Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


Haproxy Wildcard regex in ACL
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

Haproxy Wildcard regex in ACL

DXDDXD Member
edited May 2019 in Help

Is it possible to have custom acl like *.test.com
where it will work for :

test.com
test.test.com
test.test.test.com?

I read the documentation and a serverfault thread but none helped.
Any help will be appreciated.

p.s serverfault link :

https://serverfault.com/questions/388937/how-do-i-match-a-wildcard-host-in-acl-lists-in-haproxy

Comments

  • reditredit Member, Host Rep

    Hi @DXD
    Sorry been away for a week to two and still catching up.
    Did you find an answer to this?
    I think though (depending on what you are trying to do with the result) what you are looking for is hdr_dom(host) ACL rules

    For example

    frontend in
    bind :80
    acl is_domain1 hdr_dom(host) test.com
    acl is_domain2 hdr_dom(host) test2.com
    use backend domain1_svr if is_domain1
    use backend domain2_svr if is_domain2

    backend domain1_svr
    server svr0 x.x.x.x check 80

    backend domain2_svr
    server svr0 x.x.x.x check 80

    Again I'm guessing as you have not really said what you are trying to do.

  • DXDDXD Member

    @redit said:
    Hi @DXD
    Sorry been away for a week to two and still catching up.
    Did you find an answer to this?
    I think though (depending on what you are trying to do with the result) what you are looking for is hdr_dom(host) ACL rules

    For example

    frontend in
    bind :80
    acl is_domain1 hdr_dom(host) test.com
    acl is_domain2 hdr_dom(host) test2.com
    use backend domain1_svr if is_domain1
    use backend domain2_svr if is_domain2

    backend domain1_svr
    server svr0 x.x.x.x check 80

    backend domain2_svr
    server svr0 x.x.x.x check 80

    Again I'm guessing as you have not really said what you are trying to do.

    Thanks bro for the heads up.

    Will this work like
    if i go to x.yz.test.com ?

  • reditredit Member, Host Rep

    It should do as I is only looking at the domain part but I do think that there is a path_beg or something along those lines.
    I'm not at my full normal works machine at the moment so cant say for 100% and a Google didn't return what I was expecting.
    If you also put in a 'default_backend' statement on your frontend configuration it should then catch anything that is not caught by an ACL rule.
    If you still have issues getting what you want to work PM me a copy of your HAProxy config and details of what you are looking to do and I'll see if I can help.

    Thanked by 1DXD
  • ZerpyZerpy Member

    I'd really just use hdr_end(host) -i .test.com

    Thanked by 1DXD
  • DXDDXD Member

    Thank you everyone.

  • reditredit Member, Host Rep

    @Zerpy hdr_end(host) nice spot that would do it perfectly I would think and @DXD your more than welcome even though I would think that @Zerpy answer would be a better option for what you are trying to do.

Sign In or Register to comment.