Re: WAF in HAProxy

On Fri, 6 May 2016 20:38:14 +0200 Rainer Duffner <rai...@ultra-secure.de> wrote: > > > Am 06.05.2016 um 00:15 schrieb Thierry FOURNIER > > <thierry.fourn...@arpalert.org>: > > > > Hi, > > > > You can look here: > > > > http:/

Re: Haproxy config to send traffic to multiple elbs

Hi, In the development version, you can deal with the "resolve-net" option which choose a network in priority when the RR dns provides more than one response. you can write: server s1 app1.domain.com:80 resolvers mydns resolve-net 10.1.0.0/16 server s2 app1.domain.com:80 resolvers mydns

Re: WAF in HAProxy

Hi, You can look here: http://discourse.haproxy.org/t/ironbee-in-haproxy/92 Thierry On Thu, 5 May 2016 19:50:53 + (UTC) Qingshan Xie wrote: > Hello Team,     As I understand HAProxy does not have WAF build-in, but not > sure if HAProxy Enterprise version does have

Re: PATCH 1/2: BUG/MEDIUM lua argument boundary fix

Hi, Thanks for the patch. Willy, you can apply these two pathes. Thierry On Wed, 27 Apr 2016 16:27:16 +0100 David CARLIER <devne...@gmail.com> wrote: > Hi all, > > This is a first patch for the lua module already overviewed by Thierry > Fournier. > This one con

Re: map_dom vs map_str

On Thu, 31 Mar 2016 08:36:45 + Gerd Mueller wrote: > Hi all, > > just read in the documentation that map_str uses a balanced tree vs. > map_dom is using a list. So why should I use map_dom? Hi, from the documentation: domain match : check that a

Re: LUA: Skip HTTP headers and forward TCP traffic

Hi, Its strange. The yield is normally allowed except when the function process the last set of data. I suppose that your readline function finished to read the headers line and its reading the ssh payload. The ssh payload it is not tzerminated by a '\n', so the readline function waits for more

Re: Conditionally include unique-id-header

6.4. Did you have to do anything else > to get that to show up? > > > > Thanks! > Scott > > On 4/8/16, 12:04 PM, "Thierry FOURNIER" <thierry.fourn...@arpalert.org> wrote: > > >Hi, > > > >I ve just submit a sample which returns the co

Re: Conditionally include unique-id-header

Hi, I ve just submit a sample which returns the content of the unique-id. So, you can write: unique-id-format %{+X}o\ %ci-%cp-%rt-%pid-%Ts%fp acl unique_id_missing hdr_cnt(X-Unique-ID) eq 0 http-request add-header X-Unique-ID %[unique-id] if unique_id_missing Thierry On Fri, 8 Apr

Re: using use_backend rules with map files

Hi, When use_backend is choosed, the evaluation of other use_backend conditions stops. Your configuration just miss a test like this: acl test_path path,map_beg(/etc/haproxy/path2backends.map) -m bool true use_backend bk_%[path,map_beg(/etc/haproxy/path2backends.map)] if test_path

Re: acl's re-calculated after reqrep ?

Hi, The ACL are implicitly recalculated because they are never precalculated. They are calculated each time that the condition result is required. Thierry On Tue, 23 Feb 2016 22:44:38 -0700 Jim Freeman wrote: > [ using 1.6.3 on Debian8 ] > > Are acl's re-calculated after

Re: [BUG] core.msleep yields forever

> > Requests per second:4.88 [#/sec] (mean) > > So, new patch works for me. > > B. > > > > On 20 Feb 2016, at 17:10, Thierry FOURNIER <tfourn...@arpalert.org> wrote: > > > > Hi, > > > > Thank you Robert for the bug

Re: [BUG] core.msleep yields forever

(L, 0, 0, hlua_sleep_yield, wakeup_ms, > > HLUA_CTRLYIELD)); > > return 0; > > } > > > > @@ -5013,7 +5013,7 @@ __LJMP static int hlua_msleep(lua_State *L) > > wakeup_ms = tick_add(now_ms, delay); > > lua_pushinteger(L, wakeup_ms); > &g

Re: lua core.register_task

On Mon, 8 Feb 2016 21:20:25 +0100 Beluc <belu...@gmail.com> wrote: > Hi, > Thank you for answering ! > > Le 8 févr. 2016 9:05 PM, "Thierry FOURNIER" <thierry.fourn...@arpalert.org> > a écrit : > > > > On Mon, 8 Feb 2016 18:36:38 +0100

HAProxy WAF and IronBee

Hi everyone, I just implemented an IronBee integration in HAProxy. Its experimental. If anyone is interested, look on the HAProxy's discourse website: http://discourse.haproxy.org/t/ironbee-in-haproxy/92 Thierry

Re: lua core.register_task

On Mon, 8 Feb 2016 18:36:38 +0100 Beluc wrote: > Hi, > > I have few questions about that : > > is that annoying to do fs i/o in a core.register_task ? I read that > everywhere else, it's not recommended but here, I'm not sure ... Hello, I confirm: it is not recommended

Re: clone traffic with haproxy

Hi, You can do a thing like this with hapoxy 1.6 and a Lua script, but you can duplicate only the part of the request which contains in one haproxy buffer (about 16k). You declare an http action which wait for a full buffer and duplicate the content to an http server using the internal Lua

Re: Two questions about lua

[...] > > > If you want a other maneer to store shared data inhaproxy, you can use > > > maps. The maps are shared by all the HAProxy process including Lua with > > > a special API (see Map class) > > > > I thought on Maps but I didn't find a write access in lua according > > to

Re: lua: header sample fetch doesn't work in POST requests

Dec 2015 17:05:58 +0100 Thierry FOURNIER <thierry.fourn...@arpalert.org> wrote: > Hello, > > Thank you for the bug repport and the method for reproducing it. > > You're absolutely right, I reproduce the bug. Unfortunately it's not a > bug. When we enter in the applet r

Re: SEGFAULT in in buffer_insert_line2

Hi, The new release of the 1.6 will fix this problem. It was due to an HTTP analyer called and use after the flush of some http data by the AppletHTTP Lua things. Thierry On Sat, 5 Dec 2015 02:00:50 +0100 Willy Tarreau wrote: > On Fri, Dec 04, 2015 at 09:18:38AM +0100, Bernd

Re: LUA - File not found

On Mon, 14 Dec 2015 21:21:00 -0800 Hugues Alary wrote: > Someone answered me in a private message and pointed out I must be running > in a chroot. > > This is indeed the issue. Removing the chroot global option fixes this. Hi, you should move your lua library in the

Re: txn:get_headers()

_st_ext": (function) function: 0xf88db0 > "sc2_http_err_cnt": (function) function: 0xf83e30 > "srv_sess_rate": (function) function: 0xf84150 > "res_ver": (function) function: 0xf816c0 > "req_cook_val&q

Re: lua, changing response-body in http pages 'supported' ?

treams during the tranfer. This is a little bit complex to write because you must reenconding an http parser. Thierry > Regards, > Nenad > > On 10/26/2015 12:00 PM, Thierry FOURNIER wrote: > > On Sun, 25 Oct 2015 02:09:15 +0100 > > PiBa-NL <piba.nl@gmail.com> w

Re: txn:get_headers()

On Fri, 11 Dec 2015 17:05:16 -0800 Hugues Alary wrote: > Hi there, > > I'm trying my hands on haproxy 1.6.2 and I'm excited about the LUA > integration. > > I'm however running into an issue and can't figure out why. Please forgive > me if my issue is only due to my

Re: Lua plugin for Let's Encrypt CA available

On Sun, 13 Dec 2015 17:21:51 +0100 "Jan A. Bruder" wrote: > Thought i should put the Lua API to some good use: The plugin introduces > support for ACME domain validation against running instances of HAProxy. > >

Re: lua: header sample fetch doesn't work in POST requests

Hello, Thank you for the bug repport and the method for reproducing it. You're absolutely right, I reproduce the bug. Unfortunately it's not a bug. When we enter in the applet run, the data of the body is received, and when the body data is received, HAProxy looses the offset headers. So, you

Re: urlp strange behaviour ?

Hi, I agree with you, but in HAProxy, the ';' is considered as parameter delimiter. Its hardcoded, and I don't known the reason. So the behaviour that you observe is the normal HAProxy behaviour. Thierry On Tue, 8 Dec 2015 09:17:38 + Laurent Penot wrote: > HI, > >

Re: urlp strange behaviour ?

t;word1+> [info] 341/225421 (8080) : ua=word1+ In all cases, there are the expected results and the same results. I agree with a previous email "+;" and ";+" are valid url encoding. Do I forgot or missed something ? Thierry > > Best > Laurent > > &g

Re: lua authentication

> > > if i do anything with ldap ill post it... > > > > - Original Message - > > From: "Grant Haywood" <gr...@iowntheinter.net> > > To: "thierry fournier" <thierry.fourn...@arpalert.org> > > Cc: "Igor Cicimov" <

Re: lua authentication

ket, and write a bridge to ldap daemon in something thats not lua. (use at > your own risk/understanding/vetting) > > kind of like this https://doc.powerdns.com/md/authoritative/backend-pipe/ > (i know thats not for auth, but same concept) > > - Original Message - >

Re: lua authentication

aywood <gr...@iowntheinter.net> wrote: > I found a pretty good starting point > > https://github.com/morganfainberg/HAProxyKeystoneMiddlware > > if i do anything with ldap ill post it... > > - Original Message - > From: "Grant Haywood" <gr...@iown

Re: Lua Shell letsencrypt

On Fri, 4 Dec 2015 00:23:53 -0700 Mela Luca wrote: > I am looking to automate letsencrypt with lua, the process would be to detect > to see if the domain has a cert already, if not it would execute letsencrypt > on the domain. > Any thought if this would be possible to

Re: Fwd: Re: [squid-users] intercepting traffic

On Thu, 03 Dec 2015 07:40:03 -0500 Brendan Kearney wrote: > i am looking to setup a transparent intercepting proxy, where i use > iptables to DNAT traffic on port 80 and redirect it to HAProxy and in > turn load balance to Squid for fulfillment. the DNAT to HAProxy works >

Re: lua authentication

Hi, I complement, I would say, that the Lua bindings for the standard Openldap client exists, but unfortunately, the operation is blocking, and doesn't run very well with HAProxy. It seems that a Lua rewrite of the LDAP protocol using standard Lua HAProxy socket is a solution, but this is a big

Re: Two questions about lua

On Tue, 1 Dec 2015 18:58:13 +0100 joris dedieu <joris.ded...@gmail.com> wrote: > 2015-12-01 10:57 GMT+01:00 Thierry FOURNIER <thierry.fourn...@arpalert.org>: > > On Mon, 30 Nov 2015 18:03:00 +0100 > > joris dedieu <joris.ded...@gmail.com> wrote: > >

Re: Two questions about lua

On Mon, 30 Nov 2015 18:03:00 +0100 joris dedieu <joris.ded...@gmail.com> wrote: > Thanks Thierry, for your answers. > > > 2015-11-30 16:53 GMT+01:00 Thierry FOURNIER <thierry.fourn...@arpalert.org>: > > On Mon, 30 Nov 2015 08:37:00 +0100 > > joris d

Re: Two questions about lua

On Mon, 30 Nov 2015 08:37:00 +0100 joris dedieu wrote: > Hi all, > > I started to drive into haproxy's lua interface. I produced a few code > that allows dnsbl lookup and it seems to work. > > First I have a C wrapper against the libc resolver.. > > #include >

[LUA] statistics aggregation

Hi list, There are first useful Lua scripts: http://www.arpalert.org/haproxy-scripts.html One of these allows the aggregation of the statistics of many HAProxy instances. It permits to redistribute the data in CSV format via HTTP, or reuse the aggregated value throught sample fetches.

[LUA] more documentation

Hi all, If you are interested by the Lua subject, I put a new technical documentation online: http://www.arpalert.org/haproxy-lua.html This documentation is also avalaible in the direction "doc/" of the HAProxy source project. Thierry

Re: LUA, 'retry' failed requests

, and the second one fix he segfault. Thierry On Mon, 2 Nov 2015 20:50:01 +0100 PiBa-NL <piba.nl@gmail.com> wrote: > Op 2-11-2015 om 10:03 schreef Thierry FOURNIER: > > On Sat, 31 Oct 2015 21:22:14 +0100 > > PiBa-NL <piba.nl@gmail.com> wrote: > > > >

Re: LUA, 'retry' failed requests

a-count", "http", function(applet) > if test == null then >test = 0 > end > test = test + 1 > local response = "" > if test % 5 == 0 then >applet:set_status(500) >response = "Error " .. test > else >applet:s

Re: [LUA] Lua advanced documentation

On Wed, 28 Oct 2015 21:18:42 +0100 PiBa-NL <piba.nl@gmail.com> wrote: > Op 28-10-2015 om 9:28 schreef Thierry FOURNIER: > > Hi List, > > > > I wrote a Lua advanced documentation. This explain the Lua integration > > in HAProxy, the reason of some

[LUA] Lua advanced documentation

Hi List, I wrote a Lua advanced documentation. This explain the Lua integration in HAProxy, the reason of some choices. Some traps and Lua code with advanced comments. This doc is not terminated, but I want to release a first version. I will fill the missing points later. unfortunatelly I have

Re: lua, changing response-body in http pages 'supported' ?

On Sun, 25 Oct 2015 02:09:15 +0100 PiBa-NL wrote: > Hi Thierry, haproxy-list, > > Op 19-10-2015 om 11:24 schreef thierry.fourn...@arpalert.org: > > On Mon, 19 Oct 2015 01:31:42 +0200 > > PiBa-NL wrote: > > > >> Hi Thierry, > >> > >> Op 18-10-2015

Re: lua, changing response-body in http pages 'supported' ?

On Mon, 19 Oct 2015 01:31:42 +0200 PiBa-NL wrote: > Hi Thierry, > > Op 18-10-2015 om 21:37 schreef thierry.fourn...@arpalert.org: > > On Sun, 18 Oct 2015 00:07:13 +0200 > > PiBa-NL wrote: > > > >> Hi haproxy list, > >> > >> For testing purposes i

Re: lua, changing response-body in http pages 'supported' ?

On Sun, 18 Oct 2015 00:07:13 +0200 PiBa-NL wrote: > Hi haproxy list, > > For testing purposes i am trying to 'modify' a response of a webserver > but only having limited success. Is this supposed to work? > As a more usefull goal than the current LAL to TST replacement i

Re: Lua complete example ?

On Fri, 16 Oct 2015 23:08:51 +0200 One Seeker wrote: > Thank you Willy, that's an honest answer. > You grasped my "practical" concern (I always thought "Examples" section in > man pages should be moved up high :) > I've been to blog.haproxy.com, and no full-fat Lua meals

Re: Documentation problems for 1.6

On Wed, 14 Oct 2015 08:00:27 -0600 Shawn Heisey wrote: > Just FYI, in case you don't already know, I have some problems to report > with the documentation links on the website. > > The 1.6 HTML documentation links on haproxy.org have "1.7-dev0" at the top: > >

[LUA] a debug tool

Hi list, While waiting for an article about Lua development in HAProxy, I post one of my debug tools. It is procided as is without doc except the following lines. I suppose that the guy which do scripting knows the PHP print_r or the perl Data::Dumper(), so I wrote an Lua print_r. It try to

Re: core dump, lua service, 1.6-dev6 ss-20150930

On Wed, 14 Oct 2015 05:39:58 +0200 Willy Tarreau wrote: > Hi Pieter, > > On Wed, Oct 14, 2015 at 01:43:40AM +0200, PiBa-NL wrote: > > Ok got some good news here :).. 1.6.0-release nolonger has the error i > > encountered. > > > > The commit below fixed the issue already. > > -- >

Re: core dump, lua service, 1.6-dev6 ss-20150930

On Tue, 13 Oct 2015 00:46:43 +0200 Willy Tarreau wrote: > On Tue, Oct 13, 2015 at 12:32:08AM +0200, PiBa-NL wrote: > > >Yep so here rqh is in fact req->buf->i and as you noticed it's been > > >decremented a second time. > > > > > >I'm seeing this which I find suspicious in hlua.c :

Re: Outbound SMTP connection with HAProxy

Hi, You don't need any component to route outbound connection. This is the role of your NAT router. Each of your CAS simply establish a conection to internet throught your NAT router. Thierry > Hi Everyone, > > > > Please I need help. I have this setup and I want to be able to route SMTP >

Re: core dump, lua service, 1.6-dev6 ss-20150930

to bench with my http injector, and I try with ab with and without keep alive. I try also to stress the admin page, and I can't reproduce pthe problem. Argg, I see a major difference: to use freebsd. I don't have the environment for testing it. I must install a VM. > Op 5-10-2015 om 16:06 sch

Re: core dump, lua service, 1.6-dev6 ss-20150930

Hi, I process this email later. For waiting, I propose to you to set the "option http-server-close". Actually, the "services" doesn't support itself the keepalive, but HAProxy does this job. The "option http-server-close" expectes a server-close from the service stream. The front of HAProxy

Re: [PATCH] DOC: fix lua use-service example

Thank you Thierry On Thu, 1 Oct 2015 22:51:08 +0200 PiBa-NL wrote: > Hi List, > A small DOC fix attached for the lua applet example. > Regards, > PiBa-NL

Re: LUA

Hello, its not a dumb question, because all of this is a little bit confused. Lua is a programation language. The basics of the labguage and the main API are avalaible on the web site: http://www.lua.org/ More precisely the manual according with the Lua version in use in Haproxy is here:

Re: segfault writing to log from Lua

ps: a temporary workaround waiting for the fix, is to add the following line at the start of the first loaded lua script. core.Alert = function(msg) print(msg) end Thierry On Tue, 29 Sep 2015 07:37:12 -0400 Michael Ezzell wrote: > Although I am seeing this in Lua, it

Re: segfault writing to log from Lua

On Mon, 28 Sep 2015 20:50:44 -0400 Michael Ezzell wrote: > I fired up HA-Proxy version 1.6-dev6-e7ae656 2015/09/28 for testing, and > was greeted with... > > Segmentation fault (core dumped) > > Since I've been primarily testing Lua, I started by commenting out my Lua >

Re: segfault writing to log from Lua

Michael, thank you for the bug repport. I reproduce it. It is introduced with the support of the RFC5424 for the logs format sublitted by dragan. Hi Dragan, after your patch about the RFC5424, the funcion __send_log() no longer support NULL for the "*p" param. Can you fix this ? It seems that

Re: Lua usage question - log format variables

On Tue, 29 Sep 2015 09:57:46 -0400 Michael Ezzell wrote: > We have "fetches" accessible from Lua, but I have not found a mechanism > that allows me to access the value of log format variables. > > Examples of useful variables: > > %b | backend_name > %f | frontend_name

Re: Possible bug: Lua socket loses incoming payload when server closes the connection aggressively in 1.6-dev5-a02e8a6

. but with this change, I > can achieve the correct behavior by avoiding the premature destruction of > the socket when the connection is only half closed. > > if (!c || (channel_output_closed(si_ic(si)) && > channel_input_closed(si_oc(si { > > > > > O

Re: HAProxy/Lua survey about lua configuration form

On Wed, 23 Sep 2015 09:37:41 +0200 Willy Tarreau wrote: > On Tue, Sep 22, 2015 at 10:18:10PM -0400, Michael Ezzell wrote: > > I don't see a significant problem, if there are benefits to be gained. > > > > I assume part of the motivation is to prevent inadvertently calling an > >

Re: HAProxy/Lua survey about lua configuration form

On Tue, 22 Sep 2015 22:18:10 -0400 Michael Ezzell wrote: > I don't see a significant problem, if there are benefits to be gained. > > I assume part of the motivation is to prevent inadvertently calling an > inappropriate function as an action, to perhaps to allow earlier

Re: HAProxy/Lua survey about lua configuration form

Ok thank you for your opinions. The patch set is in attachment. Thierry On Wed, 23 Sep 2015 19:50:24 +0200 Willy Tarreau <w...@1wt.eu> wrote: > On Wed, Sep 23, 2015 at 07:37:56PM +0200, Thierry FOURNIER wrote: > > The pending "use-service" code already embbed some c

Re: HAProxy/Lua survey about lua configuration form

On Wed, 23 Sep 2015 21:15:08 +0200 Willy Tarreau <w...@1wt.eu> wrote: > On Wed, Sep 23, 2015 at 09:09:09PM +0200, Thierry FOURNIER wrote: > > Ok thank you for your opinions. The patch set is in attachment. > > Thanks. Is it for testing only or for applying ? Just let me

HAProxy/Lua survey about lua configuration form

Hi list, Actually we two Lua registration forms: The style of fetches and converters (and coming soon the "services"). With this registering style, the Lua developer register the function in the haproxy core like this: core.register_fetch("fetch-name", function(...) ... code ...

Re: Build failure in current master HEAD

Thank you. I submit the patch. Thierry On Fri, 11 Sep 2015 10:38:22 +0200 Conrad Hoffmann wrote: > Hi, > > I cannot build the current dev's master HEAD (ec3c37d) because of this error: > > > In file included from include/proto/proto_http.h:26:0, > >

Re: Migration from nginx

On Tue, 8 Sep 2015 11:35:48 +0300 Vladimir Mihailenco wrote: > That is very unlikely since haproxy and Go app run on same machine. But > probably Go expects more data than haproxy buffers - I don't know how to > check this assumption... The appropriate Go code is >

Re: Lua syslog messages are truncated in 1.6-dev4

in hlua.c have a trailing dot "." in the > message that is masking the truncation issue because the output message > stops on a clean word boundary. I suspect these would also benefit from > "\n" appended to their format strings as well, since this appears to be the >

Re: Migration from nginx

On Sat, 5 Sep 2015 18:13:57 +0300 Vladimir Mihailenco wrote: > Thanks for advice. It turns out that Go silently (without any reply and log > message) closes the connection when it can't fully read request headers. > Which is kinda strange, because I thought that

Re: Lua outbound Sockets in 1.6-dev4

Thank you, Will had just applied the patch on the current development branch. Thierry On Sat, 5 Sep 2015 15:28:10 -0400 Michael Ezzell <mich...@ezzell.net> wrote: > I can confirm, the patch appears to work correctly. Thank you for the fix. > . > > On Fri, Sep 4, 2015 a

Re: Lua outbound Sockets in 1.6-dev4

Hi, now I reproduce the bug, and I fixed it :) Can you test the attached patch ? Thank you, Thierry On Thu, 3 Sep 2015 11:55:05 +0200 Thierry FOURNIER <thierry.fourn...@arpalert.org> wrote: > On Wed, 2 Sep 2015 10:55:21 -0400 > Michael Ezzell <mich...@ezzell.net> wrote: >

Re: Migration from nginx

On Wed, 2 Sep 2015 09:26:25 +0300 Vladimir Mihailenco wrote: > Hi, > > I am trying to migrate existing app written in Go from nginx to HA-Proxy > version 1.5.14 2015/07/02 on Ubuntu 12.04. nginx/haproxy runs behind F5 > load balancer. My config: >

Re: Question about the status of the connection pool

On Fri, 04 Sep 2015 22:30:08 +0200 Aleksandar Lazic wrote: > Dear Developers ;-). > > Please can you tell me/us what's the status of the backend connection > pooling? > > Are the specs defined? > will the connection pooling be ready for 1.6? Hi, In the current 1.6dev

Re: Lua outbound Sockets in 1.6-dev4

On Wed, 2 Sep 2015 10:55:21 -0400 Michael Ezzell wrote: > You are NOT able to reproduce? I misunderstood your previous comment. Yes I not reproduce. > Further testing suggests (to me) that this is a timing issue, where HAProxy > does not discover that the connection is

Re: Lua outbound Sockets in 1.6-dev4

Thank you, Now I'm sure that the connection is establish. I see also that HAProxy close the connection 3seconds later, according with the timeout. Now the hard work begin :) I can't reproduce the bug. I agree your conclusion, the error message "Can't connect" is found only once in the HAProxy

Re: Lua outbound Sockets in 1.6-dev4

Hello, Can you try to change your error detection. You wrote this: local connected, con_err = sock:connect("x.x.x.x",80); if con_err ~= nil then core.log(core.alert,"connect() failed with error: '" .. con_err Can you write this: local connected, con_err =

