3. HAProxy ACL conditions

HAProxy ACL conditions

  • D

    Hi,

    i am in need of ACL conditions in HAProxy. The package doesn't seem tu support ACL conditions, only single ACLs.
    The scenario is to expose websites that respect the host address and path begins.
    This is because we have multiple websites like this:

    http:/dev.site.com/publicAPI/
    http:/qa.site.com/publicAPI/
    http:/tst.site.com/publicAPI/

    We don't want to expose the root websites thats why we need an ACL condition.

    Please help me on how we do this in PFSense HAProxy.

    0
  • P

    Hi,

    If your using haproxy-devel package, and you give the acl's the same name they will be combined into 1 condition. I think that will accomplish what you want.?

    Result would be this for the acl name "MyAclCombined1", (didn't check if below config works..) :
    acl        0_MyAclCombined1  hdr(host) -i vhost1.pfsense.local
    acl        1_MyAclCombined1  path_beg -i /test/
    use_backend      test_http if 0_MyAclCombined1 1_MyAclCombined1

    If you want more advanced combinations of acl's however i think you will need to write them in one of the passthrough sections as 'text'.

    Greets
    PiBa-NL

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy