OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of Stealthbird97 »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - Stealthbird97

Pages: [1]
1
19.7 Legacy Series / Re: HAProxy - Why won't my rules work...
« on: August 14, 2019, 11:37:49 am »
Hi,
I've had a look and it's not my servers losing connection. They are showing no downtime in Status.
However, I setup a separate server and install haproxy, and copied over only the essential configuration that OPNsense generated so try and diagnose the issue.
I was still getting the same problem, so I asked on the haproxy community regarding the rules.

Apparently, you need to wait for a client hello to complete before trying to match on the SNI like I am trying to do.
Code: [Select]
# Wait for a client hello for at most 5 seconds
tcp-request inspect-delay 5s
tcp-request content accept if { req_ssl_hello_type 1 }
I have added these using option passthrough and things are now working as expected.. Though, I wonder why (if this is required) that this is not automatically configured... Maybe I am missing an option or something?

Kind Regards
Cori

2
19.7 Legacy Series / Re: HAProxy - Why won't my rules work...
« on: August 13, 2019, 06:34:47 pm »
So, after further work, I'm getting frequent, though intermittent "empty response" errors now. Unless I set the default back end.

3
19.7 Legacy Series / Re: HAProxy - Why won't my rules work...
« on: August 13, 2019, 01:59:58 pm »
Ah, that seems to have been the issue.
Don't know what but I thought that option was for something else. Though it was 2am so that might explain it..
Many thanks.

4
19.7 Legacy Series / HAProxy - Why won't my rules work...
« on: August 13, 2019, 02:51:58 am »
Hi, I appear to be having issues with HAProxy.

For whatever reason my condition do not seem to work and I do not know why.

I have my Real Servers, Backend pools and public services setup.

I have a condition using "Host Ends With" mydomain.co.uk (for example)

I have a rule using the above condition "Use Backend Server" MyServer

Ports are forwarded as necessary, and when I then try to connect to "http://mydomain.co.uk" in the browser, it does not go to the website... Just gives a connection error.

If I set the Public Service default backend to MyServer it does work (so this indicates that the rules/conditions are not working, rather than the server config).

Any ideas on this?

I can provide the config files (however I have no idea where to find them so please advice where to find them)

Kind Regards
Cori

P.S. The documentation page regarding HAProxy is waaaayyy out of date to the extent its basically unusable unless you already know what you're doing.


Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2