Re: Transparent TCP LoadBalancing on FreeBSD
Hi, On Thu, May 02, 2013 at 07:16:25PM +0200, PiBa-NL wrote: > Hi ZeN & Willy, > > To use transparent proxying on FreeBSD you currently need to compile > with "USE_LINUX_TPROXY=yes". > And make a few changes to the source code (else it wont compile). > As a "quick and dirty fix" you could (manually?) apply this patch [1]: > http://marc.info/?l=haproxy&m=136700170314757&w=2 > > For the better/cleaner fix this one should be usable [2]: > http://marc.info/?l=haproxy&m=136707895800761&w=2 , which is what i > would like to get committed to the main HAProxy source tree. > @Willy could you take a look at the patch attached to that mail [2] ? sorry, I missed it. I'll give it a look and merge it if it's OK. Thanks, Willy
Re: Transparent TCP LoadBalancing on FreeBSD
Hi PiBa, i will try those patch to day, i will let you know when it done.. TIA On 5/3/13 12:16 AM, PiBa-NL wrote: Hi ZeN & Willy, To use transparent proxying on FreeBSD you currently need to compile with "USE_LINUX_TPROXY=yes". And make a few changes to the source code (else it wont compile). As a "quick and dirty fix" you could (manually?) apply this patch [1]: http://marc.info/?l=haproxy&m=136700170314757&w=2 For the better/cleaner fix this one should be usable [2]: http://marc.info/?l=haproxy&m=136707895800761&w=2 , which is what i would like to get committed to the main HAProxy source tree. @Willy could you take a look at the patch attached to that mail [2] ? Greets, PiBa-NL Op 2-5-2013 5:13, ZeN schreef: Dear Users, sorry if i open new thread, but i really want to solve this problem.. i manage to compile haproxy via port using TPROXY : haproxy -vv HA-Proxy version 1.5-dev18 2013/04/03 Copyright 2000-2013 Willy Tarreau Build options : TARGET = freebsd CPU = generic CC = cc CFLAGS = -O2 -pipe -fno-strict-aliasing -DFREEBSD_PORTS OPTIONS = USE_TPROXY=1 USE_GETADDRINFO=1 USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1 Default settings : maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200 Encrypted password support via crypt(3): yes Built with zlib version : 1.2.7 Compression algorithms supported : identity, deflate, gzip Built with OpenSSL version : OpenSSL 0.9.8y 5 Feb 2013 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports prefer-server-ciphers : yes but when i started the service with the "source 0.0.0.0 usesrc clientip" option, the haproxy wont start with this messages: parsing [/usr/local/etc/haproxy.conf:28] : 'usesrc' not allowed here because support for TPROXY was not compiled in. what i should i do to make haproxy compile with transparent option? Rgds ZeN
Re: Transparent TCP LoadBalancing on FreeBSD
Hi ZeN & Willy, To use transparent proxying on FreeBSD you currently need to compile with "USE_LINUX_TPROXY=yes". And make a few changes to the source code (else it wont compile). As a "quick and dirty fix" you could (manually?) apply this patch [1]: http://marc.info/?l=haproxy&m=136700170314757&w=2 For the better/cleaner fix this one should be usable [2]: http://marc.info/?l=haproxy&m=136707895800761&w=2 , which is what i would like to get committed to the main HAProxy source tree. @Willy could you take a look at the patch attached to that mail [2] ? Greets, PiBa-NL Op 2-5-2013 5:13, ZeN schreef: Dear Users, sorry if i open new thread, but i really want to solve this problem.. i manage to compile haproxy via port using TPROXY : haproxy -vv HA-Proxy version 1.5-dev18 2013/04/03 Copyright 2000-2013 Willy Tarreau Build options : TARGET = freebsd CPU = generic CC = cc CFLAGS = -O2 -pipe -fno-strict-aliasing -DFREEBSD_PORTS OPTIONS = USE_TPROXY=1 USE_GETADDRINFO=1 USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1 Default settings : maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200 Encrypted password support via crypt(3): yes Built with zlib version : 1.2.7 Compression algorithms supported : identity, deflate, gzip Built with OpenSSL version : OpenSSL 0.9.8y 5 Feb 2013 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports prefer-server-ciphers : yes but when i started the service with the "source 0.0.0.0 usesrc clientip" option, the haproxy wont start with this messages: parsing [/usr/local/etc/haproxy.conf:28] : 'usesrc' not allowed here because support for TPROXY was not compiled in. what i should i do to make haproxy compile with transparent option? Rgds ZeN
Transparent TCP LoadBalancing on FreeBSD
Dear Users, sorry if i open new thread, but i really want to solve this problem.. i manage to compile haproxy via port using TPROXY : haproxy -vv HA-Proxy version 1.5-dev18 2013/04/03 Copyright 2000-2013 Willy Tarreau Build options : TARGET = freebsd CPU = generic CC = cc CFLAGS = -O2 -pipe -fno-strict-aliasing -DFREEBSD_PORTS OPTIONS = USE_TPROXY=1 USE_GETADDRINFO=1 USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1 Default settings : maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200 Encrypted password support via crypt(3): yes Built with zlib version : 1.2.7 Compression algorithms supported : identity, deflate, gzip Built with OpenSSL version : OpenSSL 0.9.8y 5 Feb 2013 OpenSSL library supports TLS extensions : yes OpenSSL library supports SNI : yes OpenSSL library supports prefer-server-ciphers : yes but when i started the service with the "source 0.0.0.0 usesrc clientip" option, the haproxy wont start with this messages: parsing [/usr/local/etc/haproxy.conf:28] : 'usesrc' not allowed here because support for TPROXY was not compiled in. what i should i do to make haproxy compile with transparent option? Rgds ZeN
