HAProxy on FreeBSD 8.3 with transparent proxying (TProxy?)

2013-04-17 Thread PiBa-NL
could proceed further with making it work ? Thanks in advance, PiBa-NL

Re: HAProxy on FreeBSD 8.3 with transparent proxying (TProxy?)

2013-04-17 Thread PiBa-NL
on what might need to change, what to test or how i could proceed further with making it work ? Thanks in advance, PiBa-NL

Re: HAProxy on FreeBSD 8.3 with transparent proxying (TProxy?)

2013-04-17 Thread PiBa-NL
HAproxy should in step 4 somehow get the SYN-ack packet, im not sure if it should listen/bind on all local IP's or if the traffic should get passed back to a HAProxy port by using for example a NAT rule.?. PiBa-NL Op 17-4-2013 21:21, Baptiste schreef: Hi, In order to work in transparent proxy

Re: HAProxy on FreeBSD 8.3 with transparent proxying (TProxy?)

2013-04-18 Thread PiBa-NL
1260,sackOK,TS val 145638 ecr 92963], length 0 Those last three packets should not go towards the browser pc.. Op 17-4-2013 21:55, PiBa-NL schreef: Hi Baptiste, Thanks for your reply, i understand that the traffic must pass through the router/HAProxy box, and for that part i can confirm

Re: Block url in https

2013-04-24 Thread PiBa-NL
to remove the encryption and then be able to use 'http' mode processing. |bind :443 ssl crt /etc/haproxy/site.pem | -PiBa-NL Op 24-4-2013 18:35, Bryan Talbot schreef: Since the traffic passing through your port 443 is presumably encrypted, by design, the proxy can't do anything

Re: API/Programmatic Interface

2013-04-24 Thread PiBa-NL
/server *set weight http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#9-set%20weight*backend/serverweight[%] But i think it wont allow you to add new servers.. Nor change the loadbalancing algorithm. Greets PiBa-NL Op 24-4-2013 20:15, Dave Ariens schreef: Hi subs, I've looked around

Re: Client ip gets lost after a request being passed through two haproxies?

2013-04-25 Thread PiBa-NL
: -use send-proxy and accept-proxy for the connection between HAProxyB and HAProxyA PiBa-NL Op 25-4-2013 19:29, Wei Kong schreef: Hi, We have an haproxy (A)in front of ngnix and it has been working great and we can get the client ip without any problem HAProxy A - Nginx Recently we added

Re: HAProxy on FreeBSD 8.3 with transparent proxying (TProxy?)

2013-04-26 Thread PiBa-NL
IP_FREEBIND 15 #endif /* !IP_FREEBIND */ Op 26-4-2013 8:33, Willy Tarreau schreef: Hi, On Fri, Apr 26, 2013 at 12:55:23AM +0200, PiBa-NL wrote: Hi All / Developers, Seams i have tranparent proxying working now on FreeBSD 8.3 with HAProxy1.5dev18 + small modification. Needed to add a firewall

Re: HAProxy on FreeBSD 8.3 with transparent proxying (TProxy?)

2013-04-26 Thread PiBa-NL
to make these changes. Is this the way to go? Thanks for reviewing my proposed changes sofar. PiBa-NL Op 26-4-2013 22:40, Willy Tarreau schreef: Hi Lukas, On Fri, Apr 26, 2013 at 10:26:33PM +0200, Lukas Tribus wrote: Hi, throwing in my two cents here, based on a few uneducated guesses reading

Re: HAProxy on FreeBSD 8.3 with transparent proxying (TProxy?)

2013-04-26 Thread PiBa-NL
Hi Willy, Ill give it a try and send the patch as an attachment, though im not 100% comfortable with the code. I think i can do it. Will take me a few days though.. Thanks sofar. Op 26-4-2013 23:12, Willy Tarreau schreef: On Fri, Apr 26, 2013 at 11:03:00PM +0200, PiBa-NL wrote: Hi Willy

Re: HAProxy on FreeBSD 8.3 with transparent proxying (TProxy?)

2013-04-27 Thread PiBa-NL
/haproxy.git ..) -FreeBSD IP_BINDANY diff -urN.patch generated with diff -urN (against the 'port source') I hope one of them can be used by you. Please take a look and comment if something is amiss. Greetings PiBa-NL Op 26-4-2013 23:40, PiBa-NL schreef: Hi Willy, Ill give it a try and send the patch

Re: SSL offloading configuration

2013-04-30 Thread PiBa-NL
Hi Chriss, That seams possible already.?. If you have the configuration for SSL offloading configured already all you need to add is the ssl option to your backend servers. -- http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#5.2 -- *ssl

Re: Transparent TCP LoadBalancing on FreeBSD

2013-05-02 Thread PiBa-NL
For the better/cleaner fix this one should be usable [2]: http://marc.info/?l=haproxym=136707895800761w=2 , which is what i would like to get committed to the main HAProxy source tree. @Willy could you take a look at the patch attached to that mail [2] ? Greets, PiBa-NL Op 2-5-2013 5:13, ZeN

Re: TProxy debugging

2013-05-07 Thread PiBa-NL
can help better. But hope this helps in the 'debugging' a bit :). Also i found it usefull to start haproxy with the -d -V parameters to show on-screen what happens (told me it couldnt bind to a nonlocal ip at first tries..). Greets PiBa-NL

Re: HAProxy on FreeBSD 8.3 with transparent proxying (TProxy?)

2013-05-08 Thread PiBa-NL
Hi Willy, Could you please let me know what your findings are about the proposed patch? Does it need some more work, is it implemented wrongly, or would it help if i send my current haproxy.cfg file? If i need to change something please let me know, thanks. Thanks for your time, PiBa-NL Op

Re: HAProxy on FreeBSD 8.3 with transparent proxying (TProxy?)

2013-05-08 Thread PiBa-NL
i configured the 'ipfw' firewall/nat to make it work. p.s. Ive spotted a issue in my patch with the IPv6 part where i forgot about the OpenBSD part (SOL_SOCKET SO_BINDANY) should probably be added there also. PiBa-NL Op 8-5-2013 20:18, Willy Tarreau schreef: Hi, On Wed, May 08, 2013 at 07

Re: HAProxy on FreeBSD 8.3 with transparent proxying (TProxy?)

2013-05-09 Thread PiBa-NL
Hi Willy, Thanks the patches look good, and when applied separately all compile without issues on FreeBSD. (Except when using the USE_LINUX_TPROXY flag, but that shouldn't be used on FreeBSD anyway.) And transparent proxying works correctly on FreeBSD as was expected. Ive included a

Re: Haproxy SSL Termination question

2013-05-15 Thread PiBa-NL
Hi Joe, Sounds like you need the 'ssl' option for your backend server. This option enables SSL ciphering on outgoing connections to the server. Just below the source option: http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#5-source (#5-ssl goes to wrong part of the help.. for

Re: Configuring different backends using ACL

2013-06-19 Thread PiBa-NL
a request to http://haproxy/jboss/index.html to http://jbossserver/index.html , is that indeed what you want/expect? im not sure thats actually possible.. (also thinking about links send in a response would not point to the subfolder.) greets PiBa-NL Op 19-6-2013 23:26, Lukas Tribus schreef: Hi

Re: GIT clone fails, how to proceed?

2013-06-22 Thread PiBa-NL
if there is a good workaround / secondary up to date repository. PiBa-NL Op 22-6-2013 1:22, Lukas Tribus schreef: Hi! When trying to clone the repository it always seems to fail. (there have been more reports of this in emails/irc of other users..) Also it seams to take ages before it fails.. I'm using

Re: Does the transparent can't work in FreeBSD?

2013-07-09 Thread PiBa-NL
required settings (config if it changes) when you manage to get it working. Greetings PiBa-NL Op 9-7-2013 12:55, jinge schreef: Hi,all! We use haproxy and FreeBSD for our cache system. And we want to use the transparent option http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4-option

Re: FreeBSD with options transparent not working.

2013-07-11 Thread PiBa-NL
that still contains the problem you currently experience? Greets PiBa-NL Op 11-7-2013 14:38, Baptiste schreef: So the problem might be in the way you compiled HAProxy or you have configured your OS. Unfortunately, I can't help on FreeBSD :'( Baptiste On Thu, Jul 11, 2013 at 11:55 AM, jinge altman87

Re: Does the transparent can't work in FreeBSD?

2013-07-12 Thread PiBa-NL
If this can actually work, i currently do not know.. My only FreeBSD 9 pf knowledge is from reading its manual. So cant help with that. If you do manage to get the divert-to working please do share it with us. Greets PiBa-NL Op 12-7-2013 7:37, jinge schreef: Hi PiBa-NL, I just follow your

Re: Apache logs and source IP

2013-11-13 Thread PiBa-NL
(or is that some higher HAproxy logic/failsafe im missing?) Greets PiBa-NL

Re: Can't clone repository; hangs

2013-11-28 Thread PiBa-NL
Haven't tried that one recently, but found http://master.formilux.org/git/people/willy/haproxy.git to be a bit faster and at least completing the clone without an error. Maybe it helps. Greets PiBa-NL Pawel schreef op 28-11-2013 4:33: On Nov 27, 2013, at 5:24 PM, Charles Strahan

Re: example of agent-check ?

