> Attached is a patch that should work but doesn't. (bare with me, I'm in
> unknown codebase territory here).
>
> I also tried to match directly using req.payload, and I can't get the
> ACL to match:
> acl tls12 req.payload(9,2) -m bin 0303

"req.payload(9,2) -m bin 0303" is imho correct, this should work.
You did configure inspect-delay [1], right? Something like:
tcp-request inspect-delay 2s


Regards,

Lukas

[1] 
http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#4.2-tcp-request%20inspect-delay

                                          

Reply via email to