Hi.
On 2023-06-02 (Fr.) 22:42, Lukas Tribus wrote:
On Fri, 2 Jun 2023 at 21:55, Willy Tarreau wrote:
Initially during the design phase we thought about having 3 states:
"off", "on", "auto", with the last one only enabling updates for certs
that already had a .ocsp file. But along discussions
Hi,
As we have now a shiny new LTS let's take a look into the future :-)
As the Wolfssl looks like a good future alternative for OpenSSL is there
any plan to add ECH (Encrypted client hello) (
https://github.com/haproxy/haproxy/issues/1924 ) into Wolfssl?
Is there any Idea which feature is
Hi Shawn.
On 2023-05-28 (So.) 05:30, Shawn Heisey wrote:
On 5/27/23 18:03, Shawn Heisey wrote:
On 5/27/23 14:56, Shawn Heisey wrote:
Yup. It was using keepalive. I turned keepalive off and repeated
the tests.
I did the tests again with 200 threads. The system running the tests
has 12
Hi.
On 14.05.23 22:07, Roman Gelfand wrote:
Here is the unsubscribe address.
https://www.haproxy.org/#tact
Regards
Alex
side=FE|BE mux=PASS flags=NO_UPG
Available services : prometheus-exporter
Available filters :
[SPOE] spoe
[CACHE] cache
[FCGI] fcgi-app
[COMP] compression
[TRACE] trace
Hope that helps
Regards
Alex
On Thu, May 11, 2023 at 11:21 PM Aleksand
Dear Nathan.
On 11.05.23 23:59, Nathan Rixham wrote:
Hi All,
I've run into an issue I can't figure out, essentially need to use
url32+src in stick tables, but where src is the x-forwarded-for address
rather than the connecting source - any advice would be appreciated.
As this is a quite
Isn't is a similar request to
https://github.com/haproxy/haproxy/issues/969 as I mentioned in the
issue https://github.com/haproxy/haproxy/issues/2149
On 06.05.23 01:18, Abhijeet Rastogi wrote:
Thanks for the response Tristan.
For the future reader of this thread, a feature request was
Hi.
Is there any Plan when the work on this part will start or will be this
a smooth forward :-)
Regards
Alex
Hi Willy.
On 28.04.23 11:14, Aleksandar Lazic wrote:
Hi Will.
On 28.04.23 11:07, Willy Tarreau wrote:
[snipp]
So from what I'm reading above, the regtest is fake and doesn't test
the presence of digits in the returned value. Could you please correct
it so that it properly verifies
Hi Will.
On 28.04.23 11:07, Willy Tarreau wrote:
Hi Alex,
On Fri, Apr 28, 2023 at 10:59:46AM +0200, Aleksandar Lazic wrote:
Hi Willy.
On 30.03.23 06:23, Willy Tarreau wrote:
On Thu, Mar 30, 2023 at 06:16:34AM +0200, Willy Tarreau wrote:
Hi Alex,
On Wed, Mar 29, 2023 at 04:06:10PM +0200
Hi Willy.
On 30.03.23 06:23, Willy Tarreau wrote:
On Thu, Mar 30, 2023 at 06:16:34AM +0200, Willy Tarreau wrote:
Hi Alex,
On Wed, Mar 29, 2023 at 04:06:10PM +0200, Aleksandar Lazic wrote:
Ping?
thanks for the ping, I missed it a few times when being busy with some
painful bugs in the past
Hi Bob.
On 18.04.23 17:07, Zakharychev, Bob wrote:
While experimenting with enabling QUIC in HAProxy sitting in front of
our closed-source application I stumbled upon a reproducible QUIC
protocol failure/malfunction while accessing specific CSS resource,
which is served via internal
Hi.
On 18.04.23 00:55, Jim Freeman wrote:
In splitting out fields from req.cook, populated fields work well, but
detecting an unset field has me befuddled:
acl COOK_META_MISSING req.cook(cook2hdr),field(3,\#) ! -m found -m str ''
does not detect that a cookie/field is empty ?
Running the
On 17.04.23 15:08, Willy Tarreau wrote:
On Mon, Apr 17, 2023 at 03:04:05PM +0200, Lukas Tribus wrote:
On Sat, 15 Apr 2023 at 23:08, Willy Tarreau wrote:
On Sat, Apr 15, 2023 at 10:59:42PM +0200, Willy Tarreau wrote:
Hi Nick,
On Sat, Apr 15, 2023 at 09:44:32PM +0100, Nick Wood wrote:
Hi.
On 15.04.23 11:32, Willy Tarreau wrote:
Hi everyone,
I was discussing with Tristan a few hours ago about the widespread
deployment of H2 and H3, with Cloudflare showing that H1 only accounts
for less than 7% of their traffic and H3 getting close to 30% [1],
and the fact that on the
Hi Nic,
On 15.04.23 19:35, Nick Wood wrote:
Hello all,
I have recently enabled HTTP/2 on our HAProxy server by adding the
following to the bind line:
alpn h2,http/1.1
Everything appears to be working fine, apart from our custom error pages.
Rather than serving the custom page as
Hi Kenny.
On 05.04.23 20:04, Kenny Lederman wrote:
Hi team,
Do you have an account rep assigned to Sonicwall that could help me with
getting a POC set up?
This is the Open Source Mailing list, if you want to get in touch with
the Company behind HAProxy please use this.
Ping?
On 10.01.23 21:27, Aleksandar Lazic wrote:
On 09.12.22 13:17, Aleksandar Lazic wrote:
Hi.
As I still think that the Balancing algorithm (Peak) EWMA (
https://github.com/haproxy/haproxy/issues/1570 ) could help to make a
"better" decision to which server should the reque
HI.
On 29.03.23 05:02, Procurement - TTSolution wrote:
Hi Sir/Madam,
Please help to provide quotation below for:
1. *HAPROXY SERVER – QTY: 1*
As willy already written is this list mainly for the OpenSource HAProxy.
You can get in touch for the Enterprise Version on this page.
Hi Dinko.
On 19.03.23 19:54, Dinko Korunic wrote:
Dear community,
As previously requested, we have also started building HAProxy CE for
2.6, 2.7 and 2.8 branches with QUIC (based on OpenSSL 1.1.1t-quic
Release 1) built on top of Debian 11 Bullseye and Ubuntu 22.04 Jammy
Jellyfish base
Hi Dinko.
On 17.03.23 20:59, Dinko Korunic wrote:
Dear community,
Upon many requests, we have started building HAProxy CE for 2.6, 2.7 and
2.8 branches with QUIC (based on OpenSSL 1.1.1t-quic Release 1) as
Docker Alpine 3.17 images.
That's great news :-).
What should keep in mind is that
Hi.
Any chance to add this Patch?
Regards
Alex
On 10.01.23 21:27, Aleksandar Lazic wrote:
On 09.12.22 13:17, Aleksandar Lazic wrote:
Hi.
As I still think that the Balancing algorithm (Peak) EWMA (
https://github.com/haproxy/haproxy/issues/1570 ) could help to make a
"better"
Hi Adam.
On 12.01.23 01:30, Adam wrote:
Dear Friend
I have a service to broadcast channels and movies over the Internet
by panel iptv
And I have servers that I want to hide the real IP of in order to
protect them from attacks
It is on the other hand a complaint of abuse
How do you help me
Hi Willy.
On 07.01.23 19:49, Willy Tarreau wrote:
Hi Alex,
On Sat, Jan 07, 2023 at 06:31:40PM +0100, Aleksandar Lazic wrote:
On 07.01.23 10:38, Willy Tarreau wrote:
Hi,
HAProxy 2.8-dev1 was released on 2023/01/07. It added 206 new commits
after version 2.8-dev0.
[snipp]
Any chance
On 09.12.22 13:17, Aleksandar Lazic wrote:
Hi.
As I still think that the Balancing algorithm (Peak) EWMA (
https://github.com/haproxy/haproxy/issues/1570 ) could help to make a
"better" decision to which server should the request be send, here the
beginning of the patches.
In
On 07.01.23 10:38, Willy Tarreau wrote:
Hi,
HAProxy 2.8-dev1 was released on 2023/01/07. It added 206 new commits
after version 2.8-dev0.
[snipp]
Any chance to add this patch to 1.8?
[PATCH] MINOR: sample: Add bc_rtt and bc_rttvar
Hi,
Any feedback to that patch?
On 09.12.22 13:17, Aleksandar Lazic wrote:
Hi.
As I still think that the Balancing algorithm (Peak) EWMA (
https://github.com/haproxy/haproxy/issues/1570 ) could help to make a
"better" decision to which server should the request be send, here the
e rtt from the backend, Imho.
Does anybody know how I can "delay/sleep/wait" for the server answer to
get some rtt which are not 0 as the rtt is 0.
Regards
AlexFrom 7610bb7234bd324e06e56732a67bf8a0e65d7dbc Mon Sep 17 00:00:00 2001
From: Aleksandar Lazic
Date: Fri, 9 Dec 2022 13:05:52 +0100
Su
Hi.
There is already a bug entry in apache bz from 2019 about that message.
https://bz.apache.org/bugzilla/show_bug.cgi?id=63893
Regards
Alex
23.11.2022 21:36:26 Marcello Lorenzi :
> Hi All,
> we use haproxy 2.2.17-dd94a25 in our development environment and we configure
> a backend with
nfig.
Is this what you would like to do?
I'm not sure if this is possible with HAProxy.
Regards
Alex
Norman Branitsky
Senior Cloud Architect
P: 416-916-1752
-----Original Message-
From: Aleksandar Lazic
Sent: Tuesday, November 22, 2022 4:27 PM
To: Branitsky, Norman
Cc: HAProxy
Subject
Hi.
On 22.11.22 21:57, Branitsky, Norman wrote:
I have the following "generic" rate limit defined - 150 requests in 10s
from the same IP address:
stick-table type ip size 100k expire 30s store http_req_rate(10s)
http-request track-sc0 src unless { src -f
hi.
but there is a 429 error code in the source.
https://git.haproxy.org/?p=haproxy.git=search=HEAD=grep=HTTP_ERR_429
As you don't written which version you use, maybe you can use the latest 2.6
version and give the error code 429 a chance :-)
regards
alex
17.11.2022 16:29:02 Chilaka
Dear Carolina.
Please get in touch with the HAProxy Company for a offer.
https://www.haproxy.com/contact-us/
This Mailing list is for the OpenSource HAProxy.
Regards
Alex
On 07.11.22 13:06, Coco, Carolina wrote:
Hi team,
Could you please send us an offer for the marked in yellow?, its for
Hi.
On 04.11.22 12:24, Szabo, Istvan (Agoda) wrote:
Hi,
Is there anybody successfully configured haproxy and dsr?
Well maybe this Blog Post is a good start point.
https://www.haproxy.com/blog/layer-4-load-balancing-direct-server-return-mode/
Regards
Alex
Istvan Szabo
Senior
Hi Roberto.
On 25.10.22 17:01, Roberto Carna wrote:
Sorry, I want two different backends with same IP/port and different
SSL options as follow, and the same SSL wildcard certificate:
# Frontend 1 with certain SSL options
frontend Web1
bind 10.10.1.1:443 ssl crt /root/ssl/ no-sslv3 no-tlsv10
Hi Roberto.
On 24.10.22 03:21, Roberto Carna wrote:
Dear, I have this scenario:
Internet --> HAproxy Frontend --> HAproxy Backend --> Web servers
HAproxy version 1.5.8 in frontend (disabling protocols in the backend
section connected to HAProxy backend):
server HA-Backend 172.20.20.1:443 ssl
Hi John.
I suggest to get in touch whith HAProxy company via this form.
https://www.haproxy.com/contact-us/
best regards
alex
07.10.2022 17:55:42 John Bowling (CE CEN) :
> Hello,
>
> What are the costs for the license or is there a subscription for license?
>
> *John L. Bowling (JB)*
>
>
Hi.
On 03.10.22 16:29, Roberto Carna wrote:
Dear, I have a HAProxy with several web applications but I have to
solve the cookie without a secure flag problem in just one web
application.