2013-12-27 Thread PiBa-NL
Simon Drake schreef op 27-12-2013 17:07: / / /Would it be possible to post an example showing the correct haproxy config to use with the agent-check. / /By the way I saw the mailing list post recently about the changes to the agent-check, using state and percentage, and I think that the

Re: HA-Proxy version 1.5-dev21-51437d2 2013/12/29 sticky ssl sessons are not working in my environment

2014-01-03 Thread PiBa-NL
for others. Greets PiBa-NL Lukas Tribus schreef op 3-1-2014 22:41: Hi, Hello , Many thanks for your replay. This thing is more stranger i downloaded and compiled serverl versions of HAproxy 1.5.x.x and the result was alwase the same I experimented with following versions At first i testing

Re: HAProxy 1.5

2014-01-09 Thread PiBa-NL
be made for some final bug fix checks... Greets PiBa-NL Find below part of the 1.5dev20 release mail from Willy as the mailinglist archives are not containing this.. (followed a day later by dev21 to fix a small but annoying issue): I expect to release 1.5-final around January and mostly

how to use ASPSESSIONID with stick-table?

2014-01-09 Thread PiBa-NL
Hi, While reading about stickyness its seems like there are quite a few options. *TCP* 1- balance source 2- stick on src *SSL* 3- stick on payload_lv(43,1) if clienthello *HTTP/SSLoffloading* 4- cookie cookie 5- stick on req.cook(cookie) 6- appsession cookie But while the last 3 options can all

Re: example of agent-check ?

2014-01-11 Thread PiBa-NL
2000 rise 2 fall 3 minconn 0 maxconn 0 on-marked-down shutdown-sessions On 27 December 2013 22:44, PiBa-NL piba.nl@gmail.com wrote: Simon Drake schreef op 27-12-2013 17:07: Would it be possible to post an example showing the correct haproxy config to use with the agent-check. By the way

Re: example of agent-check ?

2014-01-12 Thread PiBa-NL
Ok seems my trouble came from using balancestatic-rr. Actually when using the unix socket to set a weight to 50% it tells: Backend is using a static LB algorithm and only accepts weights '0%' and '100%'. So that explains my issue. Abd the manual states Each server is used in

Re: Error 400

2014-01-13 Thread PiBa-NL
When using the backens with port 443 do you have the ssl keyword on the server line? http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#5.2-ssl Also can you share your complete (anonimized) haproxy configuration file? Kobus Bensch schreef op 13-1-2014 12:27: A few more observations:

Re: Difference frontend/backend to listen?

2014-01-16 Thread PiBa-NL
to see if servers are properly checked as 'up' by haproxy. Greets PiBa-NL Florian Engelmann schreef op 16-1-2014 12:29: Hi, I got two configurations the should do the same. One is based on a frontend/backend layout the second does it with just listen. The listen configuratiuon is working

issue with acl pattern -m match on a string starting with space or containing a comma, with 1.5-dev21

2014-01-16 Thread PiBa-NL
= -O2 -pipe -fno-strict-aliasing -DFREEBSD_PORTS OPTIONS = USE_GETADDRINFO=1 USE_ZLIB=1 USE_OPENSSL=1 USE_STATIC_PCRE=1 Did i do something wrong, or can you give it a test.? Thanks. Thanks for the great product! Greets PiBa-NL

Re: issue with acl pattern -m match on a string starting with space or containing a comma, with 1.5-dev21

2014-01-17 Thread PiBa-NL
. I knew that the comma didn't need escaping but started to try it anyway because it didn't seem to work, and so started to have a few doubts.. Sorry for the noise and thanks, again. PiBa-NL Thierry FOURNIER schreef op 17-1-2014 11:25: Hi, First, you must not escape the comma character

Re: Difference frontend/backend to listen?

2014-01-17 Thread PiBa-NL
on the same machine and then testing? Or is 1 running production and the other is under a test.domain.name? Maybe the backend sends a different reply if the request Host header is different..? Greets PiBa-NL Florian Engelmann schreef op 17-1-2014 13:43: Hi PiBa-NL, Found a a minor difference

Re: File uploads (multipart/form-data POST ) and transparent mode fail

2014-01-18 Thread PiBa-NL
can automate that, and if not at least put a warning note that this kind of rule must be added for it to work properly. Can you confirm this indeed solves the issue? Thanks PiBa-NL Magnus Thomé schreef op 18-1-2014 9:32: Last night during a couple of hours I took the time to read through

Re: File uploads (multipart/form-data POST ) and transparent mode fail

2014-01-19 Thread PiBa-NL
. As for the current 'workaround', you can probably make an alias with all ip's you want to affect and use that in the floating-rule. I haven't tested it but cant think of a reason why that wouldn't work.. Greets PiBa-NL Magnus Thomé schreef op 19-1-2014 9:45: Yee! THANK YOU!!! Works

Re: Healthcheck via https

2014-01-20 Thread PiBa-NL
just4hapr...@t-online.de schreef op 20-1-2014 20:59: server backend_server_1 server_ip:1 check-ssl server backend_server_2 server_ip:1 check-ssl Try it like this: server backend_server_1 server_ip:1 check check-ssl server backend_server_2 server_ip:1 check

Re: limit sticky connection count?

