Am Thu, 4 May 2017 08:57:41 +0200
schrieb Baptiste :
> On Thu, May 4, 2017 at 8:50 AM, Aleksandar Lazic
> wrote:
>
> > Hi.
> >
> > awsome timing because nginx just released his WAF also ;-).
> >
> > https://www.nginx.com/blog/modsecurity-waf-released/
>
>
On Thu, May 4, 2017 at 8:50 AM, Aleksandar Lazic wrote:
> Hi.
>
> awsome timing because nginx just released his WAF also ;-).
>
> https://www.nginx.com/blog/modsecurity-waf-released/
>
>
Well, you can't compare a proprietary product with an open source one!
And here, we see
Hi.
awsome timing because nginx just released his WAF also ;-).
https://www.nginx.com/blog/modsecurity-waf-released/
Now we only need to give Willy the time and chance to work on
HTTP/2 to have this feature also in haproxy ;-)
Regards
Aleks
Am Thu, 27 Apr 2017 23:10:15 +0200
schrieb Thierry
> On 27 Apr 2017, at 18:53, Aleksandar Lazic wrote:
>
> Hi Willy.
>
> Am 27-04-2017 12:05, schrieb Willy Tarreau:
>> Hi Thierry,
>> On Thu, Apr 20, 2017 at 03:05:35PM +0200, Thierry Fournier wrote:
>>> Hi,
>>> After a quick private brainstorm, Willy propose to me a new
Hi Willy.
Am 27-04-2017 12:05, schrieb Willy Tarreau:
Hi Thierry,
On Thu, Apr 20, 2017 at 03:05:35PM +0200, Thierry Fournier wrote:
Hi,
After a quick private brainstorm, Willy propose to me a new binary
encoding
for the headers. It is useless to give the numbers of headers
contained in
the
Hi Thierry,
On Thu, Apr 20, 2017 at 03:05:35PM +0200, Thierry Fournier wrote:
> Hi,
>
> After a quick private brainstorm, Willy propose to me a new binary encoding
> for the headers. It is useless to give the numbers of headers contained in
> the block, so the end of headers is marked by an
> On 23 Apr 2017, at 15:19, Aleksandar Lazic wrote:
>
> Hi Thierry
>
> Am 20-04-2017 15:05, schrieb Thierry Fournier:
>> Hi,
>> After a quick private brainstorm, Willy propose to me a new binary encoding
>> for the headers. It is useless to give the numbers of headers
Hi Thierry
Am 20-04-2017 15:05, schrieb Thierry Fournier:
Hi,
After a quick private brainstorm, Willy propose to me a new binary
encoding
for the headers. It is useless to give the numbers of headers contained
in
the block, so the end of headers is marked by an empty header (header
name
Am 19-04-2017 11:24, schrieb Thierry Fournier:
On 19 Apr 2017, at 09:16, Aleksandar Lazic wrote:
Am 19-04-2017 05:51, schrieb Willy Tarreau:
On Tue, Apr 18, 2017 at 11:55:46PM +0200, Aleksandar Lazic wrote:
Why not reuse the upcoming http/2 format.
HTTP/2 is *easy* to
Hi,
There is a new lot of patches for the spoa/modescurity contrib.
Thierry
On Wed, 19 Apr 2017 11:24:36 +0200
Thierry Fournier wrote:
>
> > On 19 Apr 2017, at 09:16, Aleksandar Lazic wrote:
> >
> >
> >
> > Am 19-04-2017 05:51, schrieb Willy
> On 19 Apr 2017, at 09:16, Aleksandar Lazic wrote:
>
>
>
> Am 19-04-2017 05:51, schrieb Willy Tarreau:
>> On Tue, Apr 18, 2017 at 11:55:46PM +0200, Aleksandar Lazic wrote:
>>> Why not reuse the upcoming http/2 format.
>>> HTTP/2 is *easy* to parse and the implementations
Am 19-04-2017 05:51, schrieb Willy Tarreau:
On Tue, Apr 18, 2017 at 11:55:46PM +0200, Aleksandar Lazic wrote:
Why not reuse the upcoming http/2 format.