Do I have to define the "http-response replace header" option in the
frontend section or in the backend
Hi William.
On 14.09.22 18:50, William Lallemand wrote:
Hello List,
We've just finished the portage of HAProxy for the next libreSSL
version which implements the quicTLS API.
Wow great news.
For those interested this is how you are supposed to compile everything:
The libreSSL library:
Hi.
On 18.08.22 20:40, Roberto Carna wrote:
Dear all, I have to change my haproxy.cfg file in order to enable two
FTP connections to the same server, with these requirements:
FTP server IP: 10.10.1.10
1st FTP service:
FTP Control: port 21
FTP Data: port 11000 to 11010
2nd FTP service:
FTP
Hi.
On 17.08.22 16:54, Pavel Krestovozdvizhenskiy wrote:
Does HAProxy support of 3rd party modules? Not LUA scripts but compiled
modules. Something like modules in nginx. I've read the documentation
and did not found clear answer.
Not as far as i know, a more detailed answer can be found
this for the other required CORS headers
I haven't tried this, but does it some like it will accomplish what I described
in my original post?
I would say give it a try and see if works.
Regards
Alex
-Original Message-
From: Aleksandar Lazic
Sent: Friday, August 12, 2022 6:45 AM
To: Eric Joh
Hi Eric.
On 11.08.22 21:59, Eric Johanson wrote:
When HAProxy generates an HTTP 500 error (say because our servers are down),
then HAProxy does not send any CORS
information. Because of this, the HTTP 500 responses do not arrive at our web
application because they are
blocked by the browser.
Hi Tim.
Thank you for your feedback.
Attached the new version
regards
Alex
On 16.06.22 15:16, Tim Düsterhus wrote:
Alex,
From 85bcc5ea26d7c1f468dbbf6a10b33bc9f79da819 Mon Sep 17 00:00:00 2001
From: Aleksandar Lazic
Date: Wed, 15 Jun 2022 23:52:30 +0200
Subject: [PATCH] DOC: add info about
Hi.
On Tue, 28 Jun 2022 12:23:15 +0200
spfma.t...@e.mail.fr wrote:
> Hi, I have a problem to solve : I never paid attention to the fact HAProxy
> (2.5.1-86b093a) did not return HTTP headers in the reponses, because there
> was no complaints so far. But now we got one, because of an old
Hi Willy.
On Fri, 24 Jun 2022 22:58:53 +0200
Willy Tarreau wrote:
> Hi,
>
> HAProxy 2.7-dev1 was released on 2022/06/24. It added 131 new commits
> after version 2.7-dev0.
>
> There's not that much new stuff yet but plenty of small issues were
> addressed, and it's already been 3 weeks since
On Thu, 16 Jun 2022 20:49:00 +1000
David Leadbeater wrote:
> On Thu, 16 Jun 2022 at 20:27, Aleksandar Lazic wrote:
> [...]
> > > Thanks ! I'm able to reproduce the segfault. I'm on it.
>
> Thanks!
>
> > But in any way wouldn't be better that the rule
> >
&
On Thu, 16 Jun 2022 10:22:30 +0200
Christopher Faulet wrote:
> Le 6/16/22 à 05:12, David Leadbeater a écrit :
> > I tried upgrading to 2.6.0 (from 2.5.6) and I'm seeing a segfault when
> > making HTTP/2 requests. I'm using a frontend in TCP mode and then
> > switching it to HTTP/2.
> >
> > I've
Hi.
Attached a doc patch about ssl-engine and 2.6 is related to
https://github.com/haproxy/haproxy/issues/1752
Regards
Alex
>From 85bcc5ea26d7c1f468dbbf6a10b33bc9f79da819 Mon Sep 17 00:00:00 2001
From: Aleksandar Lazic
Date: Wed, 15 Jun 2022 23:52:30 +0200
Subject: [PATCH] DOC: add info ab
.haproxy.org/?p=haproxy.git;a=blob;f=src/hlua.c;hb=HEAD#l12530
Again it's just a assumption as I had never the requirements to use client
certificates with haproxy.
Regards
Alex
> Thanks anyway
>
> Sent from my iPhone
>
> > On 16 Jun 2022, at 12:03 am, Aleksandar Lazic wrote:
&
HI.
On Wed, 15 Jun 2022 23:33:27 +1000
Philip Young wrote:
> Hi
> I am currently writing a LUA module to make authorisation decisions on
> whether a request is allowed, by calling out to another service to make the
> authorisation decision.
> In the Lua module, I am using Socket.connect_ssl()
Hi spfma.tech.
Uff, the mail is quite hard to read but looks like you are on ubuntu.
Maybe this page can help to solve your issue.
Enable TLSv1 in Ubuntu 20.04
https://ndk.sytes.net/wordpress/?p=1169
Regards
Alex
On Thu, 09 Jun 2022 09:58:10 +0200
spfma.t...@e.mail.fr wrote:
> Hi, Thanks
Hi.
On Fri, 3 Jun 2022 17:12:25 +0200
Seena Fallah wrote:
> When using the below config to have 100req/s rate-limiting after passing
> the 100req/s all of the reqs will deny not reqs more than 100req/s!
> ```
> listen test
> bind :8000
> stick-table type ip size 100k expire 30s store
Hi.
On Sat, 28 May 2022 11:42:17 +
Ajay Mahto wrote:
> Unsubscribe me.
Feel free to do it by your self.
https://www.haproxy.org/#tact
Regards
Alex
> Regards,
>
> Ajay Kumar Mahto,
> Lead DevOps Engineer,
> NPCI, Hyderabad
> +91 8987510264
>
> From: Willy
Hi Ryan.
On Thu, 26 May 2022 13:28:58 -0500
"Ryan O'Hara" wrote:
> On Wed, May 25, 2022 at 11:15 AM William Lallemand
> wrote:
>
> > On Tue, May 24, 2022 at 08:56:14PM +, Alford, Mark wrote:
> > > Do you have instruction on the exact library needed to fo the full
> > install on RHEL 7 and
Hi.
On Tue, 24 May 2022 20:56:14 +
"Alford, Mark" wrote:
> Do you have instruction on the exact library needed to fo the full install on
> RHEL 7 and RHEL 8
>
> I read the INSTALL doc in the tar ball and the did the make command and it
> failed because of LUA but lua.2.5.3 is installed
On Fri, 20 May 2022 12:16:07 +0100
Mark Zealey wrote:
> Thanks, we may use this for a very rough proof-of-concept. However we
> are dealing with millions of concurrent connections, 10-100 million
> connections per day, so we'd prefer to pay someone to develop (+ test!)
> something for haproxy
Hi Mark.
On Thu, 19 May 2022 17:29:37 +0100
Mark Zealey wrote:
> Hi there,
>
> We are using HAProxy to terminate and balance TCP streams (XMPP) between
> our apps and our service infrastructure. We are currently running
> XMPP-level gzip compression but I'm interested in potentially shifting
>
Hi.
On Mon, 2 May 2022 14:44:45 +
Dave Swinton wrote:
> Do you have a repository for the current releases in RPM? We are currently
> using 1.8 but would like to move to 2.5.x after some internal testing but
> don't see any direct links to an RPM from the download page.
You can build your
Hi Nick.
On Sat, 30 Apr 2022 05:44:09 +
Nick Owen wrote:
> So I am pretty new to networking and I am not quite sure how to set up the
> config file correctly. I just want a simple reverse proxy and I have created
> a diagram to show you how’d I’d like it configured. If you have any sites or
Hi.
Anyone any Idea about the question below?
Regards
Alex
On Sat, 23 Apr 2022 11:05:36 +0200
Aleksandar Lazic wrote:
> Hi.
>
> I'm not sure if I understand the doc properly.
>
> https://docs.haproxy.org/2.2/configuration.html#nbthread
> ```
> This setting is only a
On Tue, 26 Apr 2022 15:03:51 +0200
Valerio Pachera wrote:
> Hi, I have several backend configuration that make use of a custom script:
>
> external-check command 'custom-script.sh'
>
> The script read uses the environment variables such as $HAPROXY_PROXY_NAME.
> I would like to be able to set
Hi,
On Tue, 26 Apr 2022 03:32:16 -0700
Ivana Paul wrote:
> Hello haproxy.org
[SPAM Content]
New Idea for spam "learning platform" :-)
I never heard anything about "SMO services" and now I know it's this.
Social Media Optimization (SMO) Services
Regard
Alex
Hi.
I'm not sure if I understand the doc properly.
https://docs.haproxy.org/2.2/configuration.html#nbthread
```
This setting is only available when support for threads was built in. It
makes haproxy run on threads. This is exclusive with "nbproc". While
"nbproc" historically used to be the only
Hi.
This patch removes some double blanks.
Regards
Alex
>From a65450d3da357c659b00bd3ecb5a038a1f827692 Mon Sep 17 00:00:00 2001
From: Aleksandar Lazic
Date: Wed, 30 Mar 2022 00:11:40 +0200
Subject: [PATCH] DOC: remove double blanks in confiuration.txt
Double blanks in keywords are not g
Hi Willy.
On Sat, 26 Mar 2022 10:22:02 +0100
Willy Tarreau wrote:
> Hi,
>
> HAProxy 2.6-dev4 was released on 2022/03/26. It added 80 new commits
> after version 2.6-dev3.
>
> The activity started to calm down a bit, which is good because we're
> roughly 2 months before the release and it will
On 15.03.22 05:36, Eli Bechavod wrote:
Hii guys,
I am looking for rpm to version 2.4.14 and didn’t found that ..
Why on image base centos/rhel did you stop in 1.8 ? I saw that I can install
with a makefile but it old way .. :( .
I would to sound if you have any solutions
You can create a
Hi Shawn.
On 01.03.22 23:09, Shawn Heisey wrote:
I was thinking about ways to help pinpoint problems a client is having
connecting to services. And a thought
occurred to me.
Is there any kind of software available that can stand up a broken HTTP server,
such that it is broken in very
Hi.
On 28.02.22 13:55, Branitsky, Norman wrote:
Future requirement for HAProxy?
https://datatracker.ietf.org/doc/draft-kampanakis-tls-scas-latest/
From my point of view is this draft heavily based on the implementation of the
underlaying TLS library.
For everyone which want to know what
Hi Willy.
On 25.02.22 14:54, Willy Tarreau wrote:
Hi Alex,
On Thu, Feb 24, 2022 at 03:03:59AM +0100, Aleksandar Lazic wrote:
Hi.
Here the first patch for feature request "New Balancing algorithm (Peak) EWMA
#1570"
Note, I don't think it is needed for this algo as long as we i
Hi.
Here the first patch for feature request "New Balancing algorithm (Peak) EWMA
#1570"
regards
AlexFrom e95bf6a4bf107fdc59696c4b4a4ef7b03133b813 Mon Sep 17 00:00:00 2001
From: Aleksandar Lazic
Date: Thu, 24 Feb 2022 02:56:21 +0100
Subject: [PATCH] MINOR: sample: Add srv_rtt se
Hi.
On 10/02/2022 10:25, Gowri Shankar wrote:
Im trying to install haproxy for loadbalancing for my servers,but im
not able install from my windows system.Is there ha proxy available
for windows, please give and help us with documentation.
Well I don't think that there is a native Windows
Hi.
On 31.01.22 16:51, Roberto Carna wrote:
Dear all, I have haproxy-1.5.18-3.el7.x86_64 running OK.
You should consider to use a maintained version as 1.5 is End of Life from the
community.
https://www.haproxy.org/
https://github.com/DBezemer/rpm-haproxy
Development area are claiming for
On 12.01.22 21:52, Andrew Anderson wrote:
On Wed, Jan 12, 2022 at 11:58 AM Aleksandar Lazic mailto:al-hapr...@none.at>> wrote:
Well, looks like you want a forward proxy like squid not a reverse proxy
like haproxy.
