proxy CONNECT + custom headers

hi, Can haproxy support following backend scenario? - use HTTP CONNECT to establish a proxy connection - send custom HTTP header with the CONNECT method - then switch to tunnel mode to allow custom TLS protocol through I've not found anything really useful in RFC7231 whether this is a common

Re: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

nction to reinitialize a server... This patch fixes it, I'm going to merge it and get rid of the test in the loop: diff --git a/src/proxy.c b/src/proxy.c index 7ff087190..544c22f82 100644 --- a/src/proxy.c +++ b/src/proxy.c @@ -1469,6 +1469,7 @@ void proxy_preset_defaults(struct proxy *defpro

RE: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

ssion tests. Then, tests which (presumably) use the server settings copy function fail or timeout. Probably an even better method is to use the following configuration 'haproxy.cfg': global defaults log global timeout connect 500ms timeout client 5000ms timeout server 5ms backend

Re: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

Alexander, I now merged your patch with the SMP_VAL_ change, after verifying that the reg-test is still OK. Thus 2.9-dev9 will contain it. Thanks! Willy

Re: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

flag, but I wouldn't usually expect > this to be an issue. OK let's try to figure that later. I'll merge your code in its current form for now. > > So if that's OK for you I can change it now before merging. > > Ah, I had used a SMP_VAL_* before, but I was not 100% about the mean

RE: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

ng. Ah, I had used a SMP_VAL_* before, but I was not 100% about the meaning. Then I fell back to the proxy. Feel free to change it! > Yes very likely. Originally the code didn't check for allocation errors > during parsing because it was the boot phase, and we used to consider that a > m

Re: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

t was not a side effect of a debugging session with some temporary code in it ? I'd be interested in knowing if you can reproduce it so that we can find the root cause (and hopefully address it). > - Please double check that my arguments for the parse_logformat_string > function are correct. I o

Re: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

On Fri, Nov 03, 2023 at 05:15:03PM +, Stephan, Alexander wrote: > Hi Willy, > > Sorry, my email client probably did something weird... > I attached them now, should hopefully prevent any reformatting. Thanks for the fast response. I'll check them keeping in mind your last comments in your

RE: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options On Fri, Nov 03, 2023 at 05:14:33PM +0100, Willy Tarreau wrote: > Hi Stephan, > > On Fri, Nov 03, 2023 at 01:54:26PM +, Stephan, Alexander wrote: > > Hi Willy, > > > > Did you

Re: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

On Fri, Nov 03, 2023 at 05:14:33PM +0100, Willy Tarreau wrote: > Hi Stephan, > > On Fri, Nov 03, 2023 at 01:54:26PM +, Stephan, Alexander wrote: > > Hi Willy, > > > > Did you receive the other two mails with the updated patches? I couldn't > > find > > it the reply to first page in the

Re: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

Hi Stephan, On Fri, Nov 03, 2023 at 01:54:26PM +, Stephan, Alexander wrote: > Hi Willy, > > Did you receive the other two mails with the updated patches? I couldn't find > it the reply to first page in the archive although I CCed the list. That's > why I wanted to double-check, not to run in

RE: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

Sent: Friday, October 27, 2023 4:22 PM To: Stephan, Alexander Cc: haproxy@formilux.org Subject: Re: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options Hi Alexander, On Fri, Oct 27, 2023 at 02:12:10PM +, Stephan, Alexander wrote: > > BTW, please

RE: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

logic. - Please double check that my arguments for the parse_logformat_string function are correct. I omit log options for now and use the capabilities of the proxy. Seems like the best fit, but I could be wrong. - I noticed that there are also no checks for strdup in server.c, that might need

Re: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

Hi Alexander, On Fri, Oct 27, 2023 at 02:12:10PM +, Stephan, Alexander wrote: > > BTW, please check if this works in default-server directives. > > struct srv_pp_tlv_list { > struct list list; > struct list fmt; > unsigned char type; > }; > > To allow for use with

