0

I serve multiple services from my domain using the same HAProxy instance, at domain.com/s1/ and domain.com/s2/ . I would like to do some operations (including ACL matching) only when certain conditions are met within s2. Using acl's like

acl service_1         path_beg   /s1/
acl service_2         path_beg   /s2/
acl service_1_path_1  path_beg   /s2/path1/
acl service_1_path_2  path_beg   /s2/path2/

will lead to all requests being matches for the s2/path1/ and /s2/path2/ patterns, which is wasteful if I know that the vast majority of requests are for s1.

Is there a way that I can say "evaluate for the path_1 or path_2 patterns only if the acl service_2 matches"?

Note that this is not a case of wanting to AND two conditions; I want the second acl to not even be computed unless the first one matches. Is that even possible in HAProxy?

Animesh
  • 249
  • 1
  • 2
  • 9

1 Answers1

1

HAProxy Multiple Condition Example

Here is one example I use:

acl bot_ok path_end txt
acl bot_ok url_reg ^/$
acl derpy3 hdr_sub(user-agent) -i bash curl wget slack
acl derpy3 req.ver !1.1
http-request silent-drop if derpy3 !bot_ok

Let the bots in and/or use http protocols other than 1.1 IF they hit / or .txt files.

We define multiple acl's, then set the condition and/or negating condition on the action.

Aaron
  • 2,809
  • 2
  • 11
  • 29
  • Thanks; I have something similar to that as well, but I do not even want `bot_ok` to be computed unless `derpy3` evaluates to true. – Animesh Jun 26 '17 at 22:56