2014-01-21 Thread PiBa-NL
100 expire 60s stick on src server www01 127.0.0.1 check observe layer7 server www02 127.0.0.2 check observe layer7 server www03 127.0.0.3 check observe layer7 Greets PiBa-NL Michael Johnson - MJ schreef op 21-1-2014 21:57: Is there a way to limit the number of sticky connections

Re: Use one backend server at a time

2014-01-30 Thread PiBa-NL
Im not 100% sure but if i remember something i read correctly it was like using a stick on dst stick-table. That way the sticktable will make sure all traffic go's to a single server, and only when it fails another server will be put in the sticktable that will only have 1 entry. You might

Re: Use one backend server at a time

2014-01-30 Thread PiBa-NL
ok found it again in the part about Automatic failover without failback http://blog.exceliance.fr/2014/01/17/emulating-activepassing-application-clustering-with-haproxy/ PiBa-NL schreef op 30-1-2014 19:14: Im not 100% sure but if i remember something i read correctly it was like using a stick

Re: Use one backend server at a time

2014-01-30 Thread PiBa-NL
This should (i expect) work with any number of backup servers, as long as you only need 1 active. Ryan O'Hara schreef op 30-1-2014 19:34: On Thu, Jan 30, 2014 at 07:14:30PM +0100, PiBa-NL wrote: Im not 100% sure but if i remember something i read correctly it was like using a stick on dst

Re: SSL load-balancing across multiple HAProxy instances

2014-02-14 Thread PiBa-NL
I think this is the issue in the mode http frontend: req_ssl_hello_type : integer (deprecated) this will not work with bind lines having the ssl Patrick Hemmer schreef op 14-2-2014 22:34: You haven't told it to use SSL when talking to the servers listening on :4443. By default haproxy is

Re: AW: Keeping statistics after a reload

2014-02-28 Thread PiBa-NL
programs/scripts/tools to also keep historical/cumulative data for haproxy and can share their experience with it? Greets PiBa-NL Andreas Mock schreef op 28-2-2014 16:33: Hi all, the list is normally really responsive. In this case nobody gave an answer. So, I don't know whether my question

Re: inspecting incoming tcp content

2014-03-03 Thread PiBa-NL
, and seen a previous question http://comments.gmane.org/gmane.comp.web.haproxy/11942 which seems to have gone without a final solution as well. So the question is, is this possible or might there be some issues in 'converting' the checks? Thanks for your time. Greets PiBa-NL Baptiste schreef op 28-2

Re: inspecting incoming tcp content

2014-03-04 Thread PiBa-NL
sense, just not for 'textual' protocols. Thanks for investigating. PiBa-NL Willy Tarreau schreef op 4-3-2014 17:28: On Tue, Mar 04, 2014 at 04:51:56PM +0100, Thierry FOURNIER wrote: The match bin get the configuration string 474554 and convert it as the binary sequence GET. The match str get

Re: Equivalent Weblogic and BigIP

2014-03-06 Thread PiBa-NL
not sure if this would fix your issue. but seems at least you should change the used name of the cookie from JSESSIONID to BIGipServervipf5-PRD As currently your overwriting the session cookie the application needs. Jorge Severino schreef op 6-3-2014 22:14: Hi Guys: I replaced one F5 BigIP

Re: recent test for dev22 on BSD

2014-03-20 Thread PiBa-NL
About 3 and 4 i have no clue.. Greets PiBa-NL k simon schreef op 20-3-2014 16:12: Hi,lists, I tested dev22 on FreeBSD 10-stable recently, and found: 1. ipfw fwd works well with dev22+tproxy. It's have a nice guide in the /usr/local/share/examples. But pf's divert-to and divert-reply can't

Re: Multiple/non-standard ssl ports on one frontend?

2014-06-03 Thread PiBa-NL
is handled. Greets PiBa-NL

Re: Multiple/non-standard ssl ports on one frontend?

2014-06-03 Thread PiBa-NL
is handled. Greets PiBa-NL

failing health checks, when using unix sockets, with ssl serverbinding, 1.5.3

2014-08-16 Thread PiBa-NL
to send the requests to the proper backend. The purpose would be to minimize the load on haproxy itself, while maximizing supported clients (XP and older mobile devices). Thanks in advance. PiBa-NL global daemon gid80 ssl-server-verify none tune.ssl.default-dh-param 1024

failing health checks, when using unix sockets, with ssl serverbinding, 1.5.3

2014-08-23 Thread PiBa-NL
maximizing supported clients (XP and older mobile devices). Thanks in advance. PiBa-NL global daemon gid80 ssl-server-verify none tune.ssl.default-dh-param 1024 chroot/tmp/haproxy_chroot defaults timeout connect3 timeout server

Re: smtp cluster with haproxy

2014-08-27 Thread PiBa-NL
work i would add a listen section for stats to check if haproxy does 'see' the servers are 'up'. Greets PiBa-NL Fraj KALLEL schreef op 27-8-2014 18:05: hello, i use postfix 2.11 and haproxy 1.5 for setting up cluster smtp. above is my configuration and the cluster doesn't work. have you any

tcp-request content track-sc2 with if statement doesn't work?

2014-09-06 Thread PiBa-NL
something wrong, is the blog outdated, or was a bug introduced somewhere? If more information perhaps -vv or full config is needed let me know, thanks for any reply. p.s. did anyone get my other emails a while back? [1] Kind regards, PiBa-NL [0] http://blog.haproxy.com/2013/04/26/wordpress

Re: tcp-request content track-sc2 with if statement doesn't work?

2014-09-07 Thread PiBa-NL
it for other people to not fall into the same mistake? Thanks, PiBa-NL Baptiste schreef op 7-9-2014 11:38: On Sat, Sep 6, 2014 at 9:16 PM, PiBa-NL piba.nl@gmail.com wrote: Hi list, Inspired by a blog about wordpress bruteforce protection [0] , i'm trying to use this same kind of method

Re: tcp-request content track-sc2 with if statement doesn't work?

2014-09-07 Thread PiBa-NL
Baptiste schreef op 7-9-2014 17:13: On Sun, Sep 7, 2014 at 2:55 PM, PiBa-NL piba.nl@gmail.com wrote: Hi Baptiste, Thanks that fixes my issue indeed with the following: tcp-request inspect-delay 10s tcp-request content track-sc1 base32+src if METH_GET wp_login tcp

Re: About the ssl check

2014-09-15 Thread PiBa-NL
Zebra schreef op 16-9-2014 2:58: Hi,all I configure one back-end using tcp mode,and I want to ssh the server(s) behind the back-end just for testing. So I used check-ssl to enable ssl check. backend ssh_servers mode tcp server server2 192.168.10.95:22 check-ssl check

Re: About the health check

2014-09-15 Thread PiBa-NL
Zebra schreef op 16-9-2014 3:08: Hi,all I configure the backend with one server and want to make the health check for it using tcp.And the configuration as below. backend httpservers option tcp-check This actually makes it perform tests on a higher layer: Perform health checks using

Re: 回复: About the health check

2014-09-16 Thread PiBa-NL
. Zebra schreef op 16-9-2014 3:53: Hi, PiBa-NL Thank you for your reply . But I used tcpdump and find the check only try to make one tcp three-way handshake and even the packet for tcp ACK will not send. This is the result : root@ubuntuforhaproxy:/home# tcpdump -lnvvvXei eth0 tcp port 22

Re: tcp-check not checking

2014-09-19 Thread PiBa-NL
Hi Dennis, option tcp-check that requires more send/expect options to actually perform L7 checks. For a simple L4 check remove the line completely or add : tcp-check connect You might also want to look at option httpchk. Which is more friendly for basic http checks. Greets PiBa-NL Dennis

Re: Session sticking to backup server

2014-09-29 Thread PiBa-NL
Take a look at 'non-stick' and or 'on-marked-up shutdown-backup-sessions' they might help with your issue. Another option could be to remove the backup server from your config, and serve the static page with 'errorfile 503 /etc/haproxy/errorfiles/503sorry.http'. Dennis Jacobfeuerborn

[PATCH] DOC: httplog does not support 'no'

2014-12-11 Thread PiBa-NL
[PATCH] DOC: httplog does not support 'no' Modified: doc/configuration.txt doc/configuration.txt | 6 ++ 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/doc/configuration.txt b/doc/configuration.txt index aa6baab..5dc3afa 100644 --- a/doc/configuration.txt +++

Re: tcp-check for IMAP SSL ?

2015-01-01 Thread PiBa-NL
Yosef Amir schreef op 1-1-2015 om 13:57: Hi , I have servers that listen for plain IMAP on port 143 and servers that listen for IMAP SSL on port 443. I have successfully tested HAProxy for tcp-check proxying to IMAP servers listen on port 143 . I don’t know how to configure the option

Re: haproxy and multiple ports

2015-02-06 Thread PiBa-NL
Nick Couchman schreef op 6-2-2015 om 23:52: It's hard to figure out exactly how to phrase what I'm trying to do, but I essentially need a configuration for HAProxy where I can pin the load-balancing of one front-end port to another one, so that both go to the same back-end port. Here's what

Re: Delaying requests with Lua

2015-06-18 Thread PiBa-NL
Thing to check, what happens to concurrent connection requests? My guess is with 10 concurrent requests it might take up to 20 seconds(worst case for 10 connections) for some requests instead of the expected max 2.. Thierry FOURNIER schreef op 18-6-2015 om 19:35: Hi, You can do this with

Re: Delaying requests with Lua

2015-06-18 Thread PiBa-NL
Jun 2015 20:27:07 +0200 PiBa-NL piba.nl@gmail.com wrote: Thing to check, what happens to concurrent connection requests? My guess is with 10 concurrent requests it might take up to 20 seconds(worst case for 10 connections) for some requests instead of the expected max 2.. Note that we don't

Re: Lua testcase.. some 'random' data returned when loading a image.. 1.6dev2

2015-06-19 Thread PiBa-NL
() end Thierry FOURNIER schreef op 19-6-2015 om 14:22: On Fri, 19 Jun 2015 02:05:50 +0200 PiBa-NL piba.nl@gmail.com wrote: Hi guys, I'm sure i am abusing lua for completely wrong thing here. But i do not understand why the result isn't at least consistent.. Ive got a Pinguïns.jpg

Lua testcase.. some 'random' data returned when loading a image.. 1.6dev2

2015-06-18 Thread PiBa-NL
Hi guys, I'm sure i am abusing lua for completely wrong thing here. But i do not understand why the result isn't at least consistent.. Ive got a Pinguïns.jpg of 759kB (Default Windows 7 example image).. And have the configuration listed below. When requesting the image from a browser the top of

Re: Receiving HTTP responses to TCP pool

2015-06-16 Thread PiBa-NL
16, 2015 at 4:39 PM, PiBa-NL piba.nl@gmail.com mailto:piba.nl@gmail.com wrote: Which does not prevent the backend from using mode http as the defaults section sets. CJ Ess schreef op 16-6-2015 om 22:36: mode tcp is already present in mainfrontend definition below

Re: Receiving HTTP responses to TCP pool

2015-06-16 Thread PiBa-NL
Which does not prevent the backend from using mode http as the defaults section sets. CJ Ess schreef op 16-6-2015 om 22:36: mode tcp is already present in mainfrontend definition below the bind statement On Mon, Jun 15, 2015 at 3:05 PM, PiBa-NL piba.nl@gmail.com mailto:piba.nl

Re: HAProxy Stats and SSL Problems

2015-06-15 Thread PiBa-NL
Matthew Cox schreef op 15-6-2015 om 20:05: Hello, I've been trying to diagnose an odd issue with HAProxy (1.5.x) statistics and SSL. I'm seeing clients having problems with the SSL negotiation. When digging with openssl, there seems to be a clear text http 1.x response which causes the

Re: Receiving HTTP responses to TCP pool

2015-06-15 Thread PiBa-NL
CJ Ess schreef op 15-6-2015 om 20:52: This one has me stumped - I'm trying to proxy SMTP connections however I'm getting an HTTP response when I try to connect to port 25 (even though I've done mode tcp). This is the smallest subset that reproduced the problem - I can make this work by doing

[PATCH] DOC: match several lua configuration option names to those implemented in code

2015-08-16 Thread PiBa-NL
Hi, Ive found some inconsistencies in the documentation, patch attached. Could you take a look and merge it? Thanks. Regards, PiBa-NL From 007f377f637dbafc47cb77f6650e4df55e08b608 Mon Sep 17 00:00:00 2001 From: Pieter Baauw piba.nl@gmail.com Date: Sun, 16 Aug 2015 15:26:24 +0200 Subject

[PATCH] MINOR cfgparse: Correct the mailer warning text to show the right names to the user

2015-08-16 Thread PiBa-NL
Hi Guys, Patch attached to correct the mailer warning text to show the right names to the user. Regards, PiBa-NL From aa2cccdf5e95d2850692ec8189fc9ed20a586575 Mon Sep 17 00:00:00 2001 From: Pieter Baauw piba.nl@gmail.com Date: Mon, 17 Aug 2015 00:45:05 +0200 Subject: [PATCH] MINOR

Fwd: request for comment - [PATCH] MEDIUM: mailer: retry sending a mail up to 3 times

2015-08-04 Thread PiBa-NL
bump? Doorgestuurd bericht Onderwerp: request for comment - [PATCH] MEDIUM: mailer: retry sending a mail up to 3 times Datum: Sun, 26 Jul 2015 21:08:41 +0200 Van:PiBa-NL piba.nl@gmail.com Aan:HAproxy Mailing Lists haproxy@formilux.org Hi guys, Ive created

Re: health checks with SNI/virtual hosts

2015-07-23 Thread PiBa-NL
I believe you need 1.6-dev3 for that: http://cbonte.github.io/haproxy-dconv/configuration-1.6.html#5.2-sni Jim Gronowski schreef op 23-7-2015 om 23:20: I’m trying to do health checks on a site that is served with SNI – so going directly to the IP generates a 404 – the backend server is

