Hi.
On 01.01.22 20:56, Henning Svane wrote:
Hi
I have used it for some time in PFsense, but know made a Linux installation and now the configuration
give me some troubles.
What have I done wrong here below?
As I cannot see what I should have done different, but sudo haproxy -c -f /etc/haproxy/haproxy01.cfg
gives the following errors
error detected while parsing ACL 'XMail_EAS' : unknown fetch method 'if' in ACL
expression 'if'.
error detected while parsing an 'http-request track-sc1' condition : unknown fetch method 'XMail_EAS'
in ACL expression 'XMail_EAS'.
I have tried with { } around but that did not help
"if" is not a valid keyword for "acl" line.
http://cbonte.github.io/haproxy-dconv/2.4/configuration.html#7
Configuration:
bind 10.40.61.10:443 ssl crt /etc/haproxy/crt/mail_domain_com.pem alpn
h2,http/1.1
acl XMail hdr(host) -i mail.domain.com autodiscover.domain.com
http-request redirect scheme https code 301 if !{ ssl_fc }
acl XMail_EAS if XMail AND {url_beg -i /microsoft-server-activesync}
This works.
acl XMail hdr(host) -i mail.domain.com autodiscover.domain.com
acl MS_ACT url_beg -i /microsoft-server-activesync
http-request track-sc1 src table Table_SRC_XMail_EAS_L4 if XMail MS_ACT
The AND is implicit.
http://cbonte.github.io/haproxy-dconv/2.4/configuration.html#7.2
http-request track-sc1 src table Table_SRC_XMail_EAS_L4 if { XMail_EAS } {
status 401 } { status 403 }
http-request tarpit deny_status 429 if { XMail_EAS} { sc_http_req_rate(1) gt
10 }
Please can you share some more information's.
haproxy -vv
Regards
Henning
Regards
Alex
