Re: how to serve inline flash policy
I have not tried this conf, but I would be keen to know if it helped you :) Thanks a lot! Just made a copy of default backend, put that copy and frontend in tcp mode and it worked. Am testing stickiness (i use cookie based one). This example should go to haproxy ./examples --Vladimir
Re: how to serve inline flash policy
If you send cookies with your XML requests, then this is doable too :) But with the 1.5-dev branch only which is able to learn the cookie string and to store it into a stick table. I see. That way you learn the cookie from the HTTP backend and you keep stickiness on it in the XML backend. Well, I don't need stickiness in XML backend. The whole play with tcp mode is too let _raw_ TCP requests pass to the same backend as HTTP requests go... Pity, I loose forwardfor option is frontend -- this is really needed. Is there ever a way to analyze raw content of request buffer in http mode? What I need is to route requests starting with policy-file-request/NULL to the default backend.
Re: how to serve inline flash policy
since your request is not RFC compliant, HAProxy will drop it. You may give a try with the option accept-invalid-http-request on the frontend definition. cheers On Fri, Sep 16, 2011 at 10:42 AM, Vladimir Dronnikov dronni...@gmail.com wrote: If you send cookies with your XML requests, then this is doable too :) But with the 1.5-dev branch only which is able to learn the cookie string and to store it into a stick table. I see. That way you learn the cookie from the HTTP backend and you keep stickiness on it in the XML backend. Well, I don't need stickiness in XML backend. The whole play with tcp mode is too let _raw_ TCP requests pass to the same backend as HTTP requests go... Pity, I loose forwardfor option is frontend -- this is really needed. Is there ever a way to analyze raw content of request buffer in http mode? What I need is to route requests starting with policy-file-request/NULL to the default backend.
Re: how to serve inline flash policy
might be patchable :) I'll look at it and let you know. On Fri, Sep 16, 2011 at 10:51 AM, Vladimir Dronnikov dronni...@gmail.com wrote: since your request is not RFC compliant, HAProxy will drop it. You may give a try with the option accept-invalid-http-request on the frontend definition. Gave, with no success so far... :) Consider req_ssl_ver pattern -- it snoops into request buffer and finds the match. I need the same looking for policy.../ pattern.
Re: how to serve inline flash policy
have you turned on the proxy to mode http ? this macro might be available only in http mode. On Fri, Sep 16, 2011 at 10:51 AM, Vladimir Dronnikov dronni...@gmail.com wrote: since your request is not RFC compliant, HAProxy will drop it. You may give a try with the option accept-invalid-http-request on the frontend definition. Gave, with no success so far... :) Consider req_ssl_ver pattern -- it snoops into request buffer and finds the match. I need the same looking for policy.../ pattern.
Re: how to serve inline flash policy
i use defaults mode http Also started https://github.com/dvv/farm/blob/master/flash/acl.c -- grep for DVV tags to navigate to changes -- this may explain what i mean better
Re: how to serve inline flash policy
Hi, Can you try with the configuration below: frontend ft_application bind :80 mode tcp use_backend bk_xml if !HTTP default_backend bk_http backend bk_xml mode tcp balance roundrobin stick match src table bk_http server s1 192.168.1.1:80 track bk_http/s1 server s2 192.168.1.2:25 track bk_http/s2 backend bk_http mode http balance roundrobin stick store-request src stick-table type ip size 200k expire 30m server s1 192.168.1.1:80 check server s2 192.168.1.2:80 check Basically, if the traffic is not HTTP, the frontend will use the xml backend, otherwise, it would use the http one. The session is maintained between both backends through a stick-table. I have not tried this conf, but I would be keen to know if it helped you :) cheers On Thu, Sep 15, 2011 at 5:24 PM, Vladimir Dronnikov dronni...@gmail.com wrote: Hi! Wonder is that possible to serve inline flash policy? That is, to distinguish connections which receives 'policy-file-request/\0' (no newline is expected) and immediately respond with some xml. The problem is that such requests are _not HTTP_ ones, but they still must be served from the same host and port where the page was loaded from -- i.e. by a HTTP server. TIA, --Vladimir