RE: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

UM: connection: Send out generically allocated proxy-v2-options Hi Alexander, On Mon, Oct 23, 2023 at 12:07:39PM +, Stephan, Alexander wrote: > We can ignore the last two commits for now (LOW: connection: Add TLV > update function and MEDIUM: tcp-act: Add new set-tlv TCP action for PPv2

Re: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

try hard *not* to modify existing information and rather use expressions or variables wherever possible because it allows anyone to adjust the contents as they see fit without having to later add exceptions for certain corner cases. > > Why not something like "set-proxy-v2-tlv"? Ma

RE: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

efined as cutting around commas, and that's what it does. This > means that the format will not be parsable (no sample fetch functions with > more than one argument, no converters). Example: > > proxy-v2-options 0xEE=%[var(txn.clientname,_unknown_)] >

Re: Override X-Forwarded-Port with send-proxy-v2

443 > Thus I binded it to 8080 and 8443. > > But kubernetes service listening on normal port: 80 and 443 > > I use tcp mode with proxy protocol (send-proxy-v2) to preserve the > client's real IP and port. > On the backend server I see that requests are expanded to: > > X-Fo

Override X-Forwarded-Port with send-proxy-v2

Hi, I run haproxy in non-privileged container, so I can't bind on higher port eg 80 and 443 Thus I binded it to 8080 and 8443. But kubernetes service listening on normal port: 80 and 443 I use tcp mode with proxy protocol (send-proxy-v2) to preserve the client's real IP and port. On the backend

Re: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

Hi Alexander, I'm starting from the doc as it eases the discussion. On Thu, Oct 05, 2023 at 11:05:50AM +, Stephan, Alexander wrote: > --- a/doc/configuration.txt > +++ b/doc/configuration.txt > @@ -16671,6 +16671,26 @@ proxy-v2-options [,]* > generated unique ID

Re: HA Proxy

required. Please confirm, does HA Proxy supports the below capacity and features ?. let us know the licensing model and Support structure. Capacity : * Requests per Second =  5000 RPS * Concurrent Connections = 5000 Concurrent Sessions. * Throughput = 40 Mbps Features : 1. *Routing

HA Proxy

Hi Team We have a requirement to for a Software based NLB to Load Balance an enterprise application. Following are the Capacity and Features of NLB required. Please confirm, does HA Proxy supports the below capacity and features ?. let us know the licensing model and Support structure

RE: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

From 84608ed754c1a92e85e03036e8b0cd0949721ffb Mon Sep 17 00:00:00 2001 From: Alexander Stephan mailto:alexander.step...@sap.com>> Date: Fri, 15 Sep 2023 12:42:36 +0200 Subject: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options This commit removes the pr

RE: [PATCH 1/4] MEDIUM: server: Parse generic type-value pairs as proxy-v2-options

From fb8714c5aebd7fe957264d0f2234182f55f952fe Mon Sep 17 00:00:00 2001 From: Alexander Stephan Date: Fri, 15 Sep 2023 12:38:46 +0200 Subject: [PATCH 1/4] MEDIUM: server: Parse generic type-value pairs as proxy-v2-options This commit introduces a generic server-side parsing of type-value pair

RE: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options

From 84608ed754c1a92e85e03036e8b0cd0949721ffb Mon Sep 17 00:00:00 2001 From: Alexander Stephan Date: Fri, 15 Sep 2023 12:42:36 +0200 Subject: [PATCH 2/4] MEDIUM: connection: Send out generically allocated proxy-v2-options This commit removes the previous limitations on the existing, fixed PPv2

RE: [PATCH 1/4] MEDIUM: server: Parse generic type-value pairs as proxy-v2-options

From fb8714c5aebd7fe957264d0f2234182f55f952fe Mon Sep 17 00:00:00 2001 From: Alexander Stephan mailto:alexander.step...@sap.com>> Date: Fri, 15 Sep 2023 12:38:46 +0200 Subject: [PATCH 1/4] MEDIUM: server: Parse generic type-value pairs as proxy-v2-options This commit introduces a generic

