config files?
>
> thanks
> Philipp
>
You can use external files in two cases. See the following blog articles:
https://www.haproxy.com/blog/introduction-to-haproxy-acls/ (search for
"acl file")
https://www.haproxy.com/blog/introduction-to-haproxy-maps/
-Patrick
e file indicates that you had an earlier version of the service
file present on your system, and have not reloaded systemd since
modifying it, so it's using the old file.
You need to run: `systemctl daemon-reload`
-Patrick
E_INITCALL'
__attribute__((__used__,__section__("init_"#stg))) = \
Issue occurs on master, and the 1.9 branch
-Patrick
On 2019/2/13 09:40, Aleksandar Lazic wrote:
> Am 13.02.2019 um 14:45 schrieb Patrick Hemmer:
>> Trying to compile haproxy on my local machine for testing purposes and am
>> running into the following:
> Which compiler do you use?
# gcc -v
Configured with:
--pr
On 2019/2/13 10:29, Olivier Houchard wrote:
> Hi Patrick,
>
> On Wed, Feb 13, 2019 at 10:01:01AM -0500, Patrick Hemmer wrote:
>>
>> On 2019/2/13 09:40, Aleksandar Lazic wrote:
>>> Am 13.02.2019 um 14:45 schrieb Patrick Hemmer:
>>>> Trying to compi
On 2019/2/14 08:20, Frederic Lecaille wrote:
> On 2/14/19 1:32 PM, Frederic Lecaille wrote:
>> On 2/13/19 7:30 PM, Patrick Hemmer wrote:
>>>
>>>
>>> On 2019/2/13 10:29, Olivier Houchard wrote:
>>>> Hi Patrick,
>>>>
>>
On 2019/2/14 12:45, Olivier Houchard wrote:
> Hi Patrick,
>
> On Thu, Feb 14, 2019 at 09:12:18AM -0500, Patrick Hemmer wrote:
>>
>> On 2019/2/14 08:20, Frederic Lecaille wrote:
>>> On 2/14/19 1:32 PM, Frederic Lecaille wrote:
>>>> On 2/13/19 7:30 PM, P
in {1..5}; do socat - unix:/tmp/haproxy.sock <<< "show info"
| grep Pid: ; done
Pid: 33371
Pid: 33373
Pid: 33372
Pid: 33373
Pid: 33373
-Patrick
*From:* Willy Tarreau [mailto:w...@1wt.eu]
*Sent:* Thursday, April 11, 2019, 13:23 EDT
*To:* Patrick Hemmer
*Cc:* haproxy@formilux.org, wlallem...@haproxy.com
*Subject:* `stats bind-process` broken
On Thu, Apr 11, 2019
*From:* Aleksandar Lazic [mailto:al-mob...@none.at]
*Sent:* Friday, May 24, 2019, 20:30 EDT
*To:* Patrick Hemmer
*Cc:* Haproxy
*Subject:* Capturing headers from http/2 trailers?
Hi.
Fri May 24 15:00:55 GMT+02:00 2019
*From:* Willy Tarreau [mailto:w...@1wt.eu]
*Sent:* Saturday, May 25, 2019, 01:42 EDT
*To:* Patrick Hemmer
*Cc:* Haproxy
*Subject:* Capturing headers from http/2 trailers?
Hi Patrick,
On Fri, May 24, 2019 at 09:00:25AM
*From:* Willy Tarreau [mailto:w...@1wt.eu]
*Sent:* Tuesday, June 4, 2019, 10:08 EDT
*To:* Patrick Hemmer
*Cc:* haproxy@formilux.org
*Subject:* http_first_req not working with http2
Hi Patrick,
On Mon, Jun 03, 2019
This adds 4 sample fetches:
- ssl_fc_client_random
- ssl_fc_server_random
- ssl_bc_client_random
- ssl_bc_server_random
These fetches retrieve the client or server random value sent during the
handshake.
Their use is to be able to decrypt traffic sent using ephemeral ciphers.
Tools
like
Re-send of earlier patch due to formatting issues (upgraded thunderbird
and lost a bunch of stuff :-( ).
As an attachment this time, so should be safe.
-Patrick
From 0947dc1faf7a0a90631adcebc2e65fc191da8473 Mon Sep 17 00:00:00 2001
From: Patrick Hemmer
Date: Tue, 4 Jun 2019 08:13:03 -0400
*From:* Patrick Hemmer [mailto:hapr...@stormcloud9.net]
*Sent:* Tuesday, June 4, 2019, 16:38 EDT
*To:* haproxy@formilux.org
*Subject:* [PATCH] MINOR: SSL: add client/server random sample fetches
Re-send of earlier patch
ent, according with the HAProxy configuration file, on
the default syslog server if it is configured and on the stderr if it is
allowed.
