Setup HAProxy - ACL with SourceIP

Gamienator 0 · May 28, 2024, 8:37 AM

Hello everyone,

I'm curious if its possible to make an AND Condition in HA Proxy. I have only one Frontend but several backens that should only be accessable by only one specific Source IP while other backends can be accessed by everyone. That I need to create an ACL to use the backend is sure, but reading

acl's are no longer combined with logical AND operators, list multiple acl's below where needed.

means to me I need to make a different approach.

Do I need to set in the Access Control List a custom acl and write it on my own or is there a GUI way of doing it?

viragomann · May 28, 2024, 9:49 AM

@Gamienator-0
Just enter all ACLs for your condition into the "Condition acl names" box of the action, separated by spaces.

Gamienator 0 · May 28, 2024, 10:11 AM

This post is deleted!

Gamienator 0 · May 28, 2024, 10:27 AM

Thank you very much! Now I have to find out a way for using the pfSense Aliases.

viragomann · May 28, 2024, 10:30 AM

@Gamienator-0
Aliases can be used straight forward in ACLs.
For instance to use an alias for some IPs, set the ACL expression to "Source IP matches IP or Alias" and enter the alias for the value.