Spring naar de hoofdinhoud

How to enable the HAproxy statistics page in OPNsense

Step 1: Edit Global Settings

In the left-hand menu, go to Services , select HAPproxy and then and then Settings.

    • Under the Settings tab, locate the Global Parameters
    • Enable ' Advanced Mode' on the top left of the page
    • Add or modify the following configuration line in the “Custom Options” field (on the bottom of the picture):

       

      stats socket /var/run/haproxy.socket group proxy mode 775 level admin 
      This enables a UNIX socket for administrative purposes.

afbeelding.png

Step 2: Configure Statistics in Frontend Settings

    • Configure Statistics in Frontend Settings:

      • Scroll downGo to findVirtual orServers createin athe frontendTop dedicated to serving statistics.menu
      • AddClick the + sign and add a new frontendPublic byService: clicking on “Add” if one does not already exist for this purpose.'StatsFrontend'
      • In this frontend, configure it as follows:
        • Set Name:Name: For example, “StatsFrontend”.StatsFrontend
        • Set BindListen Address:Adressess: Useset anto local IP address accessibleof from your networkOPNsense (e.g., 127.0.0.1:8404192.168.2.1) orwith anythe otherdefault unusedport port).8822
        • Set Mode:Type Chooseto “HTTP”.default HTTP/HTTPS (SSL offloading) [default]
        • UnderScroll all the way down toAdvanced Settings”Settings, add thisthese linelines in the “CustomOption Options”Pass-through field:
        • stats enable
stats uri /haproxy?stats
stats realm Haproxy\ Statistics
stats auth admin:password123
          Replace admin with your desired username and password123password with a strong password.

    2. Save and Apply Changes:

      • Click on “Save” and then apply changes by clicking on “Apply”.

    Step 2: Configure Firewall Rules

    1. Allow Access to the Statistics Port:

      • Navigate to Firewall > Rules.
      • Select the appropriate interface (e.g., LAN or WAN) where you want to allow access.
      • Create a new rule with these parameters:
        • Action: Allow.
        • Protocol: TCP.
        • Source: Define specific IPs or networks allowed access (e.g., your management workstation’s IP).
        • Destination: The IP of your OPNsense instance running HAProxy.
        • Destination Port Range: The port you configured for statistics (e.g., 8404).

    2. Save and Apply Firewall Rule Changes:

      • Save the rule and click on “Apply Changes”.

    Step 3: Test Access to the Statistics Page

    1. Open a web browser from a device allowed by your firewall rules.
    2. Enter the URL for accessing statistics, such as: 
      http://:8404/haproxy?stats
    3. Enter the username (admin) and password (password123) you configured earlier when prompted.

    If everything is configured correctly, you should see HAProxy’s statistics page displaying real-time data about connections, backends, frontends, etc.

Terug naar boven