Re: HTTP 429 Too Many Requests

Thank you very much. That will be a good opportunity to work with the Lua functionality. As the value for the retry-after header should be variable for different situations, the error file would not help; but for simple scenarios it will be perfectly fine, leaving the right information in the

Re: HTTP 429 Too Many Requests

Le 24/06/2016 à 22:57, Daniel Schneller a écrit : That is indeed pretty cool :-) Would the addition of a header work the way I originally suggested, though? Only by adding an errorfile for 429 status. Or you can play with lua ! For example : http-request use-service lua.shaping if and the

Re: HTTP 429 Too Many Requests

That is indeed pretty cool :-) Would the addition of a header work the way I originally suggested, though? > On 24 Jun 2016, at 21:57, Cyril Bonté wrote: > > Hi all, > >> Le 24/06/2016 à 21:33, James Brown a écrit : >> +1 I am also using a fake backend with no servers and

Re: HTTP 429 Too Many Requests

Hi all, Le 24/06/2016 à 21:33, James Brown a écrit : +1 I am also using a fake backend with no servers and a 503 errorfile, and it confuses everybody who looks at the config or the metrics. Being able to directly emit a 429 would be fantastic. Interestingly, it already exists since 1.6-dev2

Re: HTTP 429 Too Many Requests

+1 I am also using a fake backend with no servers and a 503 errorfile, and it confuses everybody who looks at the config or the metrics. Being able to directly emit a 429 would be fantastic. On Fri, Jun 24, 2016 at 10:30 AM, Daniel Schneller < daniel.schnel...@centerdevice.com> wrote: > Hello! >

[SPAM] Lacrymogène, taser, pistolet d'alarme, les produits légaux pour se défendre

HTTP 429 Too Many Requests

Hello! We use haproxy as an L7 rate limiter based on tracking certain header fields and URLs. A more detailed description of what we do can be found in a blog post I wrote about this some time ago:  https://blog.codecentric.de/en/2014/12/haproxy-http-header-rate-limiting Our exact setup has

Re: [PATCH] MINOR: dns: support advertising UDP message size.

On Fri, Jun 24, 2016 at 04:13:56PM +0200, Conrad Hoffmann wrote: > Yeah, I was pondering the same thing. DNS servers not capable of that > extensions (very few, I think) would ignore it, so always adding the OPT > record would be safe indeed. OK good. > I just wasn't sure about the value itself.

Re: [PATCH] MINOR: dns: support advertising UDP message size.

Hi Willy, On 06/24/2016 03:52 PM, Willy Tarreau wrote: > Hi Conrad, > > On Thu, Jun 23, 2016 at 06:49:19PM +0200, Conrad Hoffmann wrote: >> Hi, >> >> attached is my shot at supporting negotiating UDP message sizes > 512 bytes >> in the Haproxy DNS implementation. The default DNS size of 512

Re: [PATCH] MINOR: dns: support advertising UDP message size.

Hi Conrad, On Thu, Jun 23, 2016 at 06:49:19PM +0200, Conrad Hoffmann wrote: > Hi, > > attached is my shot at supporting negotiating UDP message sizes > 512 bytes > in the Haproxy DNS implementation. The default DNS size of 512 bytes can > often lead to truncated responses, which are discarded. >

Re: How to validate source trustworthiness

On Wed, Jun 22, 2016 at 09:30:53AM -0400, Danny Fullerton wrote: > Hello, > > I'm trying to validate haproxy sources but git tags doesn't seems to be > signed using PGP and the HTTPS certificate is self signed. > > Providing a signed commit/tags or, at the very least, using a valid TLS >

Re: MINOR: ssl: close ssl key file on error

Hi Mildis, On Wed, Jun 22, 2016 at 06:17:42PM +0200, Mildis wrote: > Hi, > > Please find attached a patch which corrects ssl_sock.c. > > It closes explicitly the FILE opened to read the ssl key file when parsing > fails to find a valid key. > Previous behavior : returned from the function

Re: Bug: the usual make makes corrupted binary

Hi Kay, On Thu, Jun 23, 2016 at 07:03:19PM +0200, Kay Fuchs wrote: > Hi list, > > i'm on the latest 1.6 version(a7b7ad0d75) and i'm used to compile HAProxy like > > make TARGET=linux2628 USE_PCRE=1 USE_LINUX_SPLICE=1 USE_LINUX_TPROXY=1 > USE_GETADDRINFO=1 USE_OPENSSL=1