[SPAM] payez en espèces sur internet avec la carte Veritas

Re: Transparent proxy that doesn't destroy your default gateway

On Wed, Apr 6, 2016 at 11:34 PM, Lukas Erlacher wrote: > Addendum: > > On the load balancer, > > iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT > > will match *all* packets (for example the packets of your SSH connection, > since there is undoubtedly a socket for those SSH packets),

Re: send-proxy behavior when the client closes the connection prematurely

On Wed, Apr 6, 2016 at 9:53 AM, Willy Tarreau wrote: [...] > So this means that in TCP mode we're aware of the abort earlier than in > HTTP mode. Thus we theorically have everything needed to decide not to > connect if possible. > /me nods, it appears so. > This one will result in truncated tran

Re: send-proxy behavior when the client closes the connection prematurely

Hi Frederik, On Wed, Apr 06, 2016 at 08:49:09AM -0700, Frederik Deweerdt wrote: > > > Mmm, adding "option abortonclose" does work in "mode http", but not in > > > "mode tcp", which I've been using. > > > > Why are you saying this ? > > That's what I'm seeing in my tests, with ssl_sock_to_buf ins

Re: send-proxy behavior when the client closes the connection prematurely

Hello Willy, On Sun, Apr 3, 2016 at 11:15 PM, Willy Tarreau wrote: > On Thu, Mar 31, 2016 at 12:37:03PM -0700, Frederik Deweerdt wrote: > > >> It seems that we would be a bit more efficient if we also aborted when > > >> si_b->state was SI_ST_INI: that is, don't even try to open a connection > >

Re: Transparent proxy that doesn't destroy your default gateway

Addendum: On the load balancer, iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT will match *all* packets (for example the packets of your SSH connection, since there is undoubtedly a socket for those SSH packets), at least it does on my system; this is much nicer IMO: iptables -t

Re: [PATCH] BUG/Minor : allow to log cookie for tarpit and denied request

On Wed, Apr 06, 2016 at 02:22:10PM +0200, Bertrand Paquet wrote: > Hi, > > Please find the patch attached. applied, thanks. Willy

Re: [PATCH] BUG/Minor : allow to log cookie for tarpit and denied request

Hi, Please find the patch attached. Regards, Bertrand On Wed, Apr 6, 2016 at 12:59 PM, Willy Tarreau wrote: > Hi Bertrand, > > On Wed, Apr 06, 2016 at 11:58:31AM +0200, Bertrand Paquet wrote: > > Hi all, > > > > The following patch allow to log cookie for tarpit and denied request. > > This m

Re: [PATCH] BUG/Minor : allow to log cookie for tarpit and denied request

Hi Bertrand, On Wed, Apr 06, 2016 at 11:58:31AM +0200, Bertrand Paquet wrote: > Hi all, > > The following patch allow to log cookie for tarpit and denied request. > This minor bug affect at least 1.5, 1.6 and 1.7 branch. Thank you. Please check below, it seems that your mailer has mangled space

[PATCH] BUG/Minor : allow to log cookie for tarpit and denied request

Hi all, The following patch allow to log cookie for tarpit and denied request. This minor bug affect at least 1.5, 1.6 and 1.7 branch. The solution is not perfect : may be the cookie processing (manage_client_side_cookies) can be moved into http_process_req_common. Regards, Bertrand diff --git