So how do I make stderr not allowed?
In my config, I have the following log related settings in defaults
log 127.0.0.1:514 daemon
option httplog
-Patrick
() [ { if | unless } ]
This is experienced with version 1.9.8
-Patrick
_req=1
Where as,
Config:
frontend f1
bind :8000 proto h2
option http-use-htx
log-format http_first_req=%[http_first_req]
With `curl --http2-prior-knowledge http://localhost:8000`
Outputs:
<30>Jun 3 17:16:51 haproxy[47829]: http_first_req=0
-Patrick
*From:* Patrick Hemmer [mailto:hapr...@stormcloud9.net]
*Sent:* Monday, June 3, 2019, 17:21 EDT
*To:* haproxy@formilux.org
*Subject:* http_first_req not working with http2
As subject says, it appears
if (vars->scope != scope)
443 return 0;
444
445 HA_RWLOCK_WRLOCK(VARS_LOCK, >rwlock);
Target 0: (haproxy) stopped.
-Patrick
*From:* Willy Tarreau [mailto:w...@1wt.eu]
*Sent:* Saturday, May 11, 2019, 06:10 EDT
*To:* Patrick Hemmer
*Cc:* haproxy@formilux.org
*Subject:* HAProxy 1.9.6 unresponsive
Hi Patrick,
On Fri, May 10, 2019 at 09:17:25AM
c51189488) at
src/haproxy.c:2774
err =
retry =
limit = {rlim_cur = 131072, rlim_max = 131072}
errmsg =
"\000@\000\000\000\000\000\000\002v\037\237n\177\000\000\300t\004\241n\177\000\000`\027S\237n\177\000\000\030\000\000\000\000\000\000\000>\001\000\024\000\000\000\000p\244\005\241n\177\000\000@\276\001\241n\177\000\000\000P\273\240n\177\000\000\274o\037\237n\177\000\000\370\224\030Q\374\177\000\000\000\000\000\000\000\000\000\000Pw\004\241"
pidfd = -1
-Patrick
ing to log the grpc-status and grpc-message
headers from gRPC responses.
Thanks
-Patrick
*From:* Willy Tarreau [mailto:w...@1wt.eu]
*Sent:* Tuesday, May 7, 2019, 14:46 EDT
*To:* Patrick Hemmer
*Cc:* haproxy@formilux.org
*Subject:* HAProxy 1.9.6 unresponsive
Hi Patrick,
On Tue, May 07, 2019 at 02:01:33PM
*From:* Willy Tarreau [mailto:w...@1wt.eu]
*Sent:* Monday, April 29, 2019, 23:55 EDT
*To:* William Lallemand
*Cc:* Tim Düsterhus , Patrick Hemmer
, haproxy@formilux.org
*Subject:* [PATCH] MINOR: systemd: Make use
*From:* Tim Düsterhus [mailto:t...@bastelstu.be]
*Sent:* Friday, April 26, 2019, 15:03 EDT
*To:* Patrick Hemmer , William Lallemand
*Cc:* haproxy@formilux.org, w...@1wt.eu
*Subject:* [PATCH] MINOR: systemd: Make use
*From:* Willy Tarreau [mailto:w...@1wt.eu]
*Sent:* Monday, May 6, 2019, 08:42 EDT
*To:* Patrick Hemmer
*Cc:* haproxy@formilux.org
*Subject:* HAProxy 1.9.6 unresponsive
On Sun, May 05, 2019 at 09:40:02AM +0200, Willy
aster only, and
the master watches the workers in turn. If a worker stops responding,
the master would restart just that one worker.
Any thoughts on the matter, or do we not want to do this, and rely on a
custom check in the cluster management software?
-Patrick
istros use different directories,
such as RedHat which uses /etc/sysconfig
-Patrick
as successful or not.
I haven't thought about this a whole lot, but I'm thinking the way to
address it would be some sort of inquiry to the master process, which
means using the socket. So if the systemd unit file ensured that the
master socket is available, then ExecReload could be adjusted to use it
and get success/failure feedback.
-Patrick
. However
I did capture a core file before doing so.
-Patrick
re showing the client did no such thing. Additionally there are
other requests on the same connection, both before & after the one that
gets reset, which go through fine.
Willy, I'm going to send both the logs and packet capture off-list.
-Patrick
gineer
This is just a stab in the dark, but try deleting the header, then
adding it back. For example
http-response set-var(res.conlen) res.hdr(content-length)
http-response del-header content-length
http-response set-header Content-Length %[var(res.conlen)] if {
var(res.conlen) -m found }
-Patrick
le flags, so the doc
was already somewhat Linux specific. However other references, such as
"netstat -i", are cross-platform.
So where do we draw the line on being Linux-specific in our
documentation, vs. OS agnostic?
-Patrick
*From:* Patrick Hemmer [mailto:hapr...@stormcloud9.net]
*Sent:* Wednesday, June 26, 2019, 08:06 EDT
*To:* haproxy@formilux.org
*Subject:* haproxy inappropriately sending rst_stream on http/2
I'm running haproxy 1.9.8
*From:* Patrick Hemmer [mailto:hapr...@stormcloud9.net]
*Sent:* Friday, June 28, 2019, 11:50 EDT
*To:* HAProxy
*Subject:* fullconn not working
I'm trying to get fullconn working, and can't seem to do so. I dunno
if it's
*From:* Pavlos Parissis [mailto:pavlos.paris...@gmail.com]
*Sent:* Tuesday, July 16, 2019, 09:32 EDT
*To:* haproxy@formilux.org
*Cc:* Patrick Hemmer
*Subject:* fullconn not working
On Παρασκευή, 28 Ιουνίου 2019 5:50:48
being redispatched. The higher
level code assumes that if the request was in a queue, and is now no
longer in a queue, then redispatch is the appropriate action.
Thanks
-Patrick
From a3c8ba92a05ec877662359f963ece0cfa82051f8 Mon Sep 17 00:00:00 2001
From: Patrick Hemmer
Date: Thu, 12 Sep 2019 22
*From:* Jerome Magnin [mailto:jmag...@haproxy.com]
*Sent:* Tuesday, July 16, 2019, 10:19 EDT
*To:* Patrick Hemmer
*Cc:* Pavlos Parissis , haproxy@formilux.org
*Subject:* fullconn not working
Hi Patrick,
On Tue, Jul 16
ld be to add
a lua action to sleep for 10 seconds on the response when you have a
connect error, and then override the response to a 307 (or perhaps 302)
redirect back to the same location. This will then cause the browser to
retry the request.
-Patrick
-
4/4/1/2/0 0/0 "GET /?sleep=2=1 HTTP/1.1"
<30>Jun 28 11:37:47 haproxy[75322]: 127.0.0.1:55120
[28/Jun/2019:11:37:45.658] f1 b1/s1 0/0/0/2003/2003 200 75 - -
4/4/0/1/0 0/0 "GET /?sleep=2=2 HTTP/1.1"
So am I misunderstanding how fullconn works? Or is there a bug?
I've tested with 2.0.1, 1.9.8, and 1.8.13.
-Patrick
ing people to try a later
version if available. Just that I don't think it should be the expectation.
-Patrick
w. You should add this to the doc
> (and the reg-test) then.
Done.
- Patrick>From 8f6ce045c80e0f67a485233ee602b57b4c311bde Mon Sep 17 00:00:00 2001
From: Patrick Gansterer
Date: Sun, 17 Jun 2018 11:21:11 +0200
Subject: [PATCH 1/2] MINOR: crypto: Move aes_gcm_dec implementation into new
file
-
Tim,
sorry for the troubles. My mail program added automatic line breaks. :-(
I attached the two files now.
- Patrick
>From 8f6ce045c80e0f67a485233ee602b57b4c311bde Mon Sep 17 00:00:00 2001
From: Patrick Gansterer
Date: Sun, 17 Jun 2018 11:21:11 +0200
Subject: [PATCH 1/2] MINOR: crypto: M
Tim,
thanks for the review. I just rebased my old patch today and didn't check what
changed in the meantime in the codebase. I created a separate patch to move
aes_gcm_dec out of ssl_sock.c since it seams to fit better to my new file.
- Patrick
>From 8f6ce045c80e0f67a485233ee602b57b4c311
5FFAF22231F851CF00C96C6EE98DF9E0B66FFE7C089"
expect resp.http.x-crc32 == "688229491"
expect resp.http.x-crc32-1 == "4230317029"
expect resp.http.x-crc32c == "2621708363"
diff --git a/src/crypto.c b/src/crypto.c
new file mode 100644
index
tion as
well. I am very sorry to see how this experience went for you. If it is
of any help to you: This is definitely not how it usually goes.
Then here is my next try. ;-)
I've rebased my changes to reflect the recent changes and added the
missing description to the first p
ke haproxy and want to give something back, but I'm not sure
if I want to do that in the future with the experience I had so far. :-(
- Patrick
entry was used and also no
CAs were offered for test123.
Does somebody have more implementation details on this? Can I rely on my
observations for all crt-list properties, like ciphers and others?
Best regards,
Patrick
is where I run into compile errors. Is there support for these
compile bugs or am I on my own?
Thanks for any help you can offer.
Patrick Overbey
Software Development Engineer Staff
Product Development/Bank Solutions
Office: 605-362-1260 x7290
Fiserv
Join us @ Forum
2019<http://links.mkt030.
gld
version 2.29.1, but ran into many undefined reference errors (attached).
Thank you!
Patrick Overbey
Fiserv
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: Thursday, December 27, 2018 8:17 AM
To: Overbey, Patrick (Sioux Falls)
Cc: Aleksandar Lazic ; haproxy
_DECLARE_INITCALL(stage, __LINE__, function, arg1, 0, 0)
^
src/connection.c:1302:1: note: in expansion of macro 'INITCALL1'
INITCALL1(STG_REGISTER, sample_register_fetches, _fetch_keywords);
^
gmake: *** [Makefile:991: src/connection.o] Error 1
Thanks.
Patrick Overbey
Fis
'?
ip_v = (*line & 0xf0) >> 4;
^~~~
Patrick Overbey
Fiserv
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: Wednesday, April 03, 2019 3:50 PM
To: Overbey, Patrick (Sioux Falls)
Cc: maio...@gmail.com; haproxy@formilux.org
Subject: Re: Upcoming haproxy b
'_DECLARE_INITCALL'
_DECLARE_INITCALL(stage, __LINE__, function, arg1, 0, 0)
^
src/connection.c:1302:1: note: in expansion of macro 'INITCALL1'
INITCALL1(STG_REGISTER, sample_register_fetches, _fetch_keywords);
^
gmake: *** [Makefile:996: src/connection.o] Error 1
Patrick Overbey
Sorry, Willy. I'm still having the same troubles after the changes.
Patrick Overbey
Fiserv
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: Wednesday, April 03, 2019 3:10 PM
To: Overbey, Patrick (Sioux Falls)
Cc: maio...@gmail.com; haproxy@formilux.org
Subject: Re
That worked great. Thanks Willy!
Patrick Overbey
Fiserv
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: Wednesday, April 03, 2019 10:01 PM
To: Overbey, Patrick (Sioux Falls)
Cc: maio...@gmail.com; haproxy@formilux.org
Subject: Re: Upcoming haproxy build fixes
Great. Thank you Willy.
Patrick Overbey
Fiserv
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: Wednesday, April 03, 2019 1:18 AM
To: Overbey, Patrick (Sioux Falls)
Cc: maio...@gmail.com; haproxy@formilux.org
Subject: Re: Upcoming haproxy build fixes for Cygwin &
Wow. Really appreciate you following up. Thanks Willy!
Patrick Overbey
Fiserv
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: Friday, March 29, 2019 4:01 PM
To: maio...@gmail.com; Overbey, Patrick (Sioux Falls)
Cc: haproxy@formilux.org
Subject: Upcoming haproxy build
I was able to compile HA-Proxy version 2.0-dev2-ce4ec50 2019/04/01 with these
options using an AIX 6.1.9 system and openssl 1.0.2q. Thank you!
gmake CFLAGS="-maix64" LDFLAGS="-maix64" TARGET=aix52 USE_OPENSSL=1 USE_PCRE=1
USE_ZLIB=1
Patrick Overbey
Fiserv
-Origin
Not really necessary since "aix52" works. Production servers should really be
AIX 7.1+ anyway.
Patrick Overbey
Fiserv
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: Monday, April 01, 2019 2:48 PM
To: Overbey, Patrick (Sioux Falls)
Cc: maio...@gmail.co
Thanks. Can you let me know when the change is ported back to 1.9?
Patrick Overbey
Fiserv
-Original Message-
From: Willy Tarreau [mailto:w...@1wt.eu]
Sent: Monday, April 01, 2019 3:23 PM
To: Overbey, Patrick (Sioux Falls)
Cc: maio...@gmail.com; haproxy@formilux.org
Subject: Re
201 - 261 of 261 matches
Mail list logo