[PATCH] BUG/MINOR: mailer: DATA part must be terminated with CRLF.CRLF

2015-07-22 Thread PiBa-NL
Hi Willy, Please check attached patch to solve not being able to send a mail to a exchange server as discussed in previous mail thread. http://marc.info/?l=haproxym=143708032708431w=2 Is it correct like this? Thanks for the great software :). Regards, Pieter From

request for comment - [PATCH] MEDIUM: mailer: retry sending a mail up to 3 times

2015-07-26 Thread PiBa-NL
better way? -i used the 'fall' variable to track the number of retries.. should i have created a separate 'retries' variable? Thanks for any feedback you can give me. Best regards, PiBa-NL From c5110d981cf0d2c070e88331eede15b0b16e80df Mon Sep 17 00:00:00 2001 From: Pieter Baauw piba.nl

Re: haproxy can't bind to mysql port

2015-07-25 Thread PiBa-NL
Tim Dunphy schreef op 25-7-2015 om 17:00: You need to run haproxy as root to bind to ports lower than 1024 I tried running haproxy as root/root: [root@ha1:/etc/haproxy] #egrep user|group haproxy.cfg| grep -v option user root group root user and group dont affect what user haproxy

Re: Mailer does not work

2015-07-16 Thread PiBa-NL
It looks to me as if the dot is send in the wrong place. Attached patch would fix that. https://www.ietf.org/rfc/rfc2821.txt the character sequence CRLF.CRLF ends the mail text. Could you guy's take a look? mlist schreef op 15-7-2015 om 14:23: At the end of each smtp session, we see a packet

Re: lua, changing response-body in http pages 'supported' ?

2015-10-24 Thread PiBa-NL
Hi Thierry, haproxy-list, Op 19-10-2015 om 11:24 schreef thierry.fourn...@arpalert.org: On Mon, 19 Oct 2015 01:31:42 +0200 PiBa-NL <piba.nl@gmail.com> wrote: Hi Thierry, Op 18-10-2015 om 21:37 schreef thierry.fourn...@arpalert.org: On Sun, 18 Oct 2015 00:07:13 +0200 PiBa-NL &l

Re: [LUA] Lua advanced documentation

2015-10-28 Thread PiBa-NL
for the more native English speaking/writing people. I haven't tried to check it myself, but didn't see it in either of the documents how often is a function from core.register_task called? Or should it contain a loop+sleep ? Perhaps a small example could be added? Regards PiBa-NL HAProxy

Re: Echo server in Lua

2015-11-10 Thread PiBa-NL
b.t.w. if sole purpose of the frontend is to echo the ip back to the client. You should probably also check the 'use-service' applet syntax, i dont know if that could be faster for your purpose. Then another thing to check would be if you want to use the tcp or http service mode. A TCP service

[PATCH] DOC: lua-api/index.rst small example fixes, spelling correction.

2015-11-08 Thread PiBa-NL
Hi List, Willy, Attached some small example fixes, spelling correction. Hope its ok like this :). Regards, PiBa-NL From fdecc44b9bf94bfaceb9d0335ea3a185e575cd86 Mon Sep 17 00:00:00 2001 From: Pieter Baauw <piba.nl@gmail.com> Date: Sun, 8 Nov 2015 16:38:08 +0100 Subject: [PATCH] DOC: l

Re: [PATCH] MEDIUM: mailer: try sending a mail up to 3 times

2015-11-08 Thread PiBa-NL
Forgot to include list, sorry. Op 8-11-2015 om 17:33 schreef PiBa-NL: Hi Ben, Willy, Simon, Ben, thanks for the review. Hoping 'release pressure' has cleared for Willy i'm resending the patch now, with with your comments incorporated. CC, to Simon as maintainer of mailers part so he can

Re: [PATCH] MEDIUM: mailer: try sending a mail up to 3 times

2015-11-08 Thread PiBa-NL
Forgot to include list, sorry. And then the attachment dropped of.. Resending. Op 8-11-2015 om 17:33 schreef PiBa-NL: Hi Ben, Willy, Simon, Ben, thanks for the review. Hoping 'release pressure' has cleared for Willy i'm resending the patch now, with with your comments incorporated. CC

Re: [PATCH] MEDIUM: mailer: try sending a mail up to 3 times

2015-11-16 Thread PiBa-NL
Hi Willy, Op 16-11-2015 om 7:20 schreef Willy Tarreau: Hi Pieter, On Mon, Nov 16, 2015 at 12:13:50AM +0100, PiBa-NL wrote: -but check->conn->flags & 0xFF is a bit of s guess from observing the flags when it could connect but the server did not respond properly.. is there a other

Re: [PATCH] MEDIUM: mailer: try sending a mail up to 3 times

2015-11-15 Thread PiBa-NL
Hi Willy, Op 15-11-2015 om 8:48 schreef Willy Tarreau: Pieter, I'm just seeing this part in your description while merging the patch : On Sun, Nov 08, 2015 at 07:19:21PM +0100, PiBa-NL wrote: HOWEVER. -i have not checked for memoryleaks, sockets not being closed properly (i dont know how

Re: Echo server in Lua

2015-11-11 Thread PiBa-NL
onfig: frontend tcp-echo bind 127.0.2.1:1610 timeout client 1 mode tcp tcp-request content lua.tcp-echo Testing this with ab frequently hangs and times out even at tiny loads (10 requests with concurrency 3). On Wednesday, 11 November 2015, 10:19, PiBa-NL <piba.nl..

