• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

haproxy acl path and method

Scheduled Pinned Locked Moved Cache/Proxy
4 Posts 2 Posters 1.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • X
    Xivexell
    last edited by Jan 28, 2020, 5:40 PM

    I'm trying to create a rule like this :

    path_beg /api/user/ && method GET

    I need specifically validate a URL and method it uses

    but it doesn't works, some ideas?

    P 1 Reply Last reply Jan 28, 2020, 6:11 PM Reply Quote 0
    • P
      PiBa @Xivexell
      last edited by Jan 28, 2020, 6:11 PM

      @Xivexell
      I would try something like this:

      acl check1 path_beg /api/user/
      acl check2 method GET
      http-request deny 404 if check1 check2
      
      X 1 Reply Last reply Feb 17, 2020, 4:42 PM Reply Quote 0
      • X
        Xivexell @PiBa
        last edited by Feb 17, 2020, 4:42 PM

        Thanks for your answer, I try it, works when I have one path, but If I have other rules, it doesn't works c992ce7a-1e0a-400c-bb3d-d8af8957eda1-imagen.png

        P 1 Reply Last reply Feb 17, 2020, 8:07 PM Reply Quote 0
        • P
          PiBa @Xivexell
          last edited by Feb 17, 2020, 8:07 PM

          @Xivexell
          I notice that you have the "NOT" checkbox set.. So i wonder what you expect to happen.?

          If the user is 'NOT requesting /api/user' AND the user is 'NOT using method GET/POST/DELETE' then do something.?

          Or would you perhaps prefer to have and 'OR' = || between those 2 acls.?

          add0a4e8-3533-48fe-a796-f6a808eb60ec-image.png
          Result in haproxy.cfg (see the ! signs and the | ..):

          	acl			Rule1	var(txn.txnpath) -m beg -i /api/user/
          	acl			Rule2	method GET POST DELETE
          	http-request deny deny_status 402  if  !Rule1 || !Rule2 
          
          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            [[user:consent.lead]]
            [[user:consent.not_received]]