Created
May 19, 2016 15:06
-
-
Save meineerde/003c3aa4b146df81da9afee0ff4a0d69 to your computer and use it in GitHub Desktop.
HAPROXY: Use a fetched integer value as checked value in an ACL
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # First extract the rate into a variable called req.src_http_req_rate | |
| http-request content set-var req.src_http_req_rate %[src_http_req_rate] | |
| # Then use this variable in the acl by subtracting the current rate from the | |
| # value returned from the map. If the result is less than 0, the request rate | |
| # is larger than the allowed value | |
| acl abuse src,map_ip_int(/etc/haproxy/ips.map),sub(req.src_http_req_rate) -m int lt 0 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment