|
2 | 2 | <html lang="en"> |
3 | 3 | <head> |
4 | 4 | <meta charset="utf-8" /> |
5 | | - <title>HAProxy version 3.3-dev2-32 - Configuration Manual</title> |
| 5 | + <title>HAProxy version 3.3-dev2-37 - Configuration Manual</title> |
6 | 6 | <link href="https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.3.7/css/bootstrap.min.css" rel="stylesheet" /> |
7 | 7 | <link href="https://raw.githubusercontent.com/thomaspark/bootswatch/v3.3.7/cerulean/bootstrap.min.css" rel="stylesheet" /> |
8 | 8 | <link href="../css/page.css?0.4.2-15" rel="stylesheet" /> |
|
4112 | 4112 |
|
4113 | 4113 | <a class="list-group-item" href="#tcp-check unset-var">tcp-check unset-var</a> |
4114 | 4114 |
|
| 4115 | + <a class="list-group-item" href="#tcp-md5sig">tcp-md5sig</a> |
| 4116 | + |
4115 | 4117 | <a class="list-group-item" href="#tcp-request">tcp-request</a> |
4116 | 4118 |
|
4117 | 4119 | <a class="list-group-item" href="#tcp-request connection">tcp-request connection</a> |
|
4593 | 4595 | You can use <strong>left</strong> and <strong>right</strong> arrow keys to navigate between chapters.<br> |
4594 | 4596 | </p> |
4595 | 4597 | <p class="text-right"> |
4596 | | - <small>Converted with <a href="https://github.com/cbonte/haproxy-dconv">haproxy-dconv</a> v<b>0.4.2-15</b> on <b>2025/07/01</b></small> |
| 4598 | + <small>Converted with <a href="https://github.com/cbonte/haproxy-dconv">haproxy-dconv</a> v<b>0.4.2-15</b> on <b>2025/07/03</b></small> |
4597 | 4599 | </p> |
4598 | 4600 | </div> |
4599 | 4601 | <!-- /.sidebar --> |
|
4604 | 4606 | <div class="text-center"> |
4605 | 4607 | <h1><a href="http://www.haproxy.org/" title="HAProxy"><img src="../img/HAProxyCommunityEdition_60px.png?0.4.2-15" /></a></h1> |
4606 | 4608 | <h2>Configuration Manual</h2> |
4607 | | - <p><strong>version 3.3-dev2-32</strong></p> |
| 4609 | + <p><strong>version 3.3-dev2-37</strong></p> |
4608 | 4610 | <p> |
4609 | 4611 | 2025/06/26<br> |
4610 | 4612 |
|
@@ -21395,6 +21397,14 @@ <h2 id="chapter-5.1" data-target="5.1"><small><a class="small" href="#5.1">5.1.< |
21395 | 21397 | on global statement "<a href="#ssl-default-bind-options">ssl-default-bind-options</a>", and may be selectively |
21396 | 21398 | disabled on a "<span class="dropdown"><a class="dropdown-toggle" data-toggle="dropdown" href="#">bind<span class="caret"></span></a><ul class="dropdown-menu"><li class="dropdown-header">This keyword is available in sections :</li><li><a href="#bind%20%28Peers%20declaration%29">Peers declaration</a></li><li><a href="#bind%20%28Log%20forwarding%29">Log forwarding</a></li><li><a href="#bind%20%28Alphabetically%20sorted%20keywords%20reference%29">Alphabetically sorted keywords reference</a></li></ul></span>" line using "<a href="#no-strict-sni">no-strict-sni</a>". See the "<span class="dropdown"><a class="dropdown-toggle" data-toggle="dropdown" href="#">crt<span class="caret"></span></a><ul class="dropdown-menu"><li class="dropdown-header">This keyword is available in sections :</li><li><a href="#crt%20%28Load%20options%29">Load options</a></li><li><a href="#crt%20%28Bind%20options%29">Bind options</a></li><li><a href="#crt%20%28Server%20and%20default-server%20options%29">Server and default-server options</a></li></ul></span>" option for |
21397 | 21399 | more information. See "add ssl crt-list" command in the management guide. |
| 21400 | +</pre><a class="anchor" name="tcp-md5sig"></a><a class="anchor" name="5-tcp-md5sig"></a><a class="anchor" name="5.1-tcp-md5sig"></a><a class="anchor" name="tcp-md5sig (Bind and server options)"></a><a class="anchor" name="tcp-md5sig (Bind options)"></a><div class="keyword"><b><a class="anchor" name="tcp-md5sig"></a><a href="#5.1-tcp-md5sig">tcp-md5sig</a></b> <span style="color: #080"><password></span></div><pre class="text">Enables the TCP MD5 signature (RFC 2385 Protection of BGP Sessions via the |
| 21401 | +TCP MD5 Signature Option) for all incoming connections instantiated from this |
| 21402 | +listening socket. This option is only available on Linux. When enabled, |
| 21403 | +<password> string is used to sign every TCP segments with a 16-byte MD5 |
| 21404 | +digest. This will protect the TCP connection against spoofing. The primary |
| 21405 | +use case for this option is to allow BGP to protect itself against the |
| 21406 | +introduction of spoofed TCP segments into the connection stream. But it can |
| 21407 | +be useful for any very long-lived TCP connections. |
21398 | 21408 | </pre><a class="anchor" name="tcp-ut"></a><a class="anchor" name="5-tcp-ut"></a><a class="anchor" name="5.1-tcp-ut"></a><a class="anchor" name="tcp-ut (Bind and server options)"></a><a class="anchor" name="tcp-ut (Bind options)"></a><div class="keyword"><b><a class="anchor" name="tcp-ut"></a><a href="#5.1-tcp-ut">tcp-ut</a></b> <span style="color: #080"><delay></span></div><pre class="text">Sets the TCP User Timeout for all incoming connections instantiated from this |
21399 | 21409 | listening socket. This option is available on Linux since version 2.6.37. It |
21400 | 21410 | allows HAProxy to configure a timeout for sockets which contain data not |
@@ -22844,6 +22854,16 @@ <h2 id="chapter-5.2" data-target="5.2"><small><a class="small" href="#5.2">5.2.< |
22844 | 22854 | This option enables upstream socks4 tunnel for outgoing connections to the |
22845 | 22855 | server. Using this option won't force the health check to go via socks4 by |
22846 | 22856 | default. You will have to use the keyword "<a href="#check-via-socks4">check-via-socks4</a>" to enable it. |
| 22857 | +</pre><a class="anchor" name="tcp-md5sig"></a><a class="anchor" name="5-tcp-md5sig"></a><a class="anchor" name="5.2-tcp-md5sig"></a><a class="anchor" name="tcp-md5sig (Bind and server options)"></a><a class="anchor" name="tcp-md5sig (Server and default-server options)"></a><div class="keyword"><b><a class="anchor" name="tcp-md5sig"></a><a href="#5.2-tcp-md5sig">tcp-md5sig</a></b> <span style="color: #080"><password></span></div><pre class="text">May be used in the following contexts: tcp, http, log, peers, ring |
| 22858 | + |
| 22859 | +Enables the TCP MD5 signature (RFC 2385 Protection of BGP Sessions via the |
| 22860 | +TCP MD5 Signature Option) for all outgoing connections to this server. This |
| 22861 | +option is only available on Linux. When enabled, <password> string is used to |
| 22862 | +sign every TCP segments with a 16-byte MD5 digest. This will protect the TCP |
| 22863 | +connection against spoofing. The primary use case for this option is to allow |
| 22864 | +BGP to protect itself against the introduction of spoofed TCP segments into |
| 22865 | +the connection stream. But it can be useful for any very long-lived TCP |
| 22866 | +connections. |
22847 | 22867 | </pre><a class="anchor" name="tcp-ut"></a><a class="anchor" name="5-tcp-ut"></a><a class="anchor" name="5.2-tcp-ut"></a><a class="anchor" name="tcp-ut (Bind and server options)"></a><a class="anchor" name="tcp-ut (Server and default-server options)"></a><div class="keyword"><b><a class="anchor" name="tcp-ut"></a><a href="#5.2-tcp-ut">tcp-ut</a></b> <span style="color: #080"><delay></span></div><pre class="text">May be used in the following contexts: tcp, http, log, peers, ring |
22848 | 22868 |
|
22849 | 22869 | Sets the TCP User Timeout for all outgoing connections to this server. This |
@@ -33074,7 +33094,7 @@ <h2 id="chapter-12.8" data-target="12.8"><small><a class="small" href="#12.8">12 |
33074 | 33094 | <br> |
33075 | 33095 | <hr> |
33076 | 33096 | <div class="text-right"> |
33077 | | - HAProxy 3.3-dev2-32 – Configuration Manual<br> |
| 33097 | + HAProxy 3.3-dev2-37 – Configuration Manual<br> |
33078 | 33098 | <small>, 2025/06/26</small> |
33079 | 33099 | </div> |
33080 | 33100 | </div> |
|
0 commit comments