I am trying to parse the Postgres Startup message. According to the docs, the startup message is thus:
StartupMessage (F)
Int32
Length of message contents in bytes, including self.
Int32(196608)
The protocol version number. The most significant 16 bits are the major version number (3 for the protocol described here). The least significant 16 bits are the minor version number (0 for the protocol described here).
The protocol version number is followed by one or more pairs of parameter name and value strings. A zero byte is required as a terminator after the last name/value pair. Parameters can appear in any order. user
is required, others are optional…
Accordingly the message looks like this:
user\0actualusername\0database\0actualdatabase\0\0
(see Selecting backend based on jdbc string connection - #4 by lukastribus)
Here’s is my attempt:
global
log /dev/log local0
#log /dev/log local1 debug
log /dev/log local1 notice
chroot /var/lib/haproxy
stats socket /run/haproxy/admin.sock mode 660 level admin expose-fd listeners
stats timeout 30s
user haproxy
group haproxy
daemon
# Default SSL material locations
ca-base /etc/ssl/certs
crt-base /etc/ssl/private
# See: https://ssl-config.mozilla.org/#server=haproxy&server-version=2.0.3&config=intermediate
ssl-default-bind-ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
ssl-default-bind-ciphersuites TLS_AES_128_GCM_SHA256:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256
ssl-default-bind-options ssl-min-ver TLSv1.2 no-tls-tickets
defaults
log global
mode http
mode tcp
option httplog
option dontlognull
timeout connect 5000
timeout client 50000
timeout server 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
#---------------------------------------------------------------------
# statistics
#---------------------------------------------------------------------
# Host HA-Proxy's web stats on Port 7000.
listen HAProxy-Statistics
bind *:7000
mode http
option httplog
stats enable
stats uri /haproxy?stats
stats refresh 20s
stats realm PSQL Haproxy\ Statistics # Title text for popup window
stats show-node
stats show-legends
stats show-desc PSQL load balancer stats (master)
stats auth pgadmin:pgsecret
listen pg_ingress
#mode tcp
bind *:5000
option tcplog # enable addvanced logging
# hex convert tsdbrw
acl check-rw req.payload(0,0),hex -m sub 757365720074736462727700
use_backend pg_readwrite if check-rw
default_backend pg_readonly
backend pg_readwrite
#mode http
option httpchk
http-check expect status 200
default-server inter 3s fall 3 rise 3 on-marked-down shutdown-sessions
server tstshd01 172.31.68.147:6432 check port 8008
server tstshd02 172.31.69.227:6432 check port 8008
backend pg_readonly
#mode http
balance leastconn
default-server inter 3s fall 3 rise 3 on-marked-down shutdown-sessions
server tstshd01 172.31.68.147:6432
server tstshd02 172.31.69.227:6432
# end
I simply cant get that acl to resolve to true! Any advice would be greatly appreciated.
Much Thanks,
phil