Hi good folks! We ran into an issue with 2.0.25 that it ignores the "block" (deprecated but still valid) statement. The following works in 2.0.24 but not in 2.0.25:
frontend http-in bind :80 mode http log global // snip, all the usual stuff # block any unwanted source IP addresses or networks acl forbidden_src src 127.0.0.1 block if forbidden_src With 2.0.24 as expected: $ curl http://localhost/adsf <html><body><h1>403 Forbidden</h1> Request forbidden by administrative rules. </body></html> With 2.0.25 (503 because no real backend in my test setup): $ curl http://localhost/adsf <html><body><h1>503 Service Unavailable</h1> No server is available to handle this request. </body></html> Wondering if I'm missing something or if this is a security issue. For now we are have quickly "patched" our prod servers by replacing "block" with "http-request deny" which does show the correct behavior. Any comments or suggestions? Thanks Bart
