> > > > > So far, it seems like the only options would be custom LUA or SPOE. > > > > > > > > I see two options :-) . > > > > > > > > Runtime API directly > > > > https://www.haproxy.com/blog/dynamic-configuration-haproxy-runtime-api > > > > or > > > > Dataplane API https://github.com/haproxytech/dataplaneapi > > > > > > I'm aware of the runtime API, but I don't see how I can add new ACL lists > > > or > > > remove existing ones and dynamically reference them in `tcp-session` > > > rules, > > > can you please explain how I could achieve something like this? Maybe I'm > > > just > > > missing some detail. > > > > There are examples in the blog post. > > https://www.haproxy.com/blog/dynamic-configuration-haproxy-runtime-api#updating-acls > > > > and in that one > > https://www.haproxy.com/blog/introduction-to-haproxy-acls#using-the-runtime-api > > > > For example. > > > > ``` > > echo "add acl /etc/hapee-1.8/whitelist.acl 1.2.3.4" | socat stdio > > /var/run/hapee-lb.sock > > > > ``` > > The documentation for the commands are in the managment guide > > https://docs.haproxy.org/3.1/management.html#9.3-add%20acl > > https://docs.haproxy.org/3.1/management.html#9.3-add%20map > > Adding new lists or files dynamically is unfortunately not supported. It's not > possible to modify a TCP rule over the CLI.
That was my understanding as well. Thank you for confirming it! If you have other suggestions on how to achieve this besides LUA and SPOE, please let me know. -- Max
