@firatnemis @SaschaITM Hi guys were you able to solve this issue? with the new pfSense would be the same concept?

@jimp said in HA-Proxy-devel broken and error in log after update to 0.63_1: Uninstall haproxy-devel, install haproxy. The PHP code is the same right now but haproxy is now using the haproxy binaries that were used by -devel before, and -devel is using something newer. Thank you!!

@jimp I appreciate you. Those old videos are great for content. I have this one deployment at a rural school. I can host an apache instance and i remember this squidguard video from a year ago where you could have a custom page for blocking. Your code works beautifully. Thanks again. edit: I love the GIF...but had to get rid of it :)

how any feedback guys?

@PepperDeb said in HAproxy (type = tcp): I don't want to have the port open available for both domain. That a wrong point of view. You open the port just on an IP, not on domains. Ports are part of the IP protocol and a single port - IP combination can be used for a single service to listen on. Domains can be resolved to IP addresses by DNS to get use of it by the IP protocol, and there is no limit on domains you can point on a single IP. It's just the HTTP protocol that can determine the domain name by the host header, but this happens on layer 7 within the service itself (which is listening on an IP - port combination).

@jpattard splice the connections for teams.

I haven't seen that error here but you might try uninstalling the package and reinstalling it to be sure it has proper content. The function it's talking about is static, so I'm not sure why it might be saying it's not unless your copy of that file is somehow wrong. Also worth trying to move from haproxy-devel to haproxy though the PHP code is the same in both right now, so if there is a problem it may be the same in both places.

Uninstall haproxy-devel, install haproxy.

@JonathanLee This post is not mine :-).

@jc1976 I personally do not know how I am on 7.2 I just use the standard packages. I have used pkg update and pkg upgrade in the shell but I do not think that would cause it.

@Sweety I normally bypass microsoft IPs from SQUID in MITM mode, is not necessary to check it with squid. This list helps me: https://learn.microsoft.com/en-us/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-worldwide I add this to a alias and latter I add this alias into squid bypass "Bypass Proxy for These Destination IPs" and let that alias pass by firewall rules. Let me know if this helps u, regards!!!

@michmoor: Update to 0.63_1 went through without problems, error has been eliminated. Many thanks for the quick help!

solved it. the cause was the primary frontend was disabled. All is working now! Thanks! Stefan

@viktor_g Hi Viktor, I have been using HA for quite sometime, but have been puzzled how to configure Squid because I am also using pfBlocker. pfBlocker does not display HA addresses. After reading your post I am assuming that the LAN of pfBlocker will find its way to the right HA interface. There is always something new to learn, one of my employees said today, and I seem always to be a newbie in some area. However exposing my ignorance has taught me a great deal. From your post, could you please explain in case of IPv4, it's easier to use port forward to 127.0.0.1:3128: Bind Squid to Loopback (127.0.0.1) interface. Create a port forward from <CARP IP>:3128 to 127.0.0.1:3128. Have your users hit <CARP IP>:3128. I would like to know the why and the how. I think I know what is going on here and even how to do it, but I have not spent much time doing Squid for a while and want to be sure. Why is it a good idea to do this? Where do I bind Squid to Loopback? maybe obvious but guessing gets me into trouble. I have several HA LANs. There is only one mapping here. Can I map multiple addresses to 127.0.0.1? Having my users "hit" the CARP address happens automatically I think. Thanks for your patience and help. Roy

I'm resurrecting this old thread because I am experiencing the same issue (HAProxy will not automatically start on reboot) and, like the OP, I can't seem to find any diagnostics and/or logs that might explain why. I'm running CE 2.7 and HAProxy 0.61_11. After reboot, I can start and stop HAProxy normally. If anyone has a suggestion on where to look and/or how to gather some problem determination info, I'd appreciate it.