be defined
> before any listen, frontend or backend directives. Also the "email-alert"
> has to be defined after the backend. So in your case it would look like
> this:
>
>
> #-
> # Global settings
> #-
> global
> log 127.0.0.1 local2
>
> chroot  /var/lib/haproxy
> pidfile /var/run/haproxy.pid
> maxconn 4000
> userhaproxy
> group   haproxy
> daemon
>
> stats socket /var/lib/haproxy/stats
>
> #-
> # common defaults that all the 'listen' and 'backend' sections will
> # use if not designated in their block
> #-
> defaults
> modehttp
> log global
> option  httplog
> option  dontlognull
> #option log-health-checks
> option http-server-close
> option forwardfor   except 127.0.0.0/8
> option  redispatch
> retries 3
> timeout http-request10s
> timeout queue   1m
> timeout connect 10s
> timeout client  1m
> timeout server  1m
> timeout http-keep-alive 10s
> timeout check   10s
> maxconn 3000
>
> mailers mta
>  mailer smtp1 127.0.0.1:25
>
> #-
> #HAProxy Monitoring Config
> #-
> listen haproxy3-monitoring
> bind :8080#Haproxy Monitoring run on port 8080
> mode http
> option forwardfor
> option httpclose
> stats enable
> stats show-legends
> stats refresh 5s
> stats uri /stats #URL for HAProxy
> monitoring
> stats realm Haproxy\ Statistics
> stats auth root:sangbe#User and Password for login to the
> monitoring dashboard
> stats admin if TRUE
> default_backend app#This is optionally for
> monitoring backend
>
> #-
> # main frontend which proxys to the backends
> #-
> frontend main
> bind :80
> option http-server-close
> option forwardfor
> default_backend app
>
>
> backend app
> balance roundrobin
> #option httpchk #HEAD / HTTP/1.1\r\nHost:\ localhost#Check the
> server application is up and healty - 200 status code
> server  11-80-R7-CLST-Node110.10.11.80:80 check
> server

Re: Will HAProxy community supports mailers section?

2017-08-24 Thread Rajesh Kolli

Hi Daniel,

Thanks for your quick response...

i am getting this error if i use mailers section in my configuration.
-
[root@DS-11-82-R7-CLST-Node1 ~]# systemctl status haproxy.service -l
haproxy.service - HAProxy Load Balancer
   Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled)
   Active: inactive (dead) since Thu 2017-08-24 18:43:23 IST; 4s ago
  Process: 6511 ExecStart=/usr/sbin/haproxy-systemd-wrapper -f
/etc/haproxy/haproxy.cfg -p /run/haproxy.pid (code=exited, status=0/SUCCESS)
 Main PID: 6511 (code=exited, status=0/SUCCESS)

Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 systemd[1]: Starting HAProxy Load
Balancer...
Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 systemd[1]: Started HAProxy Load
Balancer.
Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
[ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:81] : unknown
keyword 'mailers' in 'listen' section
Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
[ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:82] : unknown
keyword 'mailer' in 'listen' section
Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
[ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:117] :
unknown keyword 'email-alert' in 'backend' section
Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
[ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:119] :
unknown keyword 'email-alert' in 'backend' section
Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
[ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:120] :
unknown keyword 'email-alert' in 'backend' section
Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
[ALERT] 235/184323 (6512) : Error(s) found in configuration file :
/etc/haproxy/haproxy.cfg
Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
[ALERT] 235/184323 (6512) : Fatal errors found in configuration.
Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
haproxy-systemd-wrapper: exit, haproxy RC=256


Here is my config file

[root@DS-11-82-R7-CLST-Node1 ~]# cat /etc/haproxy/haproxy.cfg
#-
# Global settings
#-
global
log 127.0.0.1 local2

chroot  /var/lib/haproxy
pidfile /var/run/haproxy.pid
maxconn 4000
userhaproxy
group   haproxy
daemon

stats socket /var/lib/haproxy/stats

#-
# common defaults that all the 'listen' and 'backend' sections will
# use if not designated in their block
#-
defaults
modehttp
log global
option  httplog
option  dontlognull
#option log-health-checks
option http-server-close
option forwardfor   except 127.0.0.0/8
option  redispatch
retries 3
timeout http-request10s
timeout queue   1m
timeout connect 10s
timeout client  1m
timeout server  1m
timeout http-keep-alive 10s
timeout check   10s
maxconn 3000

#-
#HAProxy Monitoring Config
#-
listen haproxy3-monitoring
bind :8080#Haproxy Monitoring run on port 8080
mode http
option forwardfor
option httpclose
stats enable
stats show-legends
stats refresh 5s
stats uri /stats #URL for HAProxy monitoring
stats realm Haproxy\ Statistics
stats auth root:sangbe#User and Password for login to the
monitoring dashboard
stats admin if TRUE
default_backend app#This is optionally for
monitoring backend

mailers mta
 mailer smtp1 127.0.0.1:25

#-
# main frontend which proxys to the backends
#-
frontend main
bind :80
option http-server-close
option forwardfor
default_backend app


backend app
balance roundrobin
#option httpchk #HEAD / HTTP/1.1\r\nHost:\ localhost#Check the
server application is up and healty - 200 status code
email-alert mailers mta
#email-alert level alert
email-alert from redm...@netrovert.net
email-alert to rajesh.ko...@netrovert.net
server  11-80-R7-CLST-Node110.10.11.80:80 check
server

Re: Will HAProxy community supports mailers section?

2017-08-24 Thread Jérôme Magnin

On Thu, Aug 24, 2017 at 06:50:51PM +0530, Rajesh Kolli wrote:
> Hi Daniel,
> 
> Thanks for your quick response...
> 
> i am getting this error if i use mailers section in my configuration.
> -
> [root@DS-11-82-R7-CLST-Node1 ~]# systemctl status haproxy.service -l
> haproxy.service - HAProxy Load Balancer
>Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled)
>Active: inactive (dead) since Thu 2017-08-24 18:43:23 IST; 4s ago
>   Process: 6511 ExecStart=/usr/sbin/haproxy-systemd-wrapper -f
> /etc/haproxy/haproxy.cfg -p /run/haproxy.pid (code=exited, status=0/SUCCESS)
>  Main PID: 6511 (code=exited, status=0/SUCCESS)
> 
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 systemd[1]: Starting HAProxy Load
> Balancer...
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 systemd[1]: Started HAProxy Load
> Balancer.
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:81] : unknown
> keyword 'mailers' in 'listen' section
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:82] : unknown
> keyword 'mailer' in 'listen' section
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:117] :
> unknown keyword 'email-alert' in 'backend' section
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:119] :
> unknown keyword 'email-alert' in 'backend' section
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : parsing [/etc/haproxy/haproxy.cfg:120] :
> unknown keyword 'email-alert' in 'backend' section
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : Error(s) found in configuration file :
> /etc/haproxy/haproxy.cfg
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> [ALERT] 235/184323 (6512) : Fatal errors found in configuration.
> Aug 24 18:43:23 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[6511]:
> haproxy-systemd-wrapper: exit, haproxy RC=256
>

Hello Rajesh,

you are most likely running a version in which mailers is not implemented
(<1.6).

Jérôme

Re: Will HAProxy community supports mailers section?

2017-08-24 Thread Holger Just

Hi Rajesh,

Rajesh Kolli wrote:
> i am getting this error if i use mailers section in my configuration.

The ability to send mail alerts (and thus to configure this with a
mailers section) was added in HAProxy 1.6. If you use an older version,
this feature is not yet available to you.

Once you update to a newer version (e.g. the current version 1.7.8), the
feature should be usable for you.

Regards,
Holger

Re: Will HAProxy community supports mailers section?

2017-08-24 Thread Rajesh Kolli

Hi All,

Thanks for your support.

Earlier I have upgraded from 1.4 to 1.7 using source then haproxy working
but alerting is not working.

I have checked haproxy version using cli command and it has given 1.7.x but
if I query rpm then it's giving 1.4.x then I realized that upgrade has some
issue.

At least, I have download latest rpm RedHat and installed it then every
thing is working and alerts too working.

On 24 Aug 2017 7:57 pm, "Frederic Lecaille"  wrote:

> On 08/24/2017 03:35 PM, Rajesh Kolli wrote:
>
>> Hi Daniel,
>>
>> I have changed my config file according to you, even though i am getting
>> the same error.
>> -
>> haproxy.service - HAProxy Load Balancer
>>Loaded: loaded (/usr/lib/systemd/system/haproxy.service; enabled)
>>Active: inactive (dead) since Thu 2017-08-24 19:04:14 IST; 6s ago
>>   Process: 7641 ExecStart=/usr/sbin/haproxy-systemd-wrapper -f
>> /etc/haproxy/haproxy.cfg -p /run/haproxy.pid (code=exited,
>> status=0/SUCCESS)
>>  Main PID: 7641 (code=exited, status=0/SUCCESS)
>>
>> Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 systemd[1]: Starting HAProxy Load
>> Balancer...
>> Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 systemd[1]: Started HAProxy Load
>> Balancer.
>> Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
>> [ALERT] 235/190414 (7642) : parsing [/etc/haproxy/haproxy.cfg:9]:
>> unknown keyword 'mailers' out of section.
>> Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
>> [ALERT] 235/190414 (7642) : parsing [/etc/haproxy/haproxy.cfg:10]:
>> unknown keyword 'mailer' out of section.
>> Aug 24 19:04:14 DS-11-82-R7-CLST-Node1 haproxy-systemd-wrapper[7641]:
>> [ALERT] 235/190414 (7642) : parsing [/etc/haproxy/haproxy.cfg:121] :
>> unknown keyword 'email-alert' in 'backend' section
>>
>
> Well I would at least say that your haproxy does not support "email-alert"
> keyword ;)
>
> If I configure a 1.7 haproxy *without* any "mailers" section *but* with a
> "email-alert mailers mta" setting in "backend" sections the parser does not
> say it does not known "email-alert" keyword. It says: unable to find
> "mailers" mta.
>
> So even your haproxy could support "mailers" keyword, as it does not
> support "email-alert", this would be for nothing ;)
>
> You should try the same thing: remove/comment your "mailers" section, and
> see if you still have "unknown keyword 'email-alert' in 'backend' section".
>
> AFAIK, "email-alert" may be followed by a "mailers" keyword  ;)
>
> Or perhaps I have missed something.
>

Re: Two way authentication issue

2017-08-24 Thread Yann Cézard


Hi Peter,

There are several things which looks really wrong in your config.

Are you sure this configuration is validated by haproxy ? Or did you only reload
and it in facts still uses the old conf ?

On 24/08/2017 15:48, Keresztes Péter-Zoltán wrote:
Hello,

Sorry I was confused about what the client wanted. First I thought hat they 
want to talk ssl with the backend but they actually want a client certificate 
authentication. I have modified my haproxy.cfg with the following 
configurations:

[...]
frontend  http-in
   bind 10.0.0.2:80
   redirect scheme https code 301 if !{ ssl_fc }
frontend  https-in
   bind 10.0.0.2:443 ssl crt /etc/ssl/certs/veracityid.com.crt
   mode http
That part looks wrong :
   acl client_ssl path_beg /service/ws
   redirect location https://10.0.0.2/service/ws if client_ssl
It looks like a redirect loop to me.
   default_backend idfusion_all
frontend apidev
   bind 10.0.0.2:443 ssl crt /etc/ssl/certs/veracityid.com.crt ca-file 
/etc/ssl/certs/ca-certificates.crt verify required
=> you defined two times the same ip:port, how HAProxy is supposed to know 
which one the user is asking for ?
I would be surprised if it doesn't throw an error with such a configuration.
[...]

This configuration is working on some browsers like safari but it does not work 
with Firefox or chrome since I am having SSL_ERROR_HANDSHAKE_FAILURE_ALERT

Any idea how to fix it?
You didn't explain what you wanted to achieve, but my guess is that you want 
clients
to be cert authenticated/validated to access the /service/ws path, and you 
don't care for other
paths if the client are cert validated or not (you just want to have HTTPS).
In that case, look at 
https://www.haproxy.com/blog/ssl-client-certificate-management-at-application-level/
(Phase 2: Client Certificate optional)
=> use "verify optional"
=> ensure { ssl_fc_has_crt } if accessing /service/ws

Hope this helps,

Yann

Regards,
Peter

On 23 Aug 2017, at 10:42, Yann Cézard 
> wrote:

Hi Peter,

On 23/08/2017 00:48, Keresztes Péter-Zoltán wrote:
Hello,

I am trying to setup haproxy with two way authentication. While the frontend 
looks good one of the backends is giving me headaches with ssl handshake 
failures.

Here is how the frontends and backends does look like:

frontend  http-in
   bind 69.64.57.197:80
   redirect scheme https code 301 if !{ ssl_fc }

frontend  https-in
   bind 10.0.0.2:443 ssl crt /etc/ssl/certs/veracityid.com.crt
   mode http
   acl client_ssl path_beg /service/ws
   use_backend test_client_ssl if client_ssl
   default_backend test_all

backend test_all
   modehttp
   balance leastconn
   timeout connect 1s
   timeout server  300s
   timeout queue   30s
   option redispatch
   retries 3
   cookie rc_cookie_vers insert indirect nocache secure
   server usloft4778 192.168.0.1:8080 cookie rc_cookie_vers check inter 
1000 fastinter 500 rise 2 fall 1
   server loft10179 192.168.0.2:8080 cookie rc_cookie_vers check inter 1000 
fastinter 500 rise 2 fall 1

backend test_client_ssl
   modehttp
   balance leastconn
   timeout connect 1s
   timeout server  300s
   timeout queue   30s
   option httpchk GET "/service/ws" "HTTP/1.0"
   cookie rc_cookie_vers insert indirect nocache secure
server usloft4778 192.168.0.1:8080 ssl verify required ca-file 
/etc/ssl/certs/ca_full.crt crt /etc/ssl/certs/client.crt
server loft10179 192.168.0.2:8080 ssl verify required ca-file 
/etc/ssl/certs/ca_full.crt crt /etc/ssl/certs/client.crt
You are using the same server:port for both HTTP and HTTPS backends, I
doubt those backend are able to speak HTTP and HTTPS
on the same port.
Not sure what you are trying to achieve, but the config you sent means
that you want :
- to connect to the backend in HTTP mode if path does not begin with
/service/ws
- to connect to the backend in HTTPS mode + client verification if the
path begins with /service/ws

Not sure what you are trying to do though :
1. two way auth between client and HAProxy ?
2. two way auth between HAProxy and backend servers ?

For the first one, you'll have to configure that in the frontend
(https://www.haproxy.com/blog/ssl-client-certificate-management-at-application-level/)
For the second one, you'll probably have to check the ports you used
between HAproxy and your backends.

Any suggestion to make this work?

Thanks in advance
Peter
Hope this helps,

Yann
--- DISCLAIMER - This message 
and any attachment are proprietary and confidential information and might be 
legally privileged in your country. These elements are intended solely for the 
addressee. Any unauthorized use or disclosure, in whole or in part, is 
prohibited. E-mails are subject to any alteration, change or falsification. The 
sender declines any liability to this message and any attachment. If you are 
not the intended recipient of this message, please delete this message and 
notify

Re: Two way authentication issue

2017-08-24 Thread Keresztes Péter-Zoltán

Hello

Basically what I need is when I browse /service/ws to use client certificate 
authentication otherwise for everything else to use normal ssl termination
This configuration was validated by haproxy and it told that it was correct and 
it works but not with Firefox and google chrome.

Please help me with some suggestion cause I really need to make this work

Regards
Peter
> On 24 Aug 2017, at 19:18, Yann Cézard  wrote:
> 
> Hi Peter,
> 
> There are several things which looks really wrong in your config.
> 
> Are you sure this configuration is validated by haproxy ? Or did you only 
> reload
> and it in facts still uses the old conf ?
> 
> On 24/08/2017 15:48, Keresztes Péter-Zoltán wrote:
>> Hello,
>> 
>> Sorry I was confused about what the client wanted. First I thought hat they 
>> want to talk ssl with the backend but they actually want a client 
>> certificate authentication. I have modified my haproxy.cfg with the 
>> following configurations:
>> 
>> [...]
>> frontend  http-in
>> bind 10.0.0.2:80
>> redirect scheme https code 301 if !{ ssl_fc }
>> frontend  https-in
>> bind 10.0.0.2:443 ssl crt /etc/ssl/certs/veracityid.com.crt
>> mode http
> That part looks wrong :
>> acl client_ssl path_beg /service/ws 
>> redirect location https://10.0.0.2/service/ws 
>>  if client_ssl
> It looks like a redirect loop to me.
Probably but I couldn’t think at anything else on how to force the haproxy to 
use the client certificate when that path is used.

>> default_backend idfusion_all
>> frontend apidev
>> bind 10.0.0.2:443 ssl crt /etc/ssl/certs/veracityid.com.crt ca-file 
>> /etc/ssl/certs/ca-certificates.crt verify required
> => you defined two times the same ip:port, how HAProxy is supposed to know 
> which one the user is asking for ?
> I would be surprised if it doesn't throw an error with such a configuration.
Don’t know if this supposed to work or not but it’s actually working

>> [...]
>> 
>> This configuration is working on some browsers like safari but it does not 
>> work with Firefox or chrome since I am having 
>> SSL_ERROR_HANDSHAKE_FAILURE_ALERT 
>> 
>> Any idea how to fix it?
> You didn't explain what you wanted to achieve, but my guess is that you want 
> clients
> to be cert authenticated/validated to access the /service/ws path, and you 
> don't care for other
> paths if the client are cert validated or not (you just want to have HTTPS).
> In that case, look at 
> https://www.haproxy.com/blog/ssl-client-certificate-management-at-application-level/
>  
> 
> (Phase 2: Client Certificate optional)
> => use "verify optional"
> => ensure { ssl_fc_has_crt } if accessing /service/ws 
> 
> Hope this helps,
> 
> Yann
>> 
>> Regards,
>> Peter
>> 
>>> On 23 Aug 2017, at 10:42, Yann Cézard >> > wrote:
>>> 
>>> Hi Peter,
>>> 
>>> On 23/08/2017 00:48, Keresztes Péter-Zoltán wrote:
 Hello,
 
 I am trying to setup haproxy with two way authentication. While the 
 frontend looks good one of the backends is giving me headaches with ssl 
 handshake failures.
 
 Here is how the frontends and backends does look like:
 
 frontend  http-in
 bind 69.64.57.197:80
 redirect scheme https code 301 if !{ ssl_fc }
 
 frontend  https-in
 bind 10.0.0.2:443 ssl crt /etc/ssl/certs/veracityid.com.crt
 mode http
 acl client_ssl path_beg /service/ws
 use_backend test_client_ssl if client_ssl
 default_backend test_all
 
 backend test_all
 modehttp
 balance leastconn
 timeout connect 1s
 timeout server  300s
 timeout queue   30s
 option redispatch
 retries 3
 cookie rc_cookie_vers insert indirect nocache secure
 server usloft4778 192.168.0.1:8080 cookie rc_cookie_vers check 
 inter 1000 fastinter 500 rise 2 fall 1
 server loft10179 192.168.0.2:8080 cookie rc_cookie_vers check 
 inter 1000 fastinter 500 rise 2 fall 1
 
 backend test_client_ssl
 modehttp
 balance leastconn
 timeout connect 1s
 timeout server  300s
 timeout queue   30s
 option httpchk GET "/service/ws" "HTTP/1.0"
 cookie rc_cookie_vers insert indirect nocache secure
  server usloft4778 192.168.0.1:8080 ssl verify required ca-file 
 /etc/ssl/certs/ca_full.crt crt /etc/ssl/certs/client.crt
  server loft10179 192.168.0.2:8080 ssl verify required ca-file 
 /etc/ssl/certs/ca_full.crt crt /etc/ssl/certs/client.crt
>>> You are using the same server:port for both HTTP and HTTPS backends, I
>>> doubt those backend are able to speak HTTP and HTTPS
>>> on the same port.
>>> Not sure what you are trying to achieve, but the config you sent

Use lua to get query string blocking request ？

2017-08-24 Thread aogooc xu

Hi,

haproxy version 1.6.9 2016/08/30,

In core.register_action by http-req, use txn.f:query() get query string, if
it does not exist, then will block for some time?

Re: Will HAProxy community supports mailers section?

RE: HAProxy 1.7.8 compile problem with new OpenSSL

RE: HAProxy 1.7.8 compile problem with new OpenSSL

Re: Will HAProxy community supports mailers section?

Re: Will HAProxy community supports mailers section?

Re: Two way authentication issue

Will HAProxy community supports mailers section?

Re: Will HAProxy community supports mailers section?

Re: Will HAProxy community supports mailers section?

Re: Will HAProxy community supports mailers section?

Re: Will HAProxy community supports mailers section?

Re: Will HAProxy community supports mailers section?

Re: Will HAProxy community supports mailers section?

Re: Two way authentication issue

Re: Two way authentication issue

Use lua to get query string blocking request ？

16 matches

Site Navigation

Mail list logo

Footer information