Date: Wed, 13 May 2020 23:57:19 +0200 From: Leander Schaefer <info@NetOcean.de> To: freebsd-ipfw@freebsd.org Subject: HAProxy - Transparent Binding Message-ID: <03e53a4c-7afa-1d38-3b00-3a9519b62eda@NetOcean.de>
next in thread | raw e-mail | index | archive | help
Hello, I need to have transparent binding for my haproxy. Therefore I found a tutorial for Linux: https://www.haproxy.com/de/blog/howto-transparent-proxying-and-binding-with-haproxy-and-aloha-load-balancer/ Do you perhaps know the equivilant kernel options for FreeBSD: - CONFIG_NETFILTER_TPROXY - CONFIG_NETFILTER_XT_TARGET_TPROXY or if there is even any change required in the kernel of the latest FreeBSD 12.1-RELEASE to achieve the same goal? # iptables rules: iptables -t mangle -N DIVERT iptables -t mangle -A PREROUTING -p tcp -m socket -j DIVERT iptables -t mangle -A DIVERT -j MARK --set-mark 1 iptables -t mangle -A DIVERT -j ACCEPT # IP route rules: ip rule add fwmark 1 lookup 100 ip route add local 0.0.0.0/0 dev lo table 100 # HAProxy conf: # Transparent binding can be configured like this: [...] frontend ft_application bind 1.1.1.1:80 transparent [...] # Transparent proxying can be configured like this: [...] backend bk_application source 0.0.0.0 usesrc clientip [...]
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?03e53a4c-7afa-1d38-3b00-3a9519b62eda>