Hi ZeN & Willy,

To use transparent proxying on FreeBSD you currently need to compile with "USE_LINUX_TPROXY=yes".
And make a few changes to the source code (else it wont compile).
As a "quick and dirty fix" you could (manually?) apply this patch [1]: http://marc.info/?l=haproxy&m=136700170314757&w=2

For the better/cleaner fix this one should be usable [2]: http://marc.info/?l=haproxy&m=136707895800761&w=2 , which is what i would like to get committed to the main HAProxy source tree.
@Willy could you take a look at the patch attached to that mail [2] ?

Greets,
PiBa-NL

Op 2-5-2013 5:13, ZeN schreef:
Dear Users,
sorry if i open new thread,
but i really want to solve this problem..
i manage to compile haproxy via port using TPROXY :

haproxy -vv
HA-Proxy version 1.5-dev18 2013/04/03
Copyright 2000-2013 Willy Tarreau <w...@1wt.eu>

Build options :
  TARGET  = freebsd
  CPU     = generic
  CC      = cc
  CFLAGS  = -O2 -pipe -fno-strict-aliasing -DFREEBSD_PORTS
OPTIONS = USE_TPROXY=1 USE_GETADDRINFO=1 USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1

Default settings :
  maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200

Encrypted password support via crypt(3): yes
Built with zlib version : 1.2.7
Compression algorithms supported : identity, deflate, gzip
Built with OpenSSL version : OpenSSL 0.9.8y 5 Feb 2013
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports prefer-server-ciphers : yes


but when i started the service with the "source 0.0.0.0 usesrc clientip" option, the haproxy wont start with this messages:

parsing [/usr/local/etc/haproxy.conf:28] : 'usesrc' not allowed here because support for TPROXY was not compiled in.

what i should i do to make haproxy compile with transparent option?



Rgds

ZeN



Reply via email to