Maybe I am wrong, but I thought, in my research, that using the new proxy protocol would eliminate the need for both the stunnel x-forward patch and the transparent mode. Since I did get it to work that way, without transparent, I hope it stays that way. ;-)

-- 
Robert Garcia
BigHead Technology
15520 Coutolenc Rd
Magalia, Ca 95954
ph: 530.645.4040 x222 fax: 530.645.4040
rgarcia@bighead.net - http://bighead.net/

On Thursday, June 7, 2012 at 3:30 AM, Scott McKeown wrote:

Hi Robert,

I've been doing some work on both HAProxy and STunnel myself over the last month or so.

Your actual configuration files both look fine but one thing that you possibly missed is that you will have needed to have build HAProxy with the TProxy flag enabled, and I'm going to guess that you have also written and applied the Firewall rules for the transparent proxy.

I've attached a DRAFT pdf of the work that I have been doing, its a very basic how-to on setting up both STunnel and HAProxy in Transparent mode on a Centos 6.2 system.



--
With Kind Regards.

Scott McKeown
Loadbalancer.org
http://www.loadbalancer.org


Attachments:
- STunnel-HAProxy transparent on Centos 6.2.pdf