The application being load balanced is a proxy, so http
On 12.01.22 17:06, Andrew Anderson wrote:
On Thu, Dec 30, 2021 at 10:15 PM Willy Tarreau mailto:w...@1wt.eu>> wrote:
On Wed, Dec 29, 2021 at 12:29:11PM +0100, Aleksandar Lazic wrote:
> > 0 CONNECT download.eclipse.org:443 HTTP/1.1\r\n
> &g
On 04.01.22 14:10, Christopher Faulet wrote:
Le 1/4/22 à 10:26, Aleksandar Lazic a écrit :
On 04.01.22 10:16, Christopher Faulet wrote:
Le 12/25/21 à 23:59, Aleksandar Lazic a écrit :
Hi.
as the message tell us that we should report this to the developers I do so :-)
```
Dec 24 01:10:31
On 04.01.22 10:16, Christopher Faulet wrote:
Le 12/25/21 à 23:59, Aleksandar Lazic a écrit :
Hi.
as the message tell us that we should report this to the developers I do so :-)
```
Dec 24 01:10:31 lb1 haproxy[20008]: A bogus STREAM [0x559faa07b4f0] is spinning
at 204371 calls per second
Hi.
On 01.01.22 20:56, Henning Svane wrote:
Hi
I have used it for some time in PFsense, but know made a Linux installation and now the configuration
give me some troubles.
What have I done wrong here below?
As I cannot see what I should have done different, but sudo haproxy -c -f
Hi.
On 28.12.21 19:35, brendan kearney wrote:
list members,
i am running haproxy, and see some errors with requests. i am trying to
understand why the errors are being thrown. haproxy version and error
info below. i am thinking that the host header is being exposed outside
the TLS
Hi.
as the message tell us that we should report this to the developers I do so :-)
```
Dec 24 01:10:31 lb1 haproxy[20008]: A bogus STREAM [0x559faa07b4f0] is spinning
at 204371 calls per second
and refuses to die, aborting now!
Please report this error to developers
Hi.
On 20.12.21 09:40, Christoph Kukulies wrote:
Due to some recent action I did from some may outdated instructions for haproxy
1.6 under Ubuntu
I have a left off broken haproxy repo which comes up everytim I’m doing
apt-updates:
Ign:3 http://ppa.launchpad.net/vbernat/haproxy-1.6/ubuntu
On 19.12.21 13:52, Willy Tarreau wrote:
Hi Aleks,
On Sun, Dec 19, 2021 at 01:43:01PM +0100, Aleksandar Lazic wrote:
Do you agree that we now can add HAProxy to that list :-)
https://github.com/quicwg/base-drafts/wiki/Implementations
Ideally we should submit it once we have a public server
Hi.
Do you agree that we now can add HAProxy to that list :-)
https://github.com/quicwg/base-drafts/wiki/Implementations
My suggestion, please help me to file the ??:
IETF QUIC Transport
HAProxy:
QUIC implementation in HAProxy
Language: C
Version: draft-29??
Roles: Server,
Hi.
On 14.12.21 10:18, Olivier D wrote:
Hi,
Le lun. 13 déc. 2021 à 19:38, John Lauro mailto:johnala...@gmail.com>> a écrit :
http-request deny deny_status 405 if { url_sub -i "\$\{jndi:" or hdr_sub(user-agent)
-i "\$\{jndi:" }
was not catching the bad traffic. I think the escapes
On 13.12.21 14:53, Lukas Tribus wrote:
On Mon, 13 Dec 2021 at 14:43, Aleksandar Lazic wrote:
Well I go the other way around.
The application must know what data are allowed, verify the input and if the
input is not valid discard it.´
You clearly did not understand my point so let me try
On 13.12.21 14:03, Lukas Tribus wrote:
On Mon, 13 Dec 2021 at 13:25, Aleksandar Lazic wrote:
1. Why is a input from out site of the application passed unchecked to the
logging library!
Because you can't predict the future.
When you know that your backend is SQL, you escape what's necessary
On 13.12.21 11:48, Olivier D wrote:
Hello there,
If you don't know yet, a CVE was published on friday about library log4j,
allowing a remote code execution
with a crafted HTTP request.
We would like to filter these requests on HAProxy to lower the exposition. At
peak times, 20% of our web
On 08.12.21 10:20, Christopher Faulet wrote:
Le 12/6/21 à 08:25, Christopher Faulet a écrit :
Le 12/4/21 à 13:25, Aleksandar Lazic a écrit :
Hi.
