Hello,

> How can someone debug ngx_stream_ssl_preread_module?

put the following line in the stream section:

error_log /var/log/nginx/sni_error.log debug;

Once done I found out that

2016/12/15 17:09:00 [error] 21043#0: *7426 recv() failed (104: Connection reset by peer) while proxying connection, client: 17.198.249.166, server: 88.198.249.254:443, upstream: "88.198.249.254:4443", bytes from/to client:0/0, bytes from/to upstream:0/316

And in my syslog I found out:

daemon:Dec 15 17:09:00 infra ocserv[21622]: worker: worker-proxyproto.c:156: proxy-hdr: invalid v2 header
daemon:Dec 15 17:09:00 infra ocserv[21622]: worker: worker-vpn.c:560: could not parse proxy protocol header; discarding connection
daemon:Dec 15 17:09:00 infra ocserv[18385]: main: 88.198.249.254:55976 user disconnected (reason: unspecified, rx: 0, tx: 0)

So it seems that the problem is that ocserv can't parse nginx proxy protocol
header. I'll dig deeper and report back once a solution is found.

Cheers,
Thomas
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx