On Fri, 12 Jun 2015 14:46:42 +0200
Thibault Labrut <thibault.labrut@enioka.com> wrote:
> Hi,
>
> Thx for your help.
>
> But now I’ve an other issue.
>
> When we put on a bottom in form, the url is :
> http://foo.domain.com:42/index.htm.
>
> I want rewrite url like this : http://foo.domain.com/index.htm
>
> For this operation, I use the function rspirep in backend (LB)
>
> rspirep ^Location:\ (.*):30200(.*) Location:\ \1\2
>
> But without success.
This configuration seems to be ok. Do you have more context ? A full
configuration file ?
Note that in your example you declares a port 42, and in your example,
the port 30200 is matched.
Thierry
>
> Cordialement,
> --
> Thibault Labrut
> enioka
> 24 galerie Saint-Marc
> 75002 Paris
> +33 615 700 935
> +33 144 618 314
>
> De : Thierry <thi@thierry.1s.fr>
> Date : jeudi 11 juin 2015 17:21
> À : Thibault Labrut <thibault.labrut@enioka.com>
> Cc : "haproxy@formilux.org" <haproxy@formilux.org>
> Objet : Re: Need help about ACLs settings
>
> On Thu, 11 Jun 2015 16:51:14 +0200
> Thibault Labrut <thibault.labrut@enioka.com> wrote:
>
> > Hi Thierry,
> >
> > If I understand your propsition, my settings shourld be like this :
>
>
> You must add "option forwardfor" in the RP frontend.
>
> Thierry
>
>
>
> > > RP settings (no change)
> >
> > # Frontend
> > frontend http_test
> > bind xx.xx.xx.xx:42
> > capture request header Host len 200
> >
> > # ACL
> > acl acl_test src 12.34.56.78 (IP client)
> > use_backend test if acl_test
> >
> > # Backend
> > backend test
> > server srv_ test test.maycompany.local:42 check
> >
> > > LB settings
> > # Frontend
> > frontend http_test
> > bind xx.xx.xx.xx:42
> > capture request header Host len 200
> >
> > # ACL (new acl setting)
> > acl acl_test fhdr(x-forwarded-for) -m ipv4 12.34.56.78
> > use_backend test if acl_test
> >
> > # Backend
> > backend test
> > balance roundrobin
> > server test01 xx.xx.xx.xx:42 check
> > server test02 xx.xx.xx.xx:42 check
> >
> > Thibault Labrut.
> >
> > De : Thierry FOURNIER <tfournier@haproxy.com>
> > Date : jeudi 11 juin 2015 11:56
> > À : Thibault Labrut <t.labrut@pickup-services.com>
> > Cc : "haproxy@formilux.org" <haproxy@formilux.org>
> > Objet : Re: Need help about ACLs settings
> >
> > On Thu, 11 Jun 2015 09:06:43 +0000
> > Thibault LABRUT <t.labrut@pickup-services.com> wrote:
> >
> >> > Hello,
> >> >
> >> > I¹m going to install HA Proxy.
> >> >
> >> > My architecture is as folows :
> >> > - 2 servers in DMZ => reverse proxy (RP)
> >> > - 2 servers in LAN => Load balancing (LB)
> >> >
> >> > Several applications contact RP with different IP adress but with always
> de
> >> > same port.
