Quantcast
Channel: HAProxy community - Latest topics
Viewing all 4849 articles
Browse latest View live

Httpchk when server maxconn has been reached

January 31, 2017, 11:55 am
$
0
0

@timdaman wrote:

Given the following configuration 

listen input
    bind :80
    bind :443 ssl crt /ssl.pem no-sslv3
    mode http
    option forwardfor

    option httpchk /index.php
    http-check expect string 'test'
    server 10.0.0.100 10.0.0.100:443 cookie ${x} check inter 2s ssl verify none maxconn 100

What happens to health checks when a server has reached the max 100 connections?
Does haproxy reserve a connection for itself to perform healthchecks?
Does it get blocked from making healthchecks?
In other works does 'maxconn' apply to 'httpchk'?

I desire a configuration where healthchecks will always be performed even when the backend is at the 'maxconn' limit. That way the node is still performing some useful work.

Posts: 1

Participants: 1

Read full topic

Search

PD error when calling backend API

January 31, 2017, 10:30 pm
$
0
0

@manvendra wrote:

Hello All,
I've below configuration

defaults
mode http
log global
option httplog
option dontlognull
option http-pretend-keepalive
option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout http-request 100s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 5m
timeout http-keep-alive 10s
timeout check 10s
maxconn 10000
#no option httpclose

On same machine, there is tomcat 8.0.33 & APIMAN(an open source API Gateway solution).
We are using haproxy as a proxy to APIMAN, not for any load balancing as we want to hide API endpoints of APIMAN.

When APIs are invoked, 200 OK response code seen without any response message body. haproxy log contains "- PD-- 2/2/0/0/0 0/0"
An example of haproxy log message

Jan 31 08:19:33 localhost haproxy[5969]: xxx.xx.xx.x:61191 [31/Jan/2017:08:19:31.993] main keyServer/keyServer 0/0/0/1665/1665 200 1917 - - PD-- 2/2/0/0/0 0/0 "POST /testaccount/myapi/login HTTP/1.0"

Would appreciate your inputs if you know what I'm missing. Why "PD" error?

Thanks,

Posts: 1

Participants: 1

Read full topic

Use backend if usr_path*

February 1, 2017, 8:03 am
$
0
0

@ally wrote:

Hi folks, looking for some assistance in using wildcards / regexp in backend switching. For example i'll have 100+ acl rules for path_beg /pathname and if these acl rules are matched I want to use a specific backend.

So I create acl declarations with a generic prefix "usr_" and want to say use backend if usr_path_* a snippet of code to help explain is below.

acl host-is-www hdr(host) eq www.domain.com

acl usr_path_path1 path_beg /path1
acl usr_path_path2 path_beg /path2
acl usr_path_path3 path_beg /path3
...

use_backend user if host-is-www usr_path*

default_backend www

backend www
...
server www1 x.x.x.x:443 check ssl...
server www2 x.x.x.x:443 check ssl...

backend user
...
server user1 x.x.x.x:443 check ssl...
server user2 x.x.x.x:443 check ssl...

Is this doable or do I need to create a use_backend declaration for each usr_path_pathname individually?

Thanks.

UPDATE :

I tried putting all my paths on a single acl declaration, however that returned a line too long error so I will have to do multi acls?

i.e.

acl user_paths path_beg /path1 /path2 /path2/a /path3

use backend user if host-is-www user_paths

Posts: 1

Participants: 1

Read full topic

Mixed content warning when using HTTPS

February 1, 2017, 8:09 am
$
0
0

@wickeren wrote:

I use HAProxy trying to do SLL offloading for a WordPress site. Frontend is on 80 and 443 with redirect

Redirection is working well when the page is accessed on port 80.
However the pages loads incomplete and looking in the console of Firefox/Chrome it can be seen that "mixed mode content" is blocked by the browser. Some stylesheets, scripts an images are still accessed over http instead of https.
301 is permanent redirection, so why is this happening? The browser should not even try http because it should be aware of the permanent redirection. An besides that, even when http is used accidentally, it should still be redirect to https instead.

Any clues how to solve this? IIS reverse proxy seems to do fine but I like HAProxy better.

Posts: 1

Participants: 1

Read full topic

Websockets and stuck processes

February 2, 2017, 4:02 pm
$
0
0

@sharkannon wrote:

We're using haproxy to balance both http/https traffic and some websockets. The websockets are present, but when we try to do a graceful restart (/usr/sbin/haproxy -D -f /etc/haproxy/haproxy.cfg -p /var/run/haproxy.pid -L LB1 -sf 4037) the process gets hung (But a new haproxy instance starts) until we manually close the inbound connections that are connecting to the websockets.

This will become problematic as we restart haproxy multiple times to pick up new dynamic configuration (integrated with consul using consul-templates to dynamically provision backends) and the old process won't die until the websocket is closed on the other side, so we end up having many, many processes going.

Any recomendations on how to fix this?

HAProxy version 1.5.14

Posts: 1

Participants: 1

Read full topic

Query string not matching in ACL

February 5, 2017, 1:54 pm
$
0
0

@ularnis wrote:

Hello all,

I am trying to use the query string in the client's request as component for an ACL but cannot get it to work.
My goal is to create an ACL that will only match if the the URL does not contain a a query string.

Using 1.7.1 I've tried to use the "query" paramter described here: https://cbonte.github.io/haproxy-dconv/1.7/configuration.html#7.3.6-query

Something along the lines of

acl has_sq query -m found

I've also tried to work with the "urlp" parameter but no avail. I've tried a dozen of combinations but the ACL just never seems to match.

Can anybody point me at what I am doing wrong or has a working example?

Thanks!

Posts: 1

Participants: 1

Read full topic

Haproxy dead, but /var/run/haproxy.pid exists

February 6, 2017, 8:19 am
$
0
0

@Jabba wrote:

Hi All,

i'm configuring a new haproxy as a smtp and http/s proxy.
As a backend server i have 2 Kerio Connect email server.

all works good, but i have a strange behaviour of haproxy: after receive an email on port 25, haproxy dead.
This is when i start haproxy:
haproxy 17758 0.0 0.1 35192 1600 ? Ss 15:54 0:00 /usr/sbin/haproxy -f /etc/haproxy/haproxy.cfg -D -p /var/run/haproxy.pid
root 17808 0.0 0.0 10432 672 pts/0 S+ 15:54 0:00 grep --color=auto haproxy

This is after an email on port 25
root 17815 0.0 0.0 10432 672 pts/0 S+ 15:55 0:00 grep --color=auto haproxy

If i try to check the status with service haproxy status:
haproxy dead, but /var/run/haproxy.pid exists.

This is my haproxy conf

global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin
stats timeout 30s
user haproxy
group haproxy
daemon

defaults
mode tcp
log global
option tcplog
option log-health-checks
option dontlognull
option allbackups
#option forwardfor except 127.0.0.0/8
option redispatch
retries 3
timeout connect 5000
timeout client 50000
timeout server 50000
timeout check 10s
maxconn 20000

frontend http
mode http
bind *:80
redirect location https://kerio.cloud.com

frontend https-in
bind *:443
mode http
option tcplog
reqadd X-Forwarded-Proto:\ https
default_backend https-in

backend https-in
mode http
option ssl-hello-chk
balance roundrobin
stick-table type ip size 10M expire 30m
stick on src
cookie SERVERID insert indirect nocache
server node02 77.xxx.xxx.xxx:443 check cookie node02
server node01 77.xxx.xxx.xxx:443 check cookie node01
frontend smtp-in
bind 0.0.0.0:25
mode tcp
log global
option tcplog
default_backend smtp_outbound
log-format {"type":"haproxy","timestamp":%Ts,"http_status":%ST,"http_request":"%ci","bytes_read":%B,"upstream_addr":"%si","backend_name":"%b","retries":%rc,"bytes_uploaded":%U,"upstream_response_time":"%Tc","session_duration":"%Tt","termination_state":"%ts"}
default_backend smtp

backend smtp
mode tcp
log global
balance roundrobin
option smtpchk HELO kerio.cloud.com
option redispatch
server node02 77.xxx.xxx.xxx:25555 check
server node01 77.xxx.xxx.xxx:25555 check

No error in haproxy.log or syslog.

Any idea ?

