Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    haproxy acl path and method

    Cache/Proxy
    2
    4
    344
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      Xivexell last edited by

      I'm trying to create a rule like this :

      path_beg /api/user/ && method GET

      I need specifically validate a URL and method it uses

      but it doesn't works, some ideas?

      P 1 Reply Last reply Reply Quote 0
      • P
        PiBa @Xivexell last edited by

        @Xivexell
        I would try something like this:

        acl check1 path_beg /api/user/
acl check2 method GET
http-request deny 404 if check1 check2
        X 1 Reply Last reply Reply Quote 0
        • X
          Xivexell @PiBa last edited by

          Thanks for your answer, I try it, works when I have one path, but If I have other rules, it doesn't works c992ce7a-1e0a-400c-bb3d-d8af8957eda1-imagen.png

          P 1 Reply Last reply Reply Quote 0
          • P
            PiBa @Xivexell last edited by

            @Xivexell
            I notice that you have the "NOT" checkbox set.. So i wonder what you expect to happen.?

            If the user is 'NOT requesting /api/user' AND the user is 'NOT using method GET/POST/DELETE' then do something.?

            Or would you perhaps prefer to have and 'OR' = || between those 2 acls.?

            add0a4e8-3533-48fe-a796-f6a808eb60ec-image.png
            Result in haproxy.cfg (see the ! signs and the | ..):

            	acl			Rule1	var(txn.txnpath) -m beg -i /api/user/
	acl			Rule2	method GET POST DELETE
	http-request deny deny_status 402  if  !Rule1 || !Rule2
            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy