We have been looking at modifying HAProxy to be able to create ACL's that read in the request body and forward based upon whether or not a certain string is contained within it.
It seems like there is everything needed except the "acl_fetch_line" function. In this function, we have been able to read in most requests, but requests bigger than 1000k seem to break because the entire message is not read in before the function is called. The flag "ACL_TEST_F_MAY_CHANGE" appears to be made to cover this purpose, but setting this flag doesn't seem to do anything because the flag "ACL_PARTIAL" is never set for http acl's, and there doesn't seem to be any support for calling the fetch function again once the rest of the message is received. Is this assessment accurate? And how should we go about solving this? Any help that you can offer would be great. -- Nathaniel Irvin Junior Developer True North Service, Inc.
