Edik Mkoyan's questions -server

Edik Mkoyan

Asked: 2020-06-03 04:16:24 +0800 CST

What happens to existing tcp sessions when a certificate is changed and haproxy is reloaded?

0

There may be two major reasons for changing a certificate. 1. Ordinary rotation, for example, due to expiration. In this case I would like to have a 100% high availiability. Existing sessions would use the old keys, the new sessions will use new encryption keys. 2. My private keys had been stolen and I want to drop all the exsting connections and reestablish those with the new keys.

How does the haproxy behave?

Edik Mkoyan

Asked: 2019-01-30 08:12:16 +0800 CST

HTTP client is redirected, but the old address is shown in address bar

0

I have a pdf file available on www.example.com/pdf/something. On httpd configuration I have a redirection to www.example1.com/pdf/something. In both cases pdf is downloading, but the redirection to example1 domain can be seen only in the network tab of developer tools, in the address bar the user still sees www.example.com/pdf/something although the pdf is downloaded from the www.example1.com.

Update: The configuration is something similar to this

<VirtualHost *:80 *:443>
    RewriteEngine On
    RewriteRule ^/$ https://www.example.com/en/ [R=301,L]
    RewriteCond %{HTTP:someheader} !somevalue
    RewriteRule ^(.*)$ https://www.example1.com/en$1 [END,R=301]
</VirtualHost>

Edik Mkoyan

Asked: 2018-01-23 11:06:41 +0800 CST

Transform Apache Cookie logs to json with rsyslogd

0

I am logging cookie headers, some cookies may have due date, some others not, the same is tru for other cookie parameters, I need to implement a centrilaized logging, so before sending those to logstash I want to transform syslog to json. How can I do that?

Edik Mkoyan

Asked: 2017-02-07 01:07:59 +0800 CST

What will happen if I enable LDAP authenticaion on pfsense and LDAP server will fail?

0

Currently I am using local database for authentication on my pfsense. I know that Cisco's IOS has backup authentication methods for the cases when primary one fails. You can even not to authenticate at all if all servers fail. I want to use AD user base to organize the user control, but here is a question, what will happen when AD fails, can pfsense jump to local database?

Edik Mkoyan

Asked: 2014-06-03 05:50:22 +0800 CST

Syntax of mac2vlan file in freeradius?

0

Below is the content of mac2vlan file in freeradius. When I uncomment this line 00:01:02:03:04:05,VLAN1 it logs a parsing error including configuration file /etc/raddb/modules/mac2vlan

/etc/raddb/modules/mac2vlan[10]: Parse error after "00:01:02:03:04:05"
Errors reading /etc/raddb/radiusd.conf

What is the correct syntax?

# -*- text -*-
#
#  $Id$

#  A simple file to map a MAC address to a VLAN.
#
#  The file should be in the format MAC,VLAN
#  the VLAN name cannot have spaces in it, for example:
#
        00:01:02:03:04:05,VLAN1
#       03:04:05:06:07:08,VLAN2
#       ...

passwd mac2vlan {
        filename = ${confdir}/mac2vlan
        format = "*VMPS-Mac:=VMPS-VLAN-Name"
        delimiter = ","
}

What happens to existing tcp sessions when a certificate is changed and haproxy is reloaded?

HTTP client is redirected, but the old address is shown in address bar

Transform Apache Cookie logs to json with rsyslogd

What will happen if I enable LDAP authenticaion on pfsense and LDAP server will fail?

Syntax of mac2vlan file in freeradius?

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?