HTTP/2 is *easy* to parse and the implementations of servers are
growing?
Are you kidding ? I mean you want everyone to have to implement
On Tue, Apr 18, 2017 at 11:55:46PM +0200, Aleksandar Lazic wrote:
> Why not reuse the upcoming http/2 format.
> HTTP/2 is *easy* to parse and the implementations of servers are growing?
Are you kidding ? I mean you want everyone to have to implement HPACK etc ?
> I know this is still on the todo
Am 18-04-2017 15:10, schrieb Willy Tarreau:
On Tue, Apr 18, 2017 at 02:59:20PM +0200, Christopher Faulet wrote:
Le 18/04/2017 à 14:40, Willy Tarreau a écrit :
> On Tue, Apr 18, 2017 at 12:15:20PM +0200, Christopher Faulet wrote:
> > I finally took the time to review your patches, mainly the
On Tue, Apr 18, 2017 at 02:59:20PM +0200, Christopher Faulet wrote:
> Le 18/04/2017 à 14:40, Willy Tarreau a écrit :
> > On Tue, Apr 18, 2017 at 12:15:20PM +0200, Christopher Faulet wrote:
> > > I finally took the time to review your patches, mainly the second one,
> > > about
> > > the sample
Le 18/04/2017 à 14:40, Willy Tarreau a écrit :
On Tue, Apr 18, 2017 at 12:15:20PM +0200, Christopher Faulet wrote:
I finally took the time to review your patches, mainly the second one, about
the sample fetch. I think it would be pity to introduced such complex sample
fetch. All parts, except
On Tue, Apr 18, 2017 at 12:15:20PM +0200, Christopher Faulet wrote:
> I finally took the time to review your patches, mainly the second one, about
> the sample fetch. I think it would be pity to introduced such complex sample
> fetch. All parts, except the HTTP headers, are already available in
>
Le 12/04/2017 à 10:49, Christopher Faulet a écrit :
Le 11/04/2017 à 10:49, Thierry Fournier a écrit :
Hi list
I join one usage of HAProxy / SPOE, it is WAF offloading.
These patches are a first version, it have some limitations describe
in the README file in the directory contrib/modsecurity.
Hi Willy.
Am 14-04-2017 11:41, schrieb Willy Tarreau:
Hi Aleks,
On Fri, Apr 14, 2017 at 10:25:56AM +0200, Aleksandar Lazic wrote:
Willy can you please commit this patches.
I'm fine with this, but I prefer to give some time to Christopher to
review this, as Thierry asked. It can take quite
Hi Aleks,
On Fri, Apr 14, 2017 at 10:25:56AM +0200, Aleksandar Lazic wrote:
> Willy can you please commit this patches.
I'm fine with this, but I prefer to give some time to Christopher to
review this, as Thierry asked. It can take quite some time since the
purpse of cutting the development
On Thu, Apr 13, 2017 at 01:17:07PM +0200, Christopher Faulet wrote:
> The hello-handshake is done only once, when a new connection with a SPOA is
> opened. But we can improve the SPOP by adding a new frame type to handle
> admin tasks (like graceful stop). This way, for a specific connection, it
>
Hi.
Am 13-04-2017 02:06, schrieb Aleksandar Lazic:
Am 12-04-2017 23:33, schrieb Aleksandar Lazic:
Am 12-04-2017 21:28, schrieb thierry.fourn...@arpalert.org:
On Wed, 12 Apr 2017 21:21:58 +0200
Aleksandar Lazic wrote:
[snipp]
Do you have the patches as files where I
Le 13/04/2017 à 12:53, Thierry Fournier a écrit :
On 13 Apr 2017, at 12:28, Willy Tarreau wrote:
On Thu, Apr 13, 2017 at 12:21:20PM +0200, Thierry Fournier wrote:
.) the patches apply only on haproxy 1.8 because some files does not exists on
1.7 ( e. g. include/proto/spoe.h )
> On 13 Apr 2017, at 12:28, Willy Tarreau wrote:
>
> On Thu, Apr 13, 2017 at 12:21:20PM +0200, Thierry Fournier wrote:
>>> .) the patches apply only on haproxy 1.8 because some files does not exists
>>> on 1.7 ( e. g. include/proto/spoe.h )
>>
>>
>> Ok. I think that SPOE was
On Thu, Apr 13, 2017 at 12:21:20PM +0200, Thierry Fournier wrote:
> > .) the patches apply only on haproxy 1.8 because some files does not exists
> > on 1.7 ( e. g. include/proto/spoe.h )
>
>
> Ok. I think that SPOE was introduced in 1.7, obviously I'm wrong.
No, it was introduced in 1.7 but
> On 13 Apr 2017, at 02:06, Aleksandar Lazic wrote:
>
>
>
> Am 12-04-2017 23:33, schrieb Aleksandar Lazic:
>> Am 12-04-2017 21:28, schrieb thierry.fourn...@arpalert.org:
>>> On Wed, 12 Apr 2017 21:21:58 +0200
>>> Aleksandar Lazic wrote:
>
> [snipp]
>
Am 12-04-2017 23:33, schrieb Aleksandar Lazic:
Am 12-04-2017 21:28, schrieb thierry.fourn...@arpalert.org:
On Wed, 12 Apr 2017 21:21:58 +0200
Aleksandar Lazic wrote:
[snipp]
Do you have the patches as files where I can download it?
It's easier for docker to call a
Am 12-04-2017 21:28, schrieb thierry.fourn...@arpalert.org:
On Wed, 12 Apr 2017 21:21:58 +0200
Aleksandar Lazic wrote:
Hi.
Am 12-04-2017 10:08, schrieb Thierry Fournier:
>> On 12 Apr 2017, at 09:57, Aleksandar Lazic wrote:
>>
>>
>>
>> Am 11-04-2017
On Wed, 12 Apr 2017 21:21:58 +0200
Aleksandar Lazic wrote:
> Hi.
>
> Am 12-04-2017 10:08, schrieb Thierry Fournier:
> >> On 12 Apr 2017, at 09:57, Aleksandar Lazic wrote:
> >>
> >>
> >>
> >> Am 11-04-2017 10:49, schrieb Thierry Fournier:
> >>> Hi list
Hi.
Am 12-04-2017 10:08, schrieb Thierry Fournier:
On 12 Apr 2017, at 09:57, Aleksandar Lazic wrote:
Am 11-04-2017 10:49, schrieb Thierry Fournier:
Hi list
I join one usage of HAProxy / SPOE, it is WAF offloading.
These patches are a first version, it have some
Le 11/04/2017 à 10:49, Thierry Fournier a écrit :
Hi list
I join one usage of HAProxy / SPOE, it is WAF offloading.
These patches are a first version, it have some limitations describe
in the README file in the directory contrib/modsecurity.
- Christopher, please check the patch "BUG/MINOR",
> On 12 Apr 2017, at 09:57, Aleksandar Lazic wrote:
>
>
>
> Am 11-04-2017 10:49, schrieb Thierry Fournier:
>> Hi list
>> I join one usage of HAProxy / SPOE, it is WAF offloading.
>> These patches are a first version, it have some limitations describe
>> in the README file
Am 11-04-2017 10:49, schrieb Thierry Fournier:
Hi list
I join one usage of HAProxy / SPOE, it is WAF offloading.
These patches are a first version, it have some limitations describe
in the README file in the directory contrib/modsecurity.
- Christopher, please check the patch "BUG/MINOR",
> On 11 Apr 2017, at 11:24, Olivier Doucet wrote:
>
> Hi Thierry,
>
>
>
> 2017-04-11 10:49 GMT+02:00 Thierry Fournier :
> Hi list
>
> I join one usage of HAProxy / SPOE, it is WAF offloading.
>
> These patches are a first version, it have some
Hi Thierry,
2017-04-11 10:49 GMT+02:00 Thierry Fournier :
> Hi list
>
> I join one usage of HAProxy / SPOE, it is WAF offloading.
>
> These patches are a first version, it have some limitations describe
> in the README file in the directory contrib/modsecurity.
>
> -
35 matches
Mail list logo