> >> >
> >> > With the settings as below the connection is up :
> >> >
> >> > RP settings
> >> >
> >> > # Frontend
> >> > frontend http_test
> >> > bind xx.xx.xx.xx:42
> >> > capture request header Host len 200
> >> > default_backend test
> >> >
> >> > # Backend
> >> > backend test
> >> > server srv_ test test.maycompany.local:42 check
> >> >
> >> > LB settings
> >> >
> >> > # Frontend
> >> > frontend http_test
> >> > bind xx.xx.xx.xx:42
> >> > capture request header Host len 200
> >> > default_backend test
> >> >
> >> > # Backend
> >> > backend test
> >> > balance roundrobin
> >> > server test01 xx.xx.xx.xx:42 check
> >> > server test02 xx.xx.xx.xx:42 check
> >> >
> >> > But in this case the connection is down :
> >> >
> >> > # Frontend
> >> > frontend http_test
> >> > bind xx.xx.xx.xx:42
> >> > capture request header Host len 200
> >> >
> >> > # ACL
> >> > acl acl_test src 12.34.56.78 (IP client)
> >> > use_backend test if acl_test
> >> >
> >> > # Backend
> >> > backend test
> >> > server srv_ test test.maycompany.local:42 check
> >> >
> >> > LB settings
> >> >
> >> > # Frontend
> >> > frontend http_test
> >> > bind xx.xx.xx.xx:42
> >> > capture request header Host len 200
> >> >
> >> > # ACL
> >> > acl acl_test src 12.34.56.78
> >> > use_backend test if acl_test
> >> >
> >> > # Backend
> >> > backend test
> >> > balance roundrobin
> >> > server test01 xx.xx.xx.xx:42 check
> >> > server test02 xx.xx.xx.xx:42 check
> >> >
> >> > Can you say me what is the problem with my settings?
> >> >
> >
> >
> > Hi,
> >
> > If I understand, you have two HAProxy chained, RP is in front and LB is
> > in back.
> >
> > In this case, the connexions received by the LB load balancer cannot
> > known the original IP source, because the connexions are established by
> > the LB load balancer with its own IP.
> >
> > You can use the header "x-forwarded-for" for string the original ip
> > source. The directive is "option forwardfor". On the LB HAProxy, you
> > can use a sample taht returns the content of the header
> > x-forwarded-for, like this:
> >
> > acl acl_test fhdr(x-forwarded-for) -m ipv4 12.34.56.78
> >
> > best regards
> > Thierry
> >
> >
> >> > Best Regards,
> >> >
> >> > Thibault Labrut.
> >
> >
> >
>
>
>
--
Thierry FOURNIER <thierry.fournier@arpalert.org>
Thibault Labrut <thibault.labrut@enioka.com> wrote:
> Hi,
>
> Thx for your help.
>
> But now I’ve an other issue.
>
> When we put on a bottom in form, the url is :
> http://foo.domain.com:42/index.htm.
>
> I want rewrite url like this : http://foo.domain.com/index.htm
>
> For this operation, I use the function rspirep in backend (LB)
>
> rspirep ^Location:\ (.*):30200(.*) Location:\ \1\2
>
> But without success.
This configuration seems to be ok. Do you have more context ? A full
configuration file ?
Note that in your example you declares a port 42, and in your example,
the port 30200 is matched.
Thierry
>
> Cordialement,
> --
> Thibault Labrut
> enioka
> 24 galerie Saint-Marc
> 75002 Paris
> +33 615 700 935
> +33 144 618 314
>
> De : Thierry <thi@thierry.1s.fr>
> Date : jeudi 11 juin 2015 17:21
> À : Thibault Labrut <thibault.labrut@enioka.com>
> Cc : "haproxy@formilux.org" <haproxy@formilux.org>
> Objet : Re: Need help about ACLs settings
>
> On Thu, 11 Jun 2015 16:51:14 +0200
> Thibault Labrut <thibault.labrut@enioka.com> wrote:
>
> > Hi Thierry,
> >
> > If I understand your propsition, my settings shourld be like this :
>
>
> You must add "option forwardfor" in the RP frontend.
>
> Thierry
>
>
>
> > > RP settings (no change)
> >
> > # Frontend
> > frontend http_test
> > bind xx.xx.xx.xx:42
> > capture request header Host len 200
> >
> > # ACL
> > acl acl_test src 12.34.56.78 (IP client)
> > use_backend test if acl_test
> >
> > # Backend
> > backend test
> > server srv_ test test.maycompany.local:42 check
> >
> > > LB settings
> > # Frontend
> > frontend http_test
> > bind xx.xx.xx.xx:42
> > capture request header Host len 200
> >
> > # ACL (new acl setting)
> > acl acl_test fhdr(x-forwarded-for) -m ipv4 12.34.56.78
> > use_backend test if acl_test
> >
> > # Backend
> > backend test
> > balance roundrobin
> > server test01 xx.xx.xx.xx:42 check
> > server test02 xx.xx.xx.xx:42 check
> >
> > Thibault Labrut.
