Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ACL with multi Action

    Scheduled Pinned Locked Moved Cache/Proxy
    2 Posts 2 Posters 155 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jonny190
      last edited by

      Hi all, looking for some help getting some specific rules working

      in raw HA the config is

      frontend Threadfin
        bind                    *my ip*:34400 name *my ip*:34400
        bind                    *my int ip*:34400 name *my int ip*:34400
        mode                    http
        log                     global
        option                  http-keep-alive
        timeout client          30000
        acl                     http    var(txn.txnpath) -m sub -i images
        acl                     https   var(txn.txnpath) -m sub -i images
        http-request set-var(txn.txnpath) path
        http-request replace-value Host (.*):34400 \1:443
        http-request redirect location https://%[req.hdr(Host)]%[capture.req.uri]  if  https
        use_backend Threadfin_ipvANY  if  !http

      the issue is getting

      http-request replace-value Host (.*):34400 \1:443
http-request redirect location https://%[req.hdr(Host)]%[capture.req.uri]  if  https

      in to one rule, i can get the first line in just not the seccond
      1928ebd7-8bff-4b73-8d5a-f098a078d25e-image.png

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @jonny190
        last edited by

        @jonny190 said in ACL with multi Action:

        in to one rule, i can get the first line in just not the seccond

        So add a second one.
        The original config has also two rule for what you want.

        BTW: the original rule looks a bit different than yours. It seems, to also replace the last octet of the IP.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.