Hi Dave.
Thank you for your test and feedback.
When you put this line into backend, will this be better?
```
tcp-request connection upstream-proxy-header HOST www.httpbun.com
```
Regards
Alex
On 2024-06-11 (Di.) 23:52, Dave Cottlehuber wrote:
On Mon, 10 Jun 2024, at 22:09, Aleksandar Lazic wrote:
It is now possible to set via "tcp-request connection upstream-proxy-header"
headers for the upstream proxy
```
tcp-request connection upstream-proxy-header Host www.test1.com
tcp-request connection upstream-proxy-header Proxy-Authorization "basic
base64-value"
```
Thanks Alex!
## sending CONNECT & headers
A simple `listen` server works, but a split frontend/backend one doesn't,
no headers are present in tcpdump/ngrep nor in debug.
I read the header iteration function and I'm not sure what the difference
is, I guess the backend doesn't see the frontend header structure?
### works
listen stream_fe
bind :::443 v4v6
mode tcp
option tcplog
tcp-request connection upstream-proxy-header HOST www.httpbun.com
server stream www.httpbun.com:443 upstream-proxy-tunnel 123.45.67.89:8000
## headers missing when split frontend/backend
frontend stream_fe
bind :::443 v4v6
mode tcp
option tcplog
tcp-request connection upstream-proxy-header HOST www.httpbun.com
default_backend stream_be
backend stream_be
server stream www.httpbun.com:443 upstream-proxy-tunnel 123.45.67.89:8000
In the failing case, `mtrash->orig` shows it as empty, when I uncomment
your DPRINTF line. Looking at starutp log it captures the header from
the config correctly:
==== debug ========
... config phase ...
Header name :HOST:
Header value :www.httpbun.com:
name :HOST:
value :www.httpbun.com:
.... so far so good...
... proxy phase ...
HTTP TUNNEL SEND start
proxy->id :stream_be:
hostname: www.httpbun.com
trash->data :38:
connect_length :39:
trash->data :40:
trash->orig :CONNECT www.httpbun.com:443 HTTP/1.1
... there should be more in orig here ...
====================
the working single listen version shows iterating over the headers:
list each name :HOST:
list each value :www.httpbin.org:
Built with:
$ gmake -j32 USE_ZLIB=1 USE_OPENSSL=1 USE_THREAD=1 USE_STATIC_PCRE2=1
USE_PCRE2_JIT=1 TARGET=freebsd DEFINE='-DFREEBSD_PORTS -DDEBUG_FULL'
Run with:
$ ./haproxy -d -db -V -f /usr/local/etc/haproxy/haproxy.conf
Either way, I didn't get to make a tcp connection through, this might need some
more tcpdump work tomorrow.
A+
Dave