I try to capture the response header "dst_conn" from "http-request return" but
in %hs isn't the value.
```
podman logs -f
Hi.
Anyone which can help to protect the backen with backend states?
Regards
Alex
On 05.12.21 11:42, Aleksandar Lazic wrote:
Hi.
I try to protect an backend server against a overload within a master/master
setup.
The test setup looks like this
lb1: 8081 \
-hap-dest: 8080
lb2
On 06.12.21 08:25, Christopher Faulet wrote:
Le 12/4/21 à 13:25, Aleksandar Lazic a écrit :
Hi.
I try to capture the response header "dst_conn" from "http-request return" but
in %hs isn't the value.
```
podman logs -f haproxy-dest
[NOTICE] (1) : New worker #1 (3) forke
Hi.
I try to protect an backend server against a overload within a master/master
setup.
The test setup looks like this
lb1: 8081 \
-hap-dest: 8080
lb2: 8082 /
When I now call lb1 with curl the "tracker/quota1" gpc is increased and the
second request is denied.
The problem is that
Hi.
I try to capture the response header "dst_conn" from "http-request return" but
in %hs isn't the value.
```
podman logs -f haproxy-dest
[NOTICE] (1) : New worker #1 (3) forked
<6>[04/Dec/2021:12:14:34.437] 200 58 - - LR-- {} "GET / HTTP/1.1"
<6>[04/Dec/2021:12:14:34.437] 200 58 - - LR--
On 02.12.21 15:12, Frank Wall wrote:
On 2021-12-02 02:16, Aleksandar Lazic wrote:
I try to test some limits with peers and wanted to test "maxconn 0"
before I start with the peers.
Should "maxconn 0" work?
I expect to get connection refused or similar and and 500 in the lo
Hi.
I try to test some limits with peers and wanted to test "maxconn 0" before I
start with the peers.
Should "maxconn 0" work?
I expect to get connection refused or similar and and 500 in the log but both
curls get a 200
```
# curl -v http://127.0.0.1:8080/; curl -v http://127.0.0.1:8080/
Hi Joao.
Thank you very much. I will give it a try.
Regards
Alex
On 10.11.21 22:25, Joao Morais wrote:
Em 8 de nov. de 2021, à(s) 08:26, Aleksandar Lazic
escreveu:
Hi.
I have 2 LB's which should limit the connection to one backend.
I would try to use "conn_cur" in a s
Hi.
Have anybody some hints or tips about the question?
Regards
Alex
On 08.11.21 12:26, Aleksandar Lazic wrote:
Hi.
I have 2 LB's which should limit the connection to one backend.
I would try to use "conn_cur" in a stick table and share it via peers.
Have anyone such a soluti
Hi.
I have 2 LB's which should limit the connection to one backend.
I would try to use "conn_cur" in a stick table and share it via peers.
Have anyone such a solution already in place?
That's my assuption for the config.
```
peers be_pixel_peers
bind 9123
log global
localpeer {{
On 04.11.21 15:28, Willy Tarreau wrote:
Hello,
as some of you know, 2.5 will come with a new "option httpslog" to ease
logging some useful TLS info by default.
While running some tests in production with the error-log-format, I
realized that we're not logging the SNI in "httpslog", and that
On 16.10.21 16:22, Willy Tarreau wrote:
Hi,
HAProxy 2.5-dev10 was released on 2021/10/16. It added 75 new commits
after version 2.5-dev9.
The smoke is progressively being blown away and we're starting to see
clearer what final 2.5 will look like.
In completely random order, here are the main
On 08.09.21 11:07, Willy Tarreau wrote:
On Wed, Sep 08, 2021 at 01:58:00PM +0500, ??? wrote:
??, 8 . 2021 ?. ? 13:54, Willy Tarreau :
On Wed, Sep 08, 2021 at 12:05:23PM +0500, ??? wrote:
Hello, Bob
I tracked an issue https://github.com/haproxy/haproxy/issues/1386
1 - 100 of 972 matches
Mail list logo
