Menu
I was trying to load the whitelist IP to Haproxy acl from file
I was able to whitelist ip via adding inline to haproxy config file and its works well
I was wondering is there any way that i can specify the ip address to a file and read it from haproxy configuration
Here is my Haproxy conf
global
log /dev/log local0
log /dev/log local1 notice
chroot /var/lib/haproxy
user haproxy
group haproxy
daemon
defaults
log global
mode http
option httplog
option dontlognull
contimeout 5000
clitimeout 50000
srvtimeout 50000
errorfile 400 /etc/haproxy/errors/400.http
errorfile 403 /etc/haproxy/errors/403.http
errorfile 408 /etc/haproxy/errors/408.http
errorfile 500 /etc/haproxy/errors/500.http
errorfile 502 /etc/haproxy/errors/502.http
errorfile 503 /etc/haproxy/errors/503.http
errorfile 504 /etc/haproxy/errors/504.http
frontend http-in
bind *:80
mode http
reqadd X-Forwarded-Proto:\ http
acl whitelist src 192.168.12.32 192.168.0.1
acl all src 0.0.0.0
acl demo hdr_end(host) -i 192.168.20.26
use_backend demo if demo whitelist
backend demo
balance leastconn
option httpclose
option forwardfor
cookie JSESSIONID prefix
server locahost localhost:8080 cookie A check
746
we specify the whitelist ip source with "-f " flag inside haproxy.conf file.
Create whitelist.lst inside /etc/haproxy/ and list out all the whitelisted ip with subnet mask for eg:- 192.168.1.1/32 192.168.2.1/32 192.168.0.1/24 etc..Here is my haproxy conf file which load the whitelist ip from file.
frontend http-in
bind *:80
mode http
reqadd X-Forwarded-Proto:\ http
acl whitelist src -f /etc/haproxy/whitelist.lst
acl all src 0.0.0.0
acl demo hdr_end(host) -i 192.168.20.26
use_backend demo if demo whitelist
backend demo
balance leastconn
option httpclose
option forwardfor
cookie JSESSIONID prefix
server locahost localhost:8080 cookie A check
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With