Re: Lua outbound Sockets in 1.6-dev4

Ok, I can reproduce your problem. I tried on my computer to establish a connection to an http serveur (client speaks first) an to an ssh server (serveur speak firt), and I can reproduce the error i the both cases. Can you run a tcpdump for validating the TCP connection establishment ? Thierry

Re: TCP_NODELAY in tcp mode

On Thu, 27 Aug 2015 20:34:35 +0300 Dmitry Sivachenko trtrmi...@gmail.com wrote: Hello, we have a client-server application which establish a long-living TCP connection and generates a lot of small request-response packets which need to be processed very fast. Setting TCP_NODELAY on

Re: Using sockets from Lua

Hello, Thank you for the bug repport. It is fixed in the current developpment version. You must compile from sources or wait for the next dev release. Actually, the function txn.close() causes a segfault, it will be fixed in a few time. Thierry On Thu, 20 Aug 2015 15:09:10 +0300 Tsvetan

Re: HTTP CONNECT request returns 4XX

Hi, Its possible with the Socket Lua object. The high level directives ares: - create a tcp frontend - create an hook with tcp-request content lua - in the lua, you read the first line with the Channel object (txn.req:read()) - establish the SSL conenction with Socket like this: socket =

Re: [PATCH] DOC: match several lua configuration option names to those implemented in code

Hi, Thank you for the doc fix. Thierry On Sun, 16 Aug 2015 16:08:01 +0200 PiBa-NL piba.nl@gmail.com wrote: Hi, Ive found some inconsistencies in the documentation, patch attached. Could you take a look and merge it? Thanks. Regards, PiBa-NL

Re: Manipulating backend list with lua

On Mon, 10 Aug 2015 22:24:43 -0400 Camilo Lopez cam...@camilolopez.com wrote: Dearest list, (Although this question is mostly directed to Thierry and Willy) What is the best (or is it even possible) way of manipulating the list of backend servers at runtime using lua ? Hi Camilo, You

Re: Contribution: change response line

-20150723 I'm not sure what did you mean by the function http_replace_res_line should be integrated also with the http-response. Could you explain a bit? Thank you! Best, Bowen On Thu, Jul 23, 2015 at 1:14 AM, Thierry FOURNIER thierry.fourn...@arpalert.org wrote: Hi Bowen, Can you

Re: Contribution: change response line

Hi Bowen, Can you send an email with the pacth in attachement ? the email encoding for inline text makes some difficulties to get the patch without modifications. In other way, the patch its intresting, but I think that the function http_replace_res_line should be integrated also with the

Re: Problems compiling HAProxy with Lua Support

Hi Vincent, Thank you for the patch. Just for (historical) information, a few time ago, Joe Williams had reported an issue with -ldl and lua. I fixed it, and a few time after the fix, Dmitry Sivachenko reported that the fix breaks FreeBSD compilation (because FreeBSD doesn't have the libdl). So,

Re: Load Balancing the Load Balancer

the relation between L4 and L7 load-balancing, and the private and public cloud. Thierry -Original Message- From: Thierry FOURNIER [mailto:thierry.fourn...@arpalert.org] Sent: giovedì 9 luglio 2015 14.51 To: mlist Cc: 'haproxy@formilux.org' Subject: Re: Load Balancing the Load

Re: Load Balancing the Load Balancer

On Thu, 9 Jul 2015 11:08:58 + mlist ml...@apsystems.it wrote: We have a question about Load Balancing the load balancer... We have as now 2 LVS load balancer in active / passive configuration with keepalived. We want to introduce L7 load balancer (HAProxy) in active / active

Re: Haproxy small patches

Hi David, Maybe should be simpler to declare an haproxy popcount function with a generic name: static inline unsigned int haproxy_popcount(unsigned long a) And modify the content of the function with the macro: static inline unsigned int haproxy_popcount(unsigned long a) { #if(defined

Re: Lua testcase.. some 'random' data returned when loading a image.. 1.6dev2

poll : pref=200, test result OK select : pref=150, test result OK Total: 3 (3 usable), will use kqueue. -- Thierry FOURNIER thierry.fourn...@arpalert.org

Re: Delaying requests with Lua

Hi, You can do this with Lua. Its very easy. First, you create a lua file containing the following code. The name of this Lua file is file.lua. function delay_request(txn) core.msleep(1000 + txn.f.rand(1000)) end Second, you configura haproxy for loading ths file. In the global

Re: Need help about ACLs settings

backend test balance roundrobin server test01 xx.xx.xx.xx:42 check server test02 xx.xx.xx.xx:42 check Thibault Labrut. De : Thierry FOURNIER tfourn...@haproxy.com Date : jeudi 11 juin 2015 11:56 À : Thibault Labrut t.lab...@pickup-services.com Cc : haproxy

Re: LuaSocket problem with HAProxy

Hello list, I’m using HAProxy-1.6 with Lua. My use case involves a Lua extension library LuaSocket and I’m having problems configuring HAProxy to use LuaSocket. When I use LuaSocket directly in Lua everything works fine: [bowen ~]$ lua Lua 5.3.0 Copyright (C) 1994-2015 Lua.org,

Re: Need help about ACLs settings

On Thu, 11 Jun 2015 09:06:43 + Thibault LABRUT t.lab...@pickup-services.com wrote: Hello, I’m going to install HA Proxy. My architecture is as folows : - 2 servers in DMZ = reverse proxy (RP) - 2 servers in LAN = Load balancing (LB) Several applications contact RP with different

Re: Configure Haproxy to dynamically set backend server

/plugins/ts_lua.en.html#ts-client-request-set-url-host Thanks, Mrunmayi  On Tuesday, May 26, 2015 3:15 AM, Thierry FOURNIER tfourn...@haproxy.com wrote: On Fri, 22 May 2015 19:06:59 + (UTC) Mrunmayi Dhume mrunmayi.dh...@yahoo.com wrote: Hello, I am using haproxy

Re: Configure Haproxy to dynamically set backend server

On Fri, 22 May 2015 19:06:59 + (UTC) Mrunmayi Dhume mrunmayi.dh...@yahoo.com wrote: Hello, I am using haproxy-1.6 with Lua. I have a use-case where I want to set the destination (backend server) very dynamically, based on certain layer 7 information (I am trying to avoid updating

[PATCH] Re: 503 when using set-path and mapped backend

Hi, The bug seems to be fixed, can you try the attached path ? Thierry FOURNIER On Sat, 25 Apr 2015 09:32:33 +0200 Thierry FOURNIER tfourn...@haproxy.com wrote: Hi, Thank you for the bug repport. I reproduce it, and it was a real bug. I look for this later. Thierry On Thu, 23 Apr

Re: [PATCH] Re: 503 when using set-path and mapped backend

With the patch :) Thierry On Sun, 26 Apr 2015 18:22:09 +0200 Thierry FOURNIER tfourn...@haproxy.com wrote: Hi, The bug seems to be fixed, can you try the attached path ? Thierry FOURNIER On Sat, 25 Apr 2015 09:32:33 +0200 Thierry FOURNIER tfourn...@haproxy.com wrote: Hi

Re: 503 when using set-path and mapped backend

Hi, Thank you for the bug repport. I reproduce it, and it was a real bug. I look for this later. Thierry On Thu, 23 Apr 2015 22:42:25 +0100 Robert Samuel Newson b...@rsn.io wrote: Hi All, I’m playing with the new set-path feature and encountered a bug. I’m using 1.6-dev1 plus all the

Re: How to revoke an entry from stick table base on url pattern

On Tue, 14 Apr 2015 14:36:12 +0200 Javathoughts ba...@free.fr wrote: Hello, We have to implement a reverse proxy and are under POC phase with HAproxy. A requirement is to revoke session on specific url matching. This is due to the client and server protocol and we don't have hand on them

Re: building haproxy with lua support

2001 From: Thierry FOURNIER tfourn...@haproxy.com Date: Tue, 17 Mar 2015 11:14:26 +0100 Subject: [PATCH 03/11] BUILD: lua: it miss the '-ldl' directive The Lua library requires the 'dl' library. --- Makefile |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile

<    1   2   3   4   >