Hi Jinge,
Im not exactly sure how this is supposed to work.. did manage to get
transparent proxy for the server side working.. (the server is presented
with a connection from original client ip.) This works with haproxy
1.5dev19 on FreeBSD8.3 with help of some ipfw fwd rules..
Your config also seams to be working (used some parts their-of to test..)
Did require the following ipfw rule for me..:
ipfw add 90 fwd localhost tcp from any to any 2222 in recv em1
Actually on pfSense it also needs "-x haproxy" as it is a bit
customized.. And because i run 'ipfw' combined with 'pf' i also needed
to configure pf with floating 'pass on match' rules to allow the
'strange traffic'.. That pf cannot handle..
If you however have FreeBSD 9 you might want to look into the divert-to
rules that pf can make. Might make stuff simpler if it turns out to work..
Please report back your required settings (&config if it changes) when
you manage to get it working.
Greetings PiBa-NL
Op 9-7-2013 12:55, jinge schreef:
Hi,all!
We use haproxy and FreeBSD for our cache system. And we want to use
the transparent option
http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4-option%20transparent which
for some compatiable things.
But found it doest work. Here is the configure which worked in Ubuntu.
frontend tcp-in
bind :2222
mode tcp
log global
option tcplog
#distingush HTTP and non-HTTP
tcp-request inspect-delay 30s
tcp-request content accept if HTTP
default_backend Direct
backend Direct
mode tcp
log global
option tcplog
no option httpclose
no option http-server-close
no option accept-invalid-http-response
option transparent
Can anyone tell my if is the FreeBSD can not support transparent here
or my configure is not correct ? And how to make transparent work right.
Thanks!
Regards
Jinge
