capture.req.uri max length?

Is there a maximum length when using capture.req.uri? It appears that the value is truncated when approaching close to 1024 bytes. It appears to be 1020 from the tests I was running. I have attempted to reduce tune.maxrewrite to 1024 since tune.bufsize is 16k; however, it appears that this

Is there a way to extract list of bound IPs via stats socket ?

Hi, I've been working on a piece of code to announce IPs (via ExaBGP) only if: * HAProxy is running * HAProxy actually uses a given IP * a frontend with given IP is up for few seconds. I could do that via lsof but that's pretty processor-intensive. Is there a way to extract list of binded IPs

Re: [PATCH] MINOR: ssl: remove duplicate ssl_methods in struct bind_conf

Hi Manu, On Fri, Sep 01, 2017 at 05:56:10PM +0200, Emmanuel Hocdet wrote: > > Hi Willy, Emeric > > Can you consider it? I guess I was waiting for Emeric's return from vacation then forgot. We'll discuss it on monday if I don't get news till then. Thanks for the reminder! Willy

Re: [PATCH] MINOR: ssl: remove duplicate ssl_methods in struct bind_conf

Hi Manu, On 09/01/2017 05:56 PM, Emmanuel Hocdet wrote: > > Hi Willy, Emeric > > Can you consider it? > > ++ > Manu > >> Le 9 août 2017 à 19:07, Emmanuel Hocdet a écrit : >> >> Hi Willy, >> >> Patch is not related to openssl version x. It’s a internal structure cleanup. >> I

Re: [PATCH] MINOR DOC: Improve CLI info on privilege levels

Hi Olivier, On Thu, Aug 31, 2017 at 11:18:24AM +0200, Olivier Doucet wrote: > Hello all, > > I was experimenting some CLI actions like "disable server" and get error > "Permission denied". I did not find easily why in HAProxy doc (I was in a > hurry, so did not read well, I admit). > This was

Re: Enable SSL Forward Secrecy

Hi Cyril, On Wed, Aug 30, 2017 at 06:55:07PM +0200, Lukas Tribus wrote: > Hello, > > > > Hehe yikes! This was it. It's normal that someone get's lost in all > > this cipher crap and it should be written in the HaProxy manual as > > an important step on how to harden security. > > Its not a

Re: Enable SSL Forward Secrecy

On Fri, Sep 01, 2017 at 07:04:36PM +0200, Willy Tarreau wrote: > Hi Cyril, s/Cyril/Lukas, sorry guys, that's what happens when I read one e-mail and reply to another one at the same time :-) Willy

Re: Is there a way to extract list of bound IPs via stats socket ?

On Fri, Sep 01, 2017 at 05:49:38PM +0200, Lukas Tribus wrote: > Hello, > > > Am 01.09.2017 um 15:46 schrieb Mariusz Gronczewski: > > Hi, > > > > I've been working on a piece of code to announce IPs (via ExaBGP) only if: > > > > * HAProxy is running > > * HAProxy actually uses a given IP > > * a

Re: capture.req.uri max length?

Hi Philip, On Fri, Sep 01, 2017 at 09:28:50AM -0400, Philip Seidel wrote: > Is there a maximum length when using capture.req.uri? It appears that the > value is truncated when approaching close to 1024 bytes. It appears to be > 1020 from the tests I was running. I have attempted to reduce >

Re: [PATCH] MINOR: ssl: remove duplicate ssl_methods in struct bind_conf

Hi Willy, Emeric Can you consider it? ++ Manu > Le 9 août 2017 à 19:07, Emmanuel Hocdet a écrit : > > Hi Willy, > > Patch is not related to openssl version x. It’s a internal structure cleanup. > I don’t label it as CLEANUP because it remove a potential source of errors >

[PATCH] MINOR: ssl: rework smp_fetch_ssl_fc_cl_str without internal ssl use

Hi Thierry, This patch is related to « Capturing browser TLS cipher suites » thread. I think it will be match the initial need but without internal ssl structure usage and. work with openssl 1.0.2 to 1.1.1 and boringssl. ++ Manu

Re: Is there a way to extract list of bound IPs via stats socket ?

Hello, Am 01.09.2017 um 15:46 schrieb Mariusz Gronczewski: > Hi, > > I've been working on a piece of code to announce IPs (via ExaBGP) only if: > > * HAProxy is running > * HAProxy actually uses a given IP > * a frontend with given IP is up for few seconds. > > I could do that via lsof but

Re: Is there a way to extract list of bound IPs via stats socket ?

On Fri, 1 Sep 2017 17:49:38 +0200, Lukas Tribus wrote: > Hello, > > > Am 01.09.2017 um 15:46 schrieb Mariusz Gronczewski: > > Hi, > > > > I've been working on a piece of code to announce IPs (via ExaBGP) only if: > > > > * HAProxy is running > > * HAProxy actually uses a given

[PATCH] DOC: Add note about "* " prefix in CSV stats

Just a little documentation patch I wrote, after stumbling across this:https://github.com/dschneller/bosun/commit/6ca776dd6543d123a135b4a84a5e3e66093c3986 0001-DOC-Add-note-about-prefix-in-CSV-stats.patch Description: Binary data Cheers,Daniel -- Daniel SchnellerPrincipal Cloud Engineer 

Re: Enable SSL Forward Secrecy

Hi,inspired by this, I added a paragraph with links to the documentation.Small patch attached.Cheers,Daniel 0001-DOC-Refer-to-Mozilla-TLS-info-config-generator.patch Description: Binary data -- Daniel SchnellerPrincipal Cloud Engineer CenterDevice GmbH                  | Hochstraße 11           

Re: Enable SSL Forward Secrecy

On Fri, Sep 01, 2017 at 07:37:50PM +0200, Daniel Schneller wrote: > Hi, > > inspired by this, I added a paragraph with links to the documentation. > Small patch attached. Cool, thanks Daniel, now applied. Willy

RE: Enable SSL Forward Secrecy

Hi, I recently started receiving the emails for jgronow...@ditronics.com, can you please remove this name from whatever list this is? Regards, Rachel Davis IT Help Desk 7699 W. Post Road Las Vegas, NV 89113 Mobile: 702.600.0472 Customer Service: 800.845.3065 Website: www.ditronics.com

Re: capture.req.uri max length?

Thanks Willy! That worked perfectly. Phil On Fri, Sep 1, 2017 at 1:12 PM, Willy Tarreau wrote: > Hi Philip, > > On Fri, Sep 01, 2017 at 09:28:50AM -0400, Philip Seidel wrote: > > Is there a maximum length when using capture.req.uri? It appears that > the > > value is truncated

GSMA Mobile World Congress Americas 2017- Attendees list

Hi, Hope this note finds you good I understand that you are one of the Exhibitor of upcoming event "GSMA Mobile World Congress Americas 2017" which is held on September 12th - 14th San Francisco|USA. I thought I'd check if you are interested in acquiring "GSMA Mobile World Congress