Thanks

Posts: 1

Participants: 1

Read full topic

V1.6.10 - Soft reload not working under Centos 7.2

February 7, 2017, 1:24 am
$
0
0

@Arianrhod wrote:

Hi - I have two haproxy servers with identical haproxy.cfg files, one running under Ubuntu 16.04, the other Centos 7.2. I need the option to maintain existing connections while loading a new config file, so choose to use the soft reload option. On the Ubuntu server, I can run /etc/init.d/haproxy reload to 'soft restart' and it works perfectly, but on the Centos server, the same command doesn't work.

Haproxy version is this on both:

HA-Proxy version 1.6.10 2016/11/20
Copyright 2000-2016 Willy Tarreau willy@haproxy.org

Build options :
TARGET = linux2628
CPU = generic
CC = gcc
CFLAGS = -O2 -g -fno-strict-aliasing -Wdeclaration-after-statement
OPTIONS =

Default settings :
maxconn = 2000, bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Encrypted password support via crypt(3): yes
Built without compression support (neither USE_ZLIB nor USE_SLZ are set)
Compression algorithms supported : identity("identity")
Built without OpenSSL support (USE_OPENSSL not set)
Built without PCRE support (using libc's regex instead)
Built without Lua support
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT IP_FREEBIND

Available polling systems :
epoll : pref=300, test result OK
poll : pref=200, test result OK
select : pref=150, test result OK
Total: 3 (3 usable), will use epoll.

Error on trying a reload is this:

Feb 7 07:26:31 apl00086i3 haproxy[8092]: Proxy http_frontend started.
Feb 7 07:26:31 apl00086i3 haproxy[8092]: Proxy http_frontend started.
Feb 7 07:26:31 apl00086i3 haproxy[8092]: Proxy sspe started.
Feb 7 07:26:31 apl00086i3 haproxy[8092]: Proxy sspe started.
Feb 7 07:26:31 apl00086i3 haproxy[8092]: Proxy stats started.
Feb 7 07:26:31 apl00086i3 haproxy[8092]: Proxy stats started.
Feb 7 07:26:31 apl00086i3 systemd: Reloaded SYSV: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments..
Feb 7 07:26:31 apl00086i3 systemd: haproxy.service: main process exited, code=killed, status=9/KILL
Feb 7 07:26:31 apl00086i3 haproxy: Shutting down haproxy: [FAILED]
Feb 7 07:26:31 apl00086i3 systemd: Unit haproxy.service entered failed state.
Feb 7 07:26:31 apl00086i3 systemd: haproxy.service failed.

.. but if I issue /etc/init.d/haproxy start, it starts correctly, even though the previous command had a 'FAILED' state for shutdown:

Feb 7 07:26:41 apl00086i3 systemd: Starting SYSV: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments....
Feb 7 07:26:41 apl00086i3 haproxy[8122]: Proxy http_frontend started.
Feb 7 07:26:41 apl00086i3 haproxy[8122]: Proxy http_frontend started.
Feb 7 07:26:41 apl00086i3 haproxy[8122]: Proxy sspe started.
Feb 7 07:26:41 apl00086i3 haproxy[8122]: Proxy sspe started.
Feb 7 07:26:41 apl00086i3 haproxy[8122]: Proxy stats started.
Feb 7 07:26:41 apl00086i3 haproxy[8122]: Proxy stats started.
Feb 7 07:26:41 apl00086i3 haproxy: Starting haproxy: [ OK ]
Feb 7 07:26:41 apl00086i3 systemd: Started SYSV: HA-Proxy is a TCP/HTTP reverse proxy which is particularly suited for high availability environments..

Any clues, please, or suggestions how this can be debugged further, since those log entries aren't particularly useful?

thanks ..

