Hello,
Thanks for answer. Yes, I would prefer to say no as well but I am not
the CTO here ;) I thought about tcpdump as well even if it will kill the
performance !
Anyway, I found in the ML archives some relevant informations like this
one :
https://www.mail-archive.com/haproxy@formilux.org/msg25964.html
but in my case, it logs nothing. Trying to log the req.len gives a size
of 0 for the buffer as well. I did something like that, in the frontend
section :
frontend localnode
modetcp
#option tcplog
#log global
bind192.168.1.4:4300
default_backend uxdaemon
declare capture request len 80
tcp-request inspect-delay 3s
#tcp-request content capture dst len 15
tcp-request content capture req.payload(0,80) len 80
#tcp-request content capture req.len len 80
log-format "%[capture.req.hdr(0)]"
I tried with and without the
declare capture request len 80
just in case it was required to declared the buffer prior, but I have
got nothing but a dash in the logs :/ Too, commented out "option tcp log
" and "log global" as well but no changes.
Best regards,
Florent
Le 2018-04-10 02:24, Jonathan Matthews a écrit :
On 10 April 2018 at 00:04, wrote:
Hello everybody,
For an application, I use haproxy in TCP mode but I would need to log,
from
the main load balancer machine, all the TCP transactions (incoming
packets
sent to the node then the answer that is sent back from the node to
the
client through the haproxy load balancer machine).
Is it possible to do such a thing ? I started to dig in the ML and
found few
information about capturing the tcp-request, which does not work for
now...
and I need the response as well... so preferred to ask if someone have
got
an experience doing this. Sure, it will have a performance penalty but
exhaustive logging is more important than that and it it the best
solution
to avoid a lot of changes in the existing infrastructure we just
load-balanced.
I don't believe this is possible inside haproxy right now.
If I *had* to do this, I'd start by saying "no", and then I'd work out
how to run a tcpdump process on the machine with carefully tuned
filters and a -w parameter. Then I'd drink something strong.
J