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

Hi Alexander, On Mon, Sep 11, 2023 at 03:44:16PM +, Stephan, Alexander wrote: > Hi Willy and Ilya, > > Sorry for the absence, I was mostly out-of-office the last week. I am really > sorry for causing this bug. No worries, stuff like this happens, that's why we have regtests, CI, this

RE: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

, Alexander From: Илья Шипицин Sent: Thursday, August 31, 2023 8:56 PM To: Willy Tarreau Cc: Stephan, Alexander ; haproxy@formilux.org Subject: Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values You don't often get email from chipits...@gmail.com

Re: Haproxy 2.8 with Proxy Protocol v2 does not close connections

On Thu, 7 Sept 2023 at 14:03, Tom Braarup wrote: > > Hello, > > After upgrading Haproxy from 2.7 to 2.8, with Nginx (1.25.0) as > backends and Proxy Protocol v2, the connections are not closed, > CLOSE_WAIT is increasing over time. No configuration changes apart from > the Ha

Haproxy 2.8 with Proxy Protocol v2 does not close connections

Hello, After upgrading Haproxy from 2.7 to 2.8, with Nginx (1.25.0) as backends and Proxy Protocol v2, the connections are not closed, CLOSE_WAIT is increasing over time. No configuration changes apart from the Haproxy version. Using Haproxy as backend will not create the same issue

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

cirrus-ci backtrace freebsd (cirrus-ci) crash · Issue #2275 · haproxy/haproxy (github.com) as usual, I'll send CI improvements once polished чт, 31 авг. 2023 г. в 18:22, Илья Шипицин : > while trying to enable "gdb bt" on cirrus-ci, I noticed

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

while trying to enable "gdb bt" on cirrus-ci, I noticed that we have similar crashes on musl (where gdb implemented already) https://github.com/haproxy/haproxy/issues/2274 ср, 30 авг. 2023 г. в 05:29, Willy Tarreau : > On Tue, Aug 29, 2023 at 11:16:32PM +0200, ??? wrote: > > ??, 29

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

On Tue, Aug 29, 2023 at 11:16:32PM +0200, ??? wrote: > ??, 29 ???. 2023 ?. ? 16:45, Willy Tarreau : > > > On Tue, Aug 29, 2023 at 04:31:31PM +0200, Willy Tarreau wrote: > > > On Tue, Aug 29, 2023 at 02:16:55PM +, Stephan, Alexander wrote: > > > > However, I noticed there is a problem

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

вт, 29 авг. 2023 г. в 16:45, Willy Tarreau : > On Tue, Aug 29, 2023 at 04:31:31PM +0200, Willy Tarreau wrote: > > On Tue, Aug 29, 2023 at 02:16:55PM +, Stephan, Alexander wrote: > > > However, I noticed there is a problem now with the FreeBSD test. Have > you > > > already looked into it? > >

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

On Tue, Aug 29, 2023 at 04:31:31PM +0200, Willy Tarreau wrote: > On Tue, Aug 29, 2023 at 02:16:55PM +, Stephan, Alexander wrote: > > However, I noticed there is a problem now with the FreeBSD test. Have you > > already looked into it? > > Ah no, I had not noticed. I first pushed into a

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

On Tue, Aug 29, 2023 at 02:16:55PM +, Stephan, Alexander wrote: > However, I noticed there is a problem now with the FreeBSD test. Have you > already looked into it? Ah no, I had not noticed. I first pushed into a temporary branch and everything was OK so I pushed into master again without

RE: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

Hi Willy, > And I was wrong, they were indeed for the first one. However I had to also > remove the NOT_LAST from the intermediate patches using the list_for_each(). > I put quotes around the symbolic names in the doc to make it clearer which > one was to be used and which one it corresponds

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

On Tue, Aug 29, 2023 at 03:15:48PM +0200, Willy Tarreau wrote: > Overall yes. There are just two small parts in the first patch that are > for the immediately following patches ("refactor...") that I'm going to > move there. And I was wrong, they were indeed for the first one. However I had to

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

Hi Alexander, On Mon, Aug 28, 2023 at 12:38:45PM +, Stephan, Alexander wrote: > > I'm fine with this, however I find that the doc is not very clear about > > what is permitted > I agree that doc needs some more details. I added the note about the > iterations and described all the symbolic

RE: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

Hi Willy, > finally back to this! Overall it's a great and very clean series, I really > want to thank you for this high quality work! Thanks for the compliment, really glad to hear! :) > Yeah it initially gave me a bit of head scratching when reading this part but > I understood what you did

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

however I find that the doc is not very clear about what is permitted: fc_pp_tlv() : string Returns the TLV value for the given TLV ID or type constant sent by the client in the PROXY protocol header, if any. TLV constants correspond to their type suffix as specified in the PPv2 spe

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

Hi Alexander, On Fri, Aug 25, 2023 at 09:34:08AM +, Stephan, Alexander wrote: > Hi Willy, > > Did you already have the chance to take a look at the updated patches? > No hurry though, I just wanted to make sure that the message didn't get lost. Not yet, I'm still burried under annoying bugs

RE: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

Hi Willy, Did you already have the chance to take a look at the updated patches? No hurry though, I just wanted to make sure that the message didn't get lost. As mentioned, I am aware that sending individual patches is better in the common case. If that is a problem here, please just let me

RE: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

sample fetch for arbitrary PROXY protocol v2 TLV values [You don't often get email from w...@1wt.eu. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ] Hi Alexander, On Fri, Aug 11, 2023 at 02:08:37PM +, Stephan, Alexander wrote: > Hi Willy, > &g

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

Hi Alexander, On Fri, Aug 11, 2023 at 02:08:37PM +, Stephan, Alexander wrote: > Hi Willy, > > Thanks for the nice, detailed feedback. > Overall, I agree with all of your listed points, so no need for further > discussions. ? > I will hopefully send the separated patches at the beginning of

RE: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

r -Original Message- From: Willy Tarreau Sent: Thursday, August 10, 2023 9:18 AM To: Stephan, Alexander Cc: haproxy@formilux.org Subject: Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values [You don't often get email from w...@1wt.eu

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

Hi Alexander, On Mon, Jul 31, 2023 at 01:11:35PM +, Stephan, Alexander wrote: > Dear HAProxy-maintainers, > > As proposed by my colleague Christian Menges in [1], I've implemented support > for fetching arbitrary TLV values for PROXY protocol V2 via a sample fetch. I'm af

Re: [PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

Hi Alexander, On Mon, Jul 31, 2023 at 01:11:35PM +, Stephan, Alexander wrote: > Dear HAProxy-maintainers, > > As proposed by my colleague Christian Menges in [1], I've implemented support > for fetching arbitrary TLV values for PROXY protocol V2 via a sample fetch. >

[PATCH] MEDIUM: sample: Implement sample fetch for arbitrary PROXY protocol v2 TLV values

Dear HAProxy-maintainers, As proposed by my colleague Christian Menges in [1], I’ve implemented support for fetching arbitrary TLV values for PROXY protocol V2 via a sample fetch. It can be used by calling ‘fc_pp_tlv’ with the numerical value of the desired TLV type. This also fixes issue [2

RE: Interest in HA Proxy from Sonicwall

Kenny Lederman ; haproxy@formilux.org Subject: Re: Interest in HA Proxy from Sonicwall External message. Do not click links or open attachments unless you recognize the source. Message externe. Ne cliquez sur aucun lien et n’ouvrez aucune pièce jointe à moins d’en connaître la provenance. ср, 5 апр. 202

Re: Interest in HA Proxy from Sonicwall

ср, 5 апр. 2023 г. в 20:18, Aleksandar Lazic : > Hi Kenny. > > On 05.04.23 20:04, Kenny Lederman wrote: > > Hi team, > > > > Do you have an account rep assigned to Sonicwall that could help me with > > getting a POC set up? > > This is the Open Source Mailing list, if you want to get in touch

Re: Interest in HA Proxy from Sonicwall

Hi Kenny. On 05.04.23 20:04, Kenny Lederman wrote: Hi team, Do you have an account rep assigned to Sonicwall that could help me with getting a POC set up? This is the Open Source Mailing list, if you want to get in touch with the Company behind HAProxy please use this.

Interest in HA Proxy from Sonicwall

Hi team, Do you have an account rep assigned to Sonicwall that could help me with getting a POC set up? Thank you, Kenny Lederman Enterprise Account Manager (206) 455-6488 - Office (847) 932-9771 - Cell kenny.leder...@softchoice.com

Support for arbitrary Proxy Protocol v2 TLVs

Dear HAProxy-maintainers, We would like to follow up on the patch to make arbitrary proxy protocol TLV entries accessible (submitted in https://www.mail-archive.com/haproxy@formilux.org/msg43082.html). While the goal of having the TLV entries available for custom processing, e.g

Re: Transparent proxy issue on FreeBSD

> Am 07.03.2023 um 18:26 schrieb Marc West : > > On 2023-03-07 08:09:04, Rainer Duffner wrote: >> I admit I only toyed with TP, so I really don???t know what I???m doing >> there, but: >> >> Have you tried to just use pfSense for this? The developer of the package >>

Re: Transparent proxy issue on FreeBSD

On 2023-03-07 08:09:04, Rainer Duffner wrote: > I admit I only toyed with TP, so I really don???t know what I???m doing > there, but: > > Have you tried to just use pfSense for this? The developer of the package > (https://github.com/PiBa-NL) seemed to be active here, but I haven???t seen >

Re: Transparent proxy issue on FreeBSD

> Am 07.03.2023 um 08:46 schrieb Marc West : > > > > Any other thoughts to look at or data that would be helpful to collect? > I admit I only toyed with TP, so I really don’t know what I’m doing there, but: Have you tried to just use pfSense for this? The developer of the package

Re: Transparent proxy issue on FreeBSD

Hi Stefan and thanks for your replies. (Sorry for the late reply and replying to my own mail, I don't seem to be receiving messages from the list after confirming the subscription twice and noticed your replies when checking the archives.) > when I understand you correct then you have

Re: Transparent proxy issue on FreeBSD

malloc_trim() is enabled. Built with zlib version : 1.2.12 Running on zlib version : 1.2.12 Compression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip") Built with transparent proxy support using: IP_B

Re: Transparent proxy issue on FreeBSD

pression algorithms supported : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip") Built with transparent proxy support using: IP_BINDANY IPV6_BINDANY Built with PCRE2 version : 10.40 2022-04-14 PCRE2 library supports JIT : ye

Transparent proxy issue on FreeBSD

d : identity("identity"), deflate("deflate"), raw-deflate("deflate"), gzip("gzip") Built with transparent proxy support using: IP_BINDANY IPV6_BINDANY Built with PCRE2 version : 10.40 2022-04-14 PCRE2 library supports JIT : yes Encrypted password support via cry

Re: Support arbitrary PROXY protocol v2 TLVs as samples

Hi Willy, any chance you already found some time to give this a review? Looking forward to your comments! Thanks, Johannes

Re: Support arbitrary PROXY protocol v2 TLVs as samples

Hi Johannes, On Wed, Jan 18, 2023 at 10:49:18AM +, Bitsch, Johannes (external - Project) wrote: > Hi again, > > I checked my patch file from a few weeks ago using the recommended > checkpatch.pl [1] and realized that the indentation was off as well as some > other small things. > To make

Re: Support arbitrary PROXY protocol v2 TLVs as samples

Hi again, I checked my patch file from a few weeks ago using the recommended checkpatch.pl [1] and realized that the indentation was off as well as some other small things. To make this easier to review, I fixed all the issues mentioned by checkpatch (except for editing MAINTAINERS, I don't

Re: proxy

Hi Adam. On 12.01.23 01:30, Adam wrote: Dear Friend I have a service to broadcast channels and movies over the Internet by panel iptv And I have servers that I want to hide the real IP of in order to protect them from attacks It is on the other hand a complaint of abuse How do you help me

proxy

Dear Friend I have a service to broadcast channels and movies over the Internet by panel iptv And I have servers that I want to hide the real IP of in order to protect them from attacks It is on the other hand a complaint of abuse How do you help me with that I have more than 10 Ubuntu servers I

proxy ip list please?

Hi thx for website, but very busy site and i can't find any Ip list for Iran whatsapp, can you send me please direct link to download ip list or send me ip list i am not computer specialist or programmer, i dont know github... send me pls ip list for Iran people;) Thx! KR.

Re: Support arbitrary PROXY protocol v2 TLVs as samples

Hi Willy, thanks for taking the time! > I've had a quick look, but it's difficult to have an opinion. The main > concerns of capturing TLV values during parsing are technical ones, mostly > the impacts on memory usage. You seem to have worked out a patch already to > do this, so it would be more

Re: Ha proxy frontend

On Thu, Dec 29, 2022 at 11:33:03AM +0500, Ghufran Shahzad wrote: > Yes, sure, I make 2 azure vms, and install mysql server and use load > balancer , mysql percona clusters , then i install ha proxy on both vms but > when i access them it is not working, can you please give me a solut

Re: Ha proxy frontend

On Thu, Dec 29, 2022 at 11:26:43AM +0500, Ghufran Shahzad wrote: > how we can access frontend ip on ha proxy? kindly give me detailed > solution. thanks Could you please precise your question ? Willy

Ha proxy frontend

how we can access frontend ip on ha proxy? kindly give me detailed solution. thanks

Re: Support arbitrary PROXY protocol v2 TLVs as samples

Hi Johannes, On Fri, Dec 23, 2022 at 02:08:09PM +, Bitsch, Johannes (external - Project) wrote: > Hi all, > > I created a feature request on github about supporting arbitrary PROXY > protocol v2 TLVs in haproxy a few weeks ago[1]. > > Since I haven't received any fee

Support arbitrary PROXY protocol v2 TLVs as samples

Hi all, I created a feature request on github about supporting arbitrary PROXY protocol v2 TLVs in haproxy a few weeks ago[1]. Since I haven't received any feedback or reactions on it so far, I was wondering if this was the right place to discuss something like this. Is there a better place

Re: Haproxy send-proxy probes error

a backend with proxy protocol v2 to permit the source IP forwarding to a TLS > backend server. All the configuration works fine but we notice this error > reported on backend Apache error logs: > > AH03507: RemoteIPProxyProtocol: unsupported command 20 > > We configure the options

Haproxy send-proxy probes error

Hi All, we use haproxy 2.2.17-dd94a25 in our development environment and we configure a backend with proxy protocol v2 to permit the source IP forwarding to a TLS backend server. All the configuration works fine but we notice this error reported on backend Apache error logs: AH03507

Re: HA Proxy License

Hi John. I suggest to get in touch whith HAProxy company via this form. https://www.haproxy.com/contact-us/ best regards alex 07.10.2022 17:55:42 John Bowling (CE CEN) : > Hello, > > What are the costs for the license or is there a subscription for license? > > *John L. Bowling (JB)* > >

HA Proxy License

Hello, What are the costs for the license or is there a subscription for license? John L. Bowling (JB) Senior Team Leader IES - Network Engineering & Security (NES) Network Operational Readiness (NOC) Whole Foods Market - Global Support (CEN) An Amazon Company 1011 W 5th Street, 4th floor

Re: [PATCH 0/6] 'ist'ify members of struct proxy

Willy, On 3/15/22 08:26, Willy Tarreau wrote: Or perhaps you could ask and include me in Cc, at least people already know you. I'll be happy to further improve the existing Coccinelle patches and to further 'ist'ify the codebase, but would need some handholding to get me started. Note that