Posts: 3

Participants: 2

Read full topic

Search

Howto block badbots, crawlers & scrapers using list file

February 7, 2017, 7:21 am
$
0
0

@chomps wrote:

Hi,

I want to block badbots and crawlers from hitting any backend servers. An example bot, taken from apache log is as follows:

HTTP/1.1" 403 539 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.0; trendictionbot0.5.0; trendiction search; http://www.trendiction.de/bot; please let us know of any problems; web at trendiction.com) Gecko/20071127 Firefox/3.0.0.11"

I have this in my haproxy config:
acl badbots hdr_reg(User-Agent) -i -f /etc/haproxy/badbots.lst
tcp-request content reject if badbots

but it doesn't seem to be working as I still see the request coming to the apache log, unles the "403" means that it is in fact getting blocked. But then it shouldn't even be there if it is blocked at the HAP side. The badbots.lst file contains:
rubrikkgroup\ .com
Baiduspider
Sosospider
Sogou
ZumBot
Yandex
trendictionbot0\ .5\ .0
trendiction\ .com
trendiction

I would really appreciate some help if someone knows how to block these 'invading' url's
Regards

Posts: 5

Participants: 2

Read full topic

Upstart haproxy script

February 7, 2017, 1:24 pm
$
0
0

@dz0ny wrote:

Proper upstart init script for haproxy(that supports reload), can also be used for other PID1 managers or in legacy systems.

# haproxy

start on runlevel [2345]
stop on runlevel [!2345]

env CONF=/etc/haproxy/haproxy.cfg

nice 10
respawn
respawn limit 2 5
reload signal USR2

pre-start script
    /usr/sbin/haproxy -c -q -f $CONF
end script

post-stop script
    rm -f /var/run/haproxy.pid
end script

exec /usr/sbin/haproxy -Ds -f $CONF -p /var/run/haproxy.pid

Posts: 1

Participants: 1

Read full topic

Using multiple cpu cores, any specific drawback?

February 7, 2017, 11:43 pm
$
0
0

@jagbir wrote:

Our haproxy is receiving traffic where 80% requests are on http while 20% on https. We want to move entire traffic to HTTPS. Done some benchmarking, first with single core and then using multiple cpu cores and observed good performance improvements while using multiple cores. Scanned through documentation but not able to find any specific text about more challenges/issues which could occur except where multi core use is strongly discouraged. We are bit concerned after reading that statement and looking for some pointers to help us take more informed decision.

Config we are using with multi core enabled in AWS instance having 16 core cpu with 32 GB of RAM: 

global
        log-send-hostname msg-haproxy-log.example.com

        log 127.0.0.1 local0
        log 127.0.0.1 local1 notice

        maxconn 500000
        user haproxy
        group haproxy
        daemon
        stats socket /var/run/haproxy.socket level admin
        tune.ssl.default-dh-param 2048
        nbproc 9
        cpu-map 1 0
        cpu-map 2 1
        cpu-map 3 2
        cpu-map 4 3
        cpu-map 5 4
        cpu-map 6 5
        cpu-map 7 6
        cpu-map 8 7
        cpu-map 9 8
        stats bind-process 9

defaults
        log     global
        option  dontlognull
        retries 3
        option redispatch
        maxconn 500000
        timeout connect   300000
        timeout client       660000
        timeout server      660000

frontend tcp-in
        mode tcp
        bind *:1883 
        bind *:8883 ssl crt /etc/ssl-certs/primary.pem
        option tcplog
        bind-process 1
        default_backend tcp-backend

frontend tcp-in2
        mode tcp
        bind *:2883
        bind *:9883 ssl crt /etc/ssl-certs/primary.pem
        option tcplog
        bind-process 2 3 4 5
        default_backend tcp-backend2


frontend api
        bind *:80
        bind *:443 ssl crt /etc/ssl-certs/primary.pem
        rate-limit sessions 6000
        monitor-uri /health-check
        mode http
        bind-process 6 7 8 9
        default_backend api-backend

backend api-backend
    balance roundrobin
    mode http
    option httplog
    server  http1 192.168.0.141:8282        check
    server  http2 192.168.0.141:8283        check
    server  http3 192.168.0.141:8284        check
    server  http4 192.168.0.141:8285        check
    server  http5 192.168.0.141:8286        check
    

backend tcp-backend
       option forwardfor except 127.0.0.1
        balance roundrobin
        mode tcp
        option  tcplog
        server  mqtt1 192.168.0.141:3883    check
        server  mqtt2 192.168.0.141:3884    check
        server  mqtt3 192.168.0.141:3885    check
        server  mqtt4 192.168.0.141:3886    check

backend tcp-backend2
       option forwardfor except 127.0.0.1
        balance roundrobin
        mode tcp
        option  tcplog
        server  mqtt1 192.168.0.126:4883        check
        server  mqtt2 192.168.0.126:5883       check
        server  mqtt3 192.168.0.126:6883       check
        server  mqtt4 192.168.0.126:7883       check

