Re: Issue with 1.5-dev19 and acl foo sc1_inc_gpc0 gt 0 in backend

Toni Mattila Sat, 31 Aug 2013 08:30:59 -0700

Hi,

As to respond to my own post.. I have gotten the sc1_inc_gpc0 workingwhen I define in my frontend:

stick-table type ip size 50k expire 120m store gpc0
tcp-request content track-sc1 src

But if I add to that tcp-request content track-sc1 src if METH_POST thenit doesn't work anymore..


So this works:
frontend http-in
   bind *:80
   stick-table type ip size 50k expire 120m store gpc0
   tcp-request content track-sc1 src
   default_backend web29

backend web29
    stick-table type ip size 50k expire 120m store http_req_rate(120s)
    tcp-request content track-sc2  src if METH_POST
    stick store-request src            if METH_POST
    acl bruteforce_detection  sc2_http_req_rate gt 5
    acl foo sc1_inc_gpc0 gt 0
    http-request deny if foo bruteforce_detection
    server web29 x.x.x.x:80 check

This doesn't:
frontend http-in
   bind *:80
   stick-table type ip size 50k expire 120m store gpc0
   tcp-request content track-sc1 src if METH_POST
   default_backend web29

backend web29
    stick-table type ip size 50k expire 120m store http_req_rate(120s)
    tcp-request content track-sc2  src if METH_POST
    stick store-request src            if METH_POST
    acl bruteforce_detection  sc2_http_req_rate gt 5
    acl foo sc1_inc_gpc0 gt 0
    http-request deny if foo bruteforce_detection
    server web29 x.x.x.x:80 check

Thanks,
Toni Mattila

Re: Issue with 1.5-dev19 and acl foo sc1_inc_gpc0 gt 0 in backend

Reply via email to