Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Setup HAProxy - ACL with SourceIP

    Scheduled Pinned Locked Moved Cache/Proxy
    5 Posts 2 Posters 436 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • Gamienator 0G
      Gamienator 0
      last edited by

      Hello everyone,

      I'm curious if its possible to make an AND Condition in HA Proxy. I have only one Frontend but several backens that should only be accessable by only one specific Source IP while other backends can be accessed by everyone. That I need to create an ACL to use the backend is sure, but reading

      acl's are no longer combined with logical AND operators, list multiple acl's below where needed.
      

      means to me I need to make a different approach.

      Do I need to set in the Access Control List a custom acl and write it on my own or is there a GUI way of doing it?

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @Gamienator 0
        last edited by

        @Gamienator-0
        Just enter all ACLs for your condition into the "Condition acl names" box of the action, separated by spaces.

        Gamienator 0G 1 Reply Last reply Reply Quote 0
        • Gamienator 0G
          Gamienator 0 @viragomann
          last edited by

          This post is deleted!
          1 Reply Last reply Reply Quote 0
          • Gamienator 0G
            Gamienator 0
            last edited by

            Thank you very much! Now I have to find out a way for using the pfSense Aliases.

            V 1 Reply Last reply Reply Quote 0
            • V
              viragomann @Gamienator 0
              last edited by

              @Gamienator-0
              Aliases can be used straight forward in ACLs.
              For instance to use an alias for some IPs, set the ACL expression to "Source IP matches IP or Alias" and enter the alias for the value.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.