Release Notes: This version fixes two possible crashes, one of them remotely triggered (CVE-2013-2175) involving use of a negative occurrence number in hdr_* fetches. Other long-standing improvements were finally merged, such as http-response, dynamic setting of priority, DSCP headers, Netfilter mark and log level, transparent proxy on *BSD, fetching of environment variables, conditional PROXY protocol by ACL, 3 parallel stick-counters instead of 2, reworking of the doc to simplify the search of ACL/fetch keywords, and further-improved configuration error reporting. All 1.5 users must upgrade.
Release Notes: This version fixes a security flaw in TCP content inspection when combined with HTTP. 1.5-dev users must upgrade or patch. Other big changes include a richer address parser that supports environment variables, the convergence of ACLs and samples allowing more powerful combinations of patterns analysis, support for systemd, a new health check agent protocol, PCRE JIT support, TLS ALPN, and HTTP redirects 307 and 308. No fewer than 43 bugs were fixed in various areas.
Release Notes: The SSL stack received many fixes and improvements. It now supports mutual cert authentication, client cert-based ACLs, and a multi-process session cache. Some facilities were offered to support multi-process mode with SSL. Health checks support SSL and the PROXY protocol. HTTP forwarding now supports gzip compression. Recent Linux platforms support TCP FastOpen and accept4(). The "bind" statement now supports "v4v6" and "v6only" keywords to decide on the IPv6 binding policy. Many bugs have been fixed, so those using dev12 and dev13 in production are strongly encouraged to upgrade.
Release Notes: The main change is the addition of client-side and server-side native SSL support. Other less important features include the addition of new ACL and patterns (base, urlp), support for IPv6 transparent mode on recent Linux kernels, the ability to feed/remove stick-table entries from the CLI, the ability to change sessions scheduling priority using the "nice" keyword, some halog, and some doc updates. This version includes massive changes. While many bugs have been fixed, a number of others might have been introduced; use with care.
Release Notes: A new logging subsystem with customizable log formats, a unique-ID generator, a full rework of the buffers and HTTP message storage, a merge of the ACL and pattern fetch code, ACL support for IPv6 addresses, cookies, URL parameters, and arbitrary payload, support for specifying a precise occurrence in fetch functions, much better error reporting for ACL parsing errors, the long-awaited "use-server" directive, minor improvements to the error capture reports, and a significant number of bugfixes.
Release Notes: Many changes were made, most of them bugfixes. Server-side IPv6 and server-side PROXY protocol support was added. All other changes are internal architecture changes needed to support server-side keep-alive later. Users of other 1.5 development versions are encouraged to upgrade, with the usual care needed for a development version.
Release Notes: All fixes from version 1.4.9 were merged. Stickiness tables can now be synchronized between multiple active haproxy nodes. Sticky information is also learned from responses, providing support for SSL-ID. Connections can be accepted over Unix sockets. A new PROXY protocol was implemented to let other components (such as stunnel) pass connection information to haproxy.
Release Notes: This release brings new long-awaited features, among which are TCP splicing support, conditional redirection, TCP content filtering, session rate reporting and limiting, invalid request/response capture, binding to specific network interfaces, per-process affinity for frontends and backends, a monotonic internal clock, and many others. The internal architecture has been reworked in layers to ease development, enhance reliability, and improve performance. Performance gains of about 10% are to be expected compared to 1.3.15.
Release Notes: Many new features, including stats updates (HTTP, UNIX, and SNMP), enhancements to server checks such as tracking and dynamic intervals, the addition of the leastconn load-balancing algorithm and POST parameter analysis, a fully transparent mode on Linux, better handling of connection failures (dead server avoidance and turn-around state), support for inter-site off-loading through redirects, updates to the build process, and large documentation updates.
Release Notes: A lot of new features were added, starting with dynamic weight support, logging via a unix socket, many improvements to stats, an http_proxy mode, graceful server shutdown, more convenient timeout handling, server farm state propagation to outer components, more config checks and hints, and a port to AIX 5.3. Several bugs were fixed, and a lot of cleanups and small optimizations were made.