> >
> > De : Thierry FOURNIER <tfournier@haproxy.com>
> > Date : jeudi 11 juin 2015 11:56
> > À : Thibault Labrut <t.labrut@pickup-services.com>
> > Cc : "haproxy@formilux.org" <haproxy@formilux.org>
> > Objet : Re: Need help about ACLs settings
> >
> > On Thu, 11 Jun 2015 09:06:43 +0000
> > Thibault LABRUT <t.labrut@pickup-services.com> wrote:
> >
> >> > Hello,
> >> >
> >> > I¹m going to install HA Proxy.
> >> >
> >> > My architecture is as folows :
> >> > - 2 servers in DMZ => reverse proxy (RP)
> >> > - 2 servers in LAN => Load balancing (LB)
> >> >
> >> > Several applications contact RP with different IP adress but with always
> de
> >> > same port.
> >> >
> >> > With the settings as below the connection is up :
> >> >
> >> > RP settings
> >> >
> >> > # Frontend
> >> > frontend http_test
> >> > bind xx.xx.xx.xx:42
> >> > capture request header Host len 200
> >> > default_backend test
> >> >
> >> > # Backend
> >> > backend test
> >> > server srv_ test test.maycompany.local:42 check
> >> >
> >> > LB settings
> >> >
> >> > # Frontend
> >> > frontend http_test
> >> > bind xx.xx.xx.xx:42
> >> > capture request header Host len 200
> >> > default_backend test
> >> >
> >> > # Backend
> >> > backend test
> >> > balance roundrobin
> >> > server test01 xx.xx.xx.xx:42 check
> >> > server test02 xx.xx.xx.xx:42 check
> >> >
> >> > But in this case the connection is down :
> >> >
> >> > # Frontend
> >> > frontend http_test
> >> > bind xx.xx.xx.xx:42
> >> > capture request header Host len 200
> >> >
> >> > # ACL
> >> > acl acl_test src 12.34.56.78 (IP client)
> >> > use_backend test if acl_test
> >> >
> >> > # Backend
> >> > backend test
> >> > server srv_ test test.maycompany.local:42 check
> >> >
> >> > LB settings
> >> >
> >> > # Frontend
> >> > frontend http_test
> >> > bind xx.xx.xx.xx:42
> >> > capture request header Host len 200
> >> >
> >> > # ACL
> >> > acl acl_test src 12.34.56.78
> >> > use_backend test if acl_test
> >> >
> >> > # Backend
> >> > backend test
> >> > balance roundrobin
> >> > server test01 xx.xx.xx.xx:42 check
> >> > server test02 xx.xx.xx.xx:42 check
> >> >
> >> > Can you say me what is the problem with my settings?
> >> >
> >
> >
> > Hi,
> >
> > If I understand, you have two HAProxy chained, RP is in front and LB is
> > in back.
> >
> > In this case, the connexions received by the LB load balancer cannot
> > known the original IP source, because the connexions are established by
> > the LB load balancer with its own IP.
> >
> > You can use the header "x-forwarded-for" for string the original ip
> > source. The directive is "option forwardfor". On the LB HAProxy, you
> > can use a sample taht returns the content of the header
> > x-forwarded-for, like this:
> >
> > acl acl_test fhdr(x-forwarded-for) -m ipv4 12.34.56.78
> >
> > best regards
> > Thierry
> >
> >
> >> > Best Regards,
> >> >
> >> > Thibault Labrut.
> >
> >
> >
>
>
>
--
Thierry FOURNIER <thierry.fournier@arpalert.org>