Hi, This does not seem to be working - I've also examined the table with socat - It doesn't catch anything. Artef several requests through telnet I still get:
echo "show table" | socat unix:/tmp/haproxy.stats - # table: app, type: string, size:204800, used:0 -- Przemysław Hejman e-mail: [email protected] TouK sp. z o.o. s.k.a. 02-389 Warszawa, al. Bohaterów Września 9 http://touk.pl Wiadomość napisana przez Baptiste w dniu 23 paź 2013, o godz. 21:27: > Hi, > > Your stick table definition is missing some information. > Use the one below: > stick-table type string len 40 size 200k expire 3m store http_req_cnt > > Maybe you should also turn on option http-server-close. > > Baptiste > > > On Wed, Oct 23, 2013 at 7:49 PM, Przemysław Hejman <[email protected]> wrote: >> Hi Baptiste, >> >> Thank you for your pieces of advice. I've tried to write such a config, >> however, it does not seem