I've tried to use webserver through public interface on the same ip class of haproxy: it doesn't work.... :-( Thanks, Carlo
_____ Da: John Lauro [mailto:john.la...@covenanteyes.com] Inviato: lunedì 11 maggio 2009 14.42 A: 'Carlo Granisso'; haproxy@formilux.org Oggetto: RE: Transparent proxy Its a little different config than I have, but it looks ok to me Whats haproxy vv give? I have: [r...@haf1 etc]# haproxy -vv HA-Proxy version 1.3.15.7 2008/12/04 Copyright 2000-2008 Willy Tarreau <w...@1wt.eu> Build options : TARGET = linux26 CPU = generic CC = gcc CFLAGS = -O2 -g OPTIONS = USE_LINUX_TPROXY=1 (I know, I am a little behind, but if its not broke ) When you say, haproxy says 503 , I assume it doesnt actually say that but thats what a web browser gets back from it? I assume the web servers have the haproxys private IP address as their default route? If they are going to some other device as a NAT gateway, that will not work Do they show a SYN_RECV or ESTABLISHED connection from the public client trying to connect? From: Carlo Granisso [mailto:c.grani...@dnshosting.it] Sent: Monday, May 11, 2009 7:06 AM To: haproxy@formilux.org Subject: Transparent proxy Hello everybody, I have a problem with haproxy (1.3.17) and kernel 2.6.29 I have successfully recompiled my kernel with TPROXY modules and installed haproxy (compiled from source with tproxy option enabled) and installed iptables 1.4.3 (that have tproxy patch). Now I can't use transparent proxy function: if I leave in haproxy.cfg this line "source 0.0.0.0 usesrc clientip" haproxy say "503 - Service unavailable". If I comment out the line, everything work fine (without transparent proxy). My situation: haproxy with two ethernet device: first one for public IP, sceond one for private IP (192.168.XX.XX) two web server with one ethernet for each one connected to my private network. Have you got ideas or you can provide me examples? Thanks, Carlo No virus found in this incoming message. Checked by AVG - www.avg.com Version: 8.5.320 / Virus Database: 270.12.10/2088 - Release Date: 05/05/09 13:07:00 No virus found in this incoming message. Checked by AVG - www.avg.com Version: 8.5.238 / Virus Database: 270.12.24/2107 - Release Date: 05/10/09 07:02:00