Re: LUA, 'retry' failed requests

2015-11-02 Thread PiBa-NL
Op 2-11-2015 om 10:03 schreef Thierry FOURNIER: On Sat, 31 Oct 2015 21:22:14 +0100 PiBa-NL <piba.nl@gmail.com> wrote: Hi Thierry, haproxy-list, Hi Pieter, Hi Thierry, I've created another possibly interesting lua script, and it works :) (mostly). (on my test machine..) When i

Re: LUA, 'retry' failed requests

2015-11-05 Thread PiBa-NL
as i could tell. Anyway less warnings is better. include/common/mini-clist.h:114:9: warning: 'LIST_PREV' macro redefined #define LIST_PREV(lh, pt, el) (LIST_ELEM((lh)->p, pt, el)) Second patch i confirm fixes the core dump. Thanks as always! Regards, PiBa-NL Thierry On Mon, 2 Nov 2015 20:50

LUA, 'retry' failed requests

2015-10-31 Thread PiBa-NL
Hi Thierry, haproxy-list, I've created another possibly interesting lua script, and it works :) (mostly). (on my test machine..) When i visit the 192.168.0.120:9003 website i always see the 'Hello World' page. So in that regard this is usable, it is left to the browser to send the request

Re: lua, changing response-body in http pages 'supported' ?

2015-10-18 Thread PiBa-NL
Hi Thierry, Op 18-10-2015 om 21:37 schreef thierry.fourn...@arpalert.org: On Sun, 18 Oct 2015 00:07:13 +0200 PiBa-NL <piba.nl@gmail.com> wrote: Hi haproxy list, For testing purposes i am trying to 'modify' a response of a webserver but only having limited success. Is this su

Re: core dump, lua service, 1.6-dev6 ss-20150930

2015-10-11 Thread PiBa-NL
Hi All, Op 7-10-2015 om 0:31 schreef PiBa-NL: Hi Thierry, Op 6-10-2015 om 9:47 schreef Thierry FOURNIER: On Mon, 5 Oct 2015 21:04:08 +0200 PiBa-NL <piba.nl@gmail.com> wrote: Hi Thierry, Hi Pieter, With or without "option http-server-close" does not seem to make any di

Re: core dump, lua service, 1.6-dev6 ss-20150930

2015-10-12 Thread PiBa-NL
Hi Willy, Op 12-10-2015 om 7:28 schreef Willy Tarreau: Hi Pieter, On Mon, Oct 12, 2015 at 01:22:48AM +0200, PiBa-NL wrote: #1 0x00417388 in buffer_slow_realign (buf=0x7d3c90) at src/buffer.c:166 block1 = -3306 block2 = 0 I'm puzzled by this above, no block

Re: core dump, lua service, 1.6-dev6 ss-20150930

2015-10-05 Thread PiBa-NL
hod embbed a limitation: if some servers are declared in the backend, the "option http-server-close" forbid the keepalive between haproxy and the serveur. Can you test with this option ? Thierry On Thu, 1 Oct 2015 23:00:45 +0200 Cyril Bonté <cyril.bo...@free.fr> wrote

Re: core dump, lua service, 1.6-dev6 ss-20150930

2015-10-12 Thread PiBa-NL
Hi Willy, Op 12-10-2015 om 23:06 schreef Willy Tarreau: Hi Pieter, On Mon, Oct 12, 2015 at 10:29:05PM +0200, PiBa-NL wrote: Been running some more tests with the information that req->buf->i should be >= 0. What i find is that after 1 request i already see rqh=-103 , it s

Re: core dump, lua service, 1.6-dev6 ss-20150930

2015-10-06 Thread PiBa-NL
Hi Thierry, Op 6-10-2015 om 9:47 schreef Thierry FOURNIER: On Mon, 5 Oct 2015 21:04:08 +0200 PiBa-NL <piba.nl@gmail.com> wrote: Hi Thierry, Hi Pieter, With or without "option http-server-close" does not seem to make any difference. Sure, it is only an answer to the

Re: core dump, lua service, 1.6-dev6 ss-20150930

2015-10-13 Thread PiBa-NL
ported the issue..) Anyway i burned some more hours on both your and my side than was probably needed. One more issue gone :) Thanks for the support! PiBa-NL

  1   2   3   4   >