Spring naar de hoofdinhoud

How to enable the HAproxy statistics page in OPNsense

Step 1: Edit Global Settings

In the left-hand menu, go to Services , select HAPproxy and then and then Settings.

    • Under the Settings tab, locate the Global Parameters
    • Enable ' Advanced Mode' on the top left of the page
    • Add or modify the following configuration line in the “Custom Options” field:

       

      stats socket /var/run/haproxy.socket group proxy mode 775 level admin 
      This enables a UNIX socket for administrative purposes.

afbeelding.png

 

 

  2. Configure Statistics in Frontend Settings:

    • Scroll down to find or create a frontend dedicated to serving statistics.
    • Add a new frontend by clicking on “Add” if one does not already exist for this purpose.
    • In this frontend, configure it as follows:
      • Set Name: For example, “StatsFrontend”.
      • Set Bind Address: Use an IP address accessible from your network (e.g., 127.0.0.1:8404 or any other unused port).
      • Set Mode: Choose “HTTP”.
      • Under “Advanced Settings”, add this line in the “Custom Options” field: 
        stats enable
stats uri /haproxy?stats
stats realm Haproxy\ Statistics
stats auth admin:password123
        Replace admin with your desired username and password123 with a strong password.

  3. Save and Apply Changes:

    • Click on “Save” and then apply changes by clicking on “Apply”.

Step 2: Configure Firewall Rules

  1. Allow Access to the Statistics Port:

    • Navigate to Firewall > Rules.
    • Select the appropriate interface (e.g., LAN or WAN) where you want to allow access.
    • Create a new rule with these parameters:
      • Action: Allow.
      • Protocol: TCP.
      • Source: Define specific IPs or networks allowed access (e.g., your management workstation’s IP).
      • Destination: The IP of your OPNsense instance running HAProxy.
      • Destination Port Range: The port you configured for statistics (e.g., 8404).

  2. Save and Apply Firewall Rule Changes:

    • Save the rule and click on “Apply Changes”.

Step 3: Test Access to the Statistics Page

  1. Open a web browser from a device allowed by your firewall rules.
  2. Enter the URL for accessing statistics, such as: 
    http://:8404/haproxy?stats
  3. Enter the username (admin) and password (password123) you configured earlier when prompted.

If everything is configured correctly, you should see HAProxy’s statistics page displaying real-time data about connections, backends, frontends, etc.

Terug naar boven