Posts: 1

Participants: 1

Read full topic

Acl giving "404 Not Found"

February 8, 2017, 3:28 pm
$
0
0

@derangedsudoer wrote:

I am a newb to HAProxy, and am bashing my head against this one. I'm trying to set up what I think is a fairly simple exercise in redirecting a url to a specific port. I'd like for http://server.example.com/application to redirect to http://server.example.com:8091. To that end, I have the following config:

global
    daemon
    maxconn 256

defaults
    mode http
    timeout connect 50000ms
    timeout client 50000ms
    timeout server 50000ms

frontend http-in
    bind *:80
    acl application url_end application
    use_backend application_admin if application
    default_backend web

backend application_admin
    server server1 127.0.0.1:8091

backend web
    server server1 127.0.0.1:8080

The redirect to 8080 as the default works fine, apache is listening on 8080. But when I go to server.example.com/application, I get a 404 error:

curl -v server.example.com/application
*   Trying server.example.com...
* TCP_NODELAY set
* Connected to server.example.com (server.example.com) port 80 (#0)
> GET /application HTTP/1.1
> Host: server.example.com
> User-Agent: curl/7.51.0
> Accept: */*
>
< HTTP/1.1 404 Object Not Found
< Server: MochiWeb/1.0 (Any of you quaids got a smint?)
< Date: Wed, 08 Feb 2017 23:00:51 GMT
< Content-Type: text/plain
< Content-Length: 10
< Cache-Control: max-age=10
<
* Curl_http_done: called premature == 0
* Connection #0 to host server.example.com left intact
Not found.

The port does work, because I can browse directly to server.example.com:8091.

Any help greatly appreciated!

Posts: 1

Participants: 1

Read full topic

HAProxt Rewrite Query String

February 10, 2017, 11:17 am
$
0
0

@arvindsaket wrote:

I have list of numbers which needs to be replaced with the corresponding mapped number. Sample map file is below:
From To
5.3.0 5.0.1
3.3.0 3.0.1
4.3.0 4.0.1

How I can replace number from the mapped file. Example:
from "http://www.haproxy.cm/dv=1234&cv=5.3.0"
to "http://www.haproxy.cm/dv=1234&cv=5.0.1"

from "http://www.haproxy.cm/dv=1234&cv=3.3.0"
to "http://www.haproxy.cm/dv=1234&cv=3.0.1"

Posts: 1

Participants: 1

Read full topic

Redirecting to URI without hoping

February 10, 2017, 4:14 pm

X-Forward-for isn't appearing

February 14, 2017, 5:58 am
$
0
0

@PeterH wrote:

Good Day,

I am running:
CentOS release 6.6 (Final)
HA-Proxy version 1.5.2 2014/07/12
Copyright 2000-2014 Willy Tarreau w@1wt.eu

I have the following frontend-backend block in my haproxy.cfg:
frontend labweb-secure
mode http
option httplog
option forwardfor
capture request header host len 30
capture request header X-Forwarded-For len 50
bind 165.123.50.49:443 ssl crt /etc/haproxy/ssl/labweb-secure.pem
bind 2607:f470:4:1::b:443 ssl crt /etc/haproxy/ssl/labweb-secure.pem

backend pennhosted-secure
server lab-web3 lab-web3.net.isc.upenn.edu:80 check

But the log, and the backend, are not reflecting the x-forwarded-for, only the host header.

