I think this covers the most cases, I am not sure if the "-i" is needed or not:
acl acl_aspc url_dom -i autos-prestige-collection HTTP_URL_ABS acl acl_aspc hdr_dom(Host) -i autos-prestige-collection use_backend aspc if acl_aspc On 1/12/11 11:38 AM, Bryan Talbot wrote:
I think the problem is that url_dom operates on the URL found in the request line but in your case, that URL is a relative URI (/) which does not contain a host name. I think if you use hdr_dom(Host) it'll do what you want. -Bryan On Wed, Jan 12, 2011 at 8:39 AM, Contact Dowhile <[email protected] <mailto:[email protected]>> wrote: Hello, i have a pretty simple HAProxy configuration, but it can't match an super-simple acl.. Here is the config global daemon user haproxy group haproxy maxconn 5000 defaults mode http maxconn 4950 retries 2 timeout client 60s # Client and server timeout must match the longest timeout server 60s # time we may wait for a response from the server. timeout queue 60s # Don't queue requests too long if saturated. timeout connect 4s # There's no reason to change this one. timeout http-request 5s # A complete request may never take that long. frontend web :80 option forwardfor acl acl_aspc url_dom autos-prestige-collection use_backend aspc if acl_aspc default_backend webfarm backend aspc balance source server webC 10.1.0.26:80 <http://10.1.0.26:80> check backend webfarm balance source server webA 10.1.0.20:80 <http://10.1.0.20:80> check What i want is going to webfarm for every website, and going to aspc for http://*.autos-prestige-collection.com/* <http://autos-prestige-collection.com/*> This is because this site is located on a windows iis server... If i'm in debug mode here is what happen myhost etc # haproxy -d -f haproxy.cfg Available polling systems : sepoll : pref=400, test result OK epoll : pref=300, test result OK poll : pref=200, test result OK select : pref=150, test result OK Total: 4 (4 usable), will use sepoll. Using sepoll() as the polling mechanism. 00000000:web.accept(0004)=0005 from [xx.xx.xx.xx:27615] 00000000:web.clireq[0005:ffff]: GET / HTTP/1.1 00000000:web.clihdr[0005:ffff]: Host: www.autos-prestige-collection.com <http://www.autos-prestige-collection.com> 00000000:web.clihdr[0005:ffff]: User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.12) Gecko/20101027 Firefox/3.6.12 00000000:web.clihdr[0005:ffff]: Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 00000000:web.clihdr[0005:ffff]: Accept-Language: fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3 00000000:web.clihdr[0005:ffff]: Accept-Encoding: gzip,deflate 00000000:web.clihdr[0005:ffff]: Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 00000000:web.clihdr[0005:ffff]: Keep-Alive: 115 00000000:web.clihdr[0005:ffff]: Connection: keep-alive 00000000:webfarm.srvrep[0005:0006]: HTTP/1.1 200 OK 00000000:webfarm.srvhdr[0005:0006]: Date: Wed, 12 Jan 2011 16:31:13 GMT 00000000:webfarm.srvhdr[0005:0006]: Server: Apache/2.2.17 (Fedora) 00000000:webfarm.srvhdr[0005:0006]: X-Powered-By: PHP/5.3.4 00000000:webfarm.srvhdr[0005:0006]: Content-Length: 3546 00000000:webfarm.srvhdr[0005:0006]: Connection: close 00000000:webfarm.srvhdr[0005:0006]: Content-Type: text/html; charset=UTF-8 00000000:webfarm.srvcls[0005:0006] 00000000:webfarm.clicls[0005:0006] 00000000:webfarm.closed[0005:0006] We see that "Host: www.autos-prestige-collection.com <http://www.autos-prestige-collection.com>" (so it should match my acl isn't it ???) but we see that haproxy redirected this query to "webfarm 00000000:webfarm.srvhdr[0005:0006]: Server: Apache/2.2.17 (Fedora)" My iis server is going ok, if i put this in frontend web :80 default_backend aspc i'm redirected to my iis server (but then ALL my websites are redirected to the iis which i don't want...) I tried with url_dom and url_sub, nothing changes, it never catch the acl rule... I'm running haproxy 1.4.10 on gentoo. Thanks for reading Guillaume
