I have a HA-Proxy version 2.2.17-dd94a25 2021/09/07 server and I wrote a honey pot server that takes forbidden inbound requests identified by IP and redirects them to a web server collecting information on them running on the same server on port 8080. I would love to collect as much information about the original request as possible but I haven’t been too successful.
I tried these to pass along the path but I’m not getting anything or I’m getting an error. I would really love to get the referer and the URL path to the server passed along to the honeyport. Even if they’re appended as CGI params to the server listening on localhost:8080.
http-request set-path %[path]
server web1 127.0.0.1:8080%[path]
------------------ Live Config -------------------------
global
log 127.0.0.1 local2
chroot /var/lib/haproxy2
pidfile /var/run/haproxy.pid
maxconn 4000
user haproxy
group haproxy
daemon
defaults
mode http
option httplog
log global
option dontlognull
option http-server-close
option redispatch
retries 3
timeout http-request 10s
timeout queue 1m
timeout connect 10s
timeout client 1m
timeout server 1m
timeout http-keep-alive 10s
timeout check 10s
maxconn 3000
frontend frontend-http
bind 10.34.1.111:80
acl is-blocked-ip src -f /etc/haproxy2/blocklist.ips
# http-request deny if is-blocked-ip
use_backend honeycauldron if is-blocked-ip
default_backend backend-http
backend backend-http
option forwardfor
server web-1 www.nowitssafe.com:80 check
frontend frontend-https
bind 10.30.1.171:443 ssl crt /etc/haproxy2/ssl
acl is-blocked-ip src -f /etc/haproxy2/blocklist.ips
# http-request deny if is-blocked-ip
use_backend honeycauldron if is-blocked-ip
default_backend backend-https
backend backend-https
option forwardfor
server web-1 www.nowitssafe.com:443 check ssl verify none
backend honeycauldron
option forwardfor
server web1 127.0.0.1:8080 maxconn 1024 weight 3 check inter 2000 rise 2 fall 3
2 posts - 2 participants