Re: [PATCH 0/6] 'ist'ify members of struct proxy

Hi Tim, On Fri, Mar 11, 2022 at 09:15:48PM +0100, Tim Düsterhus wrote: > Yeah, I've attempted to look into the Coccinelle patches in the Linux kernel > sources, but I agree that many of those are very complex :-) > > Do you happen to know where we could ask for assistance with making the >

Re: [PATCH 0/6] 'ist'ify members of struct proxy

Willy, [Dropping Christopher from Cc] On 3/9/22 08:11, Willy Tarreau wrote: As for the second CLEANUP commit: If one of you knows how to fix the Coccinelle patch to detect that specific pattern, I'd appreciate if you could make the necessary changes to ist.cocci. Unfortunately my Coccinelle

Re: [PATCH 0/6] 'ist'ify members of struct proxy

Hi Tim, On Sat, Mar 05, 2022 at 12:52:39AM +0100, Tim Duesterhus wrote: > Willy, > Christopher, > > find a series that converts a few members of `struct proxy` into ists. All > of them have already been converted into ists when operating on them, so > directly storing

Re: Bug: No support of mqtt_is_valid and mqtt_field_value for proxy-protocol connection

Hi all On 3/6/22 18:10, Dhruv Jain wrote: I would request you to share a work around if possible until it is fixed. As a heads up: There's an issue in the tracker now. So before replying you might want to check there first: https://github.com/haproxy/haproxy/issues/1598 Best regards Tim

Re: Bug: No support of mqtt_is_valid and mqtt_field_value for proxy-protocol connection

Dhruv, On 3/6/22 18:10, Dhruv Jain wrote: In the following mqtt connection flow, mqtt_is_valid and mqtt_field_value is not working as intended. Client -> Google Load Balancer(proxy-protocol enabled) -> HAProxy Currently the connection is rejected if the ACL rule( https://pastebin.mozil

Bug: No support of mqtt_is_valid and mqtt_field_value for proxy-protocol connection

Hi, In the following mqtt connection flow, mqtt_is_valid and mqtt_field_value is not working as intended. Client -> Google Load Balancer(proxy-protocol enabled) -> HAProxy Currently the connection is rejected if the ACL rule( https://pastebin.mozilla.org/TESFMj1b#L57) is men

[PATCH 0/6] 'ist'ify members of struct proxy

Willy, Christopher, find a series that converts a few members of `struct proxy` into ists. All of them have already been converted into ists when operating on them, so directly storing them as ists makes that code cleaner. One drawback is that `struct proxy` grows by 16 bytes. It might or might

[PATCH 1/6] MINOR: proxy: Store monitor_uri as a `struct ist`

The monitor_uri is already processed as an ist in `http_wait_for_request`, lets also just store it as such. see 0643b0e7e ("MINOR: proxy: Make `header_unique_id` a `struct ist`") for a very similar past commit. --- include/haproxy/proxy-t.h | 3 +-- src/cfgparse-listen.c | 9 +++-

[PATCH 4/6] MEDIUM: proxy: Store server_id_hdr_name as a `struct ist`

The server_id_hdr_name is already processed as an ist in various locations lets also just store it as such. see 0643b0e7e ("MINOR: proxy: Make `header_unique_id` a `struct ist`") for a very similar past commit. --- include/haproxy/proxy-t.h | 3 +-- src/cfgparse-listen.c | 9

[PATCH 3/6] MINOR: proxy: Store orgto_hdr_name as a `struct ist`

The orgto_hdr_name is already processed as an ist in `http_process_request`, lets also just store it as such. see 0643b0e7e ("MINOR: proxy: Make `header_unique_id` a `struct ist`") for a very similar past commit. --- include/haproxy/proxy-t.h | 3 +-- src/cfgparse-listen.

[PATCH 2/6] MINOR: proxy: Store fwdfor_hdr_name as a `struct ist`

The fwdfor_hdr_name is already processed as an ist in `http_process_request`, lets also just store it as such. see 0643b0e7e ("MINOR: proxy: Make `header_unique_id` a `struct ist`") for a very similar past commit. --- include/haproxy/proxy-t.h | 3 +-- src/cfgparse-listen.