Feb 14 08:46:51 localhost haproxy[4698]: 128.91.196.194:58840 [14/Feb/2017:08:46:51.413] labweb-secure~ pennhosted-secure/lab-web3 12/0/0/1/13 404 486 - - ---- 0/0/0/0/0 0/0 {labweb-secure.net.isc.upenn.ed|} "GET /favicon.ico HTTP/1.1"

Is there an additional configuration requirement to get x-forwarded-for to insert?
Thanks,

Peter

Posts: 1

Participants: 1

Read full topic

Search

Backend servers are down due to Layer4 connection problem

February 16, 2017, 12:42 am
$
0
0

@vasu.tubati wrote:

I have HA LB configured with 3 backend servers . From the logs, i see that one of the nodes are going down frequently and coming up . Error message is like below.

eb 16 08:38:36 localhost haproxy[4303]: Server xxxxxxxx is DOWN, reason: Layer4 connection problem, info: "Connection refused", check duration: 0ms. 1 active and 0 backup servers left. 0 sessions active, 0 requeued, 0 remaining in queue.

haproxy version is as below.

HA-Proxy version 1.5.18 2016/05/10
Copyright 2000-2016 Willy Tarreau willy@haproxy.org

backend configuration is as below,

backend nodes
mode http
balance roundrobin #Balance algorithm
option forwardfor

option httpchk HEAD / HTTP/1.1\r\nHost:\ localhost #Check the server application is up and healty - 200 status code

server servr1 xx.xx.xx.xx:30010 check                 #Nginx1
server server2 xx.xx.xx.xx:30010 check                 #Nckend nodes
server server2 xx.xx.xx.xx:30010 check

Please help to why these connection refused and time out are occurring.. I have tested on backend servers and i can access the app without any issues directly.

Posts: 4

Participants: 2

Read full topic

Altering responses

February 18, 2017, 12:54 pm
$
0
0

@Markvr wrote:

From reading the manual, I'm pretty sure this isn't possible but thought I'd double check...

Is it possible to alter the HTTP content (not headers)? Specifically to inject some HTML into the start of the body?

Posts: 1

Participants: 1

Read full topic

Reload timeout setting

February 18, 2017, 1:07 pm
$
0
0

@Markvr wrote:

When changing back end config, and reloading haproxy using "-sf" it often seems to take a long time (~120 sec)for the old process to go away. During that period, refreshing an existing browser page returns 503 because it's presumably connected to the old haproxy process, which no longer has a valid back end. I'm guessing this is because the TCP connection is still open due to HTTP keep alive?

Is there a way to specify a timeout in the config, so a reload kills the old process to prevent them hanging around for more than a few sec? I know there is an -st option, but that is quite brutal. A gracefully reload with a cutoff would be the best solution I think?

Posts: 1

Participants: 1

Read full topic

HAProxy 1.7 Using the REST API

February 20, 2017, 11:04 am
$
0
0

@mastermindg wrote:

I want to use HAProxy's REST API to deploy load-balancer changes to my cluster. I'm following the documentation here:

https://www.haproxy.com/doc/aloha/7.0/api/webbased.html#examples-with-curl

I've started up a docker instance using the official alpine build:

docker run -d -v /ops/haproxy:/usr/local/etc/haproxy --name haproxy -p 80:80 -p 4444:4444 haproxy:1.7.2-alpine

The instance comes up and I've confirmed that it's listening on 80 and 4444. According to the documentation the API should be on port 4444:

A minimal curl request would be:
curl -k -u admin:admin https://10.0.0.1:4444/api

However when I try to connect to the API it's failing:

$curl -k -u admin:admin https://127.0.0.1:4444/api
curl: (35) Unknown SSL protocol error in connection to 127.0.0.1:4444
$curl http://127.0.0.1:4444/api
curl: (56) Recv failure: Connection reset by peer

When I use --net=host instead of manual port binding HAProxy is only binding port 80 - which is defined in my haproxy.cfg.

How do I connect to the API and set authentication to use it, i.e. change admin:admin to something a little harder to guess?

Posts: 2

Participants: 1

Read full topic

SSL Encrypted Alert (21) on TCP mode

February 22, 2017, 1:14 am
$
0
0

@kmg wrote:

I've a haproxy setup with tcp mode ssl configuration [ to offload ssl sockets traffic]. But Socket is not connecting from Chrome 56 browser. Whereas site loading fine on previous version like Chrome 55.

Note : site running with RapidSSL certificate

I don't see any error in HAproxy logs. But in front end, connection is dropped. I just capture Alert message on sniffer, after that connection closed in browser.

Request Type: Secure SSL socket from Adobe flash player

Posts: 1

Participants: 1

Read full topic

Viewing all 4849 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>