Release Notes: The SSL stack received many fixes and improvements. It now supports mutual cert authentication, client cert-based ACLs, and a multi-process session cache. Some facilities were offered to support multi-process mode with SSL. Health checks support SSL and the PROXY protocol. HTTP forwarding now supports gzip compression. Recent Linux platforms support TCP FastOpen and accept4(). The "bind" statement now supports "v4v6" and "v6only" keywords to decide on the IPv6 binding policy. Many bugs have been fixed, so those using dev12 and dev13 in production are strongly encouraged to upgrade.
Release Notes: The main change is the addition of client-side and server-side native SSL support. Other less important features include the addition of new ACL and patterns (base, urlp), support for IPv6 transparent mode on recent Linux kernels, the ability to feed/remove stick-table entries from the CLI, the ability to change sessions scheduling priority using the "nice" keyword, some halog, and some doc updates. This version includes massive changes. While many bugs have been fixed, a number of others might have been introduced; use with care.
Release Notes: Many bugs and recent regressions since 1.5-dev8 have been fixed. A few minor features have been merged, including the ability to soft start/soft stop servers and kill sessions from the stats page in admin mode, a new option to hash the whole URI instead of just the path, an option to kill sessions on backup servers when active servers recover, and options to set the HttpOnly and Secure flags on cookies. Users of 1.5-dev8 and later should upgrade.
Release Notes: http_auth_group was broken in dev9, and would only validate users without checking groups. The connection's destination address could not be fetched anymore, breaking dst ACL and transparent mode, among other things. "timeout tunnel" has been added for easier WebSocket configuration. A rework of the poller has brought a global performance increase of up to around 10%. Users of 1.5 should not use 1.5-dev9, and should switch to -dev10 instead.
Release Notes: A new logging subsystem with customizable log formats, a unique-ID generator, a full rework of the buffers and HTTP message storage, a merge of the ACL and pattern fetch code, ACL support for IPv6 addresses, cookies, URL parameters, and arbitrary payload, support for specifying a precise occurrence in fetch functions, much better error reporting for ACL parsing errors, the long-awaited "use-server" directive, minor improvements to the error capture reports, and a significant number of bugfixes.
Release Notes: Many changes were made, most of them bugfixes. Server-side IPv6 and server-side PROXY protocol support was added. All other changes are internal architecture changes needed to support server-side keep-alive later. Users of other 1.5 development versions are encouraged to upgrade, with the usual care needed for a development version.
Release Notes: All fixes from version 1.4.9 were merged. Stickiness tables can now be synchronized between multiple active haproxy nodes. Sticky information is also learned from responses, providing support for SSL-ID. Connections can be accepted over Unix sockets. A new PROXY protocol was implemented to let other components (such as stunnel) pass connection information to haproxy.
Release Notes: Support was introduced for per-IP accounting and filtering based on connection counts, rates, byte counts, rates, error counts and rates, and a few other criteria. It is now possible to filter very early at the connection level based on these critieria, resulting in a measured protection capacity of more than 200000 connections per second. This is the first development version of branch 1.5, which should be released around the end of the year. This version is in sync with all the fixes that are available in 1.4.8, and appears reliable enough to be used in production if needed.
Release Notes: Several new features were brought: server maintenance mode, HTTP authentication (server and proxy), secure passwords, conditional request/response header rewriting using ACLs, anonymous ACLs that can be declared inline, support for HTTP/1.1 101+Upgrade status code to support non-HTTP protocols such as WebSocket, and several minor updates. The core now seems stable as no important bug was fixed since -dev8. A few minor changes are still expected to come before 1.4-final.
Release Notes: Support for HTTP keep-alive was added on the client side. Health check status reporting has been refined again to help with troubleshooting server issues. The stats interface has been improved with embedded links to ease monitoring of large setups. The config parser has been strengthened to detect more corner cases. A lot of regressions were fixed, and many minor improvements were made.