Re: [PATCH] MINOR: proxy: add option idle-close-on-response

On Wed, Jan 05, 2022 at 10:53:24PM +0100, William Dauchy wrote: > Avoid closing idle connections if a soft stop is in progress. > > By default, idle connections will be closed during a soft stop. In some > environments, a client talking to the proxy may have prepared some idle &

[PATCH] MINOR: proxy: add option idle-close-on-response

Avoid closing idle connections if a soft stop is in progress. By default, idle connections will be closed during a soft stop. In some environments, a client talking to the proxy may have prepared some idle connections in order to send requests later. If there is no proper retry on write errors

Re: HA-Proxy inquiry

ing in Bank of Bhutan under Data Center Division. > We want to do POC with the HA proxy load balancer in our environment. > > Please guide us on the way forward in HA-Proxy Load Balancer. > > > > > > *Warm Regards* > > > > Lhendup Norbu > > IT Officer,

HA-Proxy inquiry

Dear Sir/Madan, I am Lhendup Norbu working in Bank of Bhutan under Data Center Division. We want to do POC with the HA proxy load balancer in our environment. Please guide us on the way forward in HA-Proxy Load Balancer. Warm Regards Lhendup Norbu IT Officer, Data Center Division

Re: Proxy Protocol - any browser proxy extensions that support ?

! On Fri, Jun 4, 2021 at 4:43 PM Aleksandar Lazic wrote: > > On 04.06.21 21:32, Jim Freeman wrote: > > https://developer.chrome.com/docs/extensions/reference/proxy/ > > supports SOCKS4/SOCKS5 > > > > Does anyone know of any in-browser VPN/proxy extensions that supp

Re: Proxy Protocol - any browser proxy extensions that support ?

On 04.06.21 21:32, Jim Freeman wrote: https://developer.chrome.com/docs/extensions/reference/proxy/ supports SOCKS4/SOCKS5 Does anyone know of any in-browser VPN/proxy extensions that support Willy's Proxy Protocol ? https://www.haproxy.com/blog/haproxy/proxy-protocol/ enumerates some

Proxy Protocol - any browser proxy extensions that support ?

https://developer.chrome.com/docs/extensions/reference/proxy/ supports SOCKS4/SOCKS5 Does anyone know of any in-browser VPN/proxy extensions that support Willy's Proxy Protocol ? https://www.haproxy.com/blog/haproxy/proxy-protocol/ enumerates some of the state of support, but doesn't touch

HA-Proxy 1.7.5-2ppal~xenial

Hi, We are using HA-proxy version 1.7.5-2ppal~xenial <http://www.haproxy.org/download/1.8/src/haproxy-1.8.30.tar.gz> 2017/05/27 and have configured below setting to secure a cookie. These configuration does not seem to work. Please suggest what I am doing wrong. Rspirep ^(set-cookie:

Re: Setup HAProxy as a Forward Proxy for SMTP

If you want them to all use the same outgoing IP, you could place them behind a NAT router instead of using outgoing proxy server. That said, if you do want to use haproxy, I think you will want to use the "usesrc client" on the haproxy config and the haproxy server will also need the

Re: Setup HAProxy as a Forward Proxy for SMTP

No. PowerMTA would not be the last hop, because then it would be using the IPs that the PowerMTA Server is on. I am wanting PowerMTA -> HAProxy -> t...@gmail.com >From the article: This allows customers to deploy all their source IPs on an external proxy server instead of being

Re: Setup HAProxy as a Forward Proxy for SMTP

Hi, >From the first link, I understand you're trying to do the following: user MUA ==> HAProxy ==> fleet of power MTA ==> Internet ==> destination MTA Is this correct? Baptiste On Thu, May 6, 2021 at 5:13 AM Brizz Bane wrote: > I am wanting to set up HAProxy

  1   2   3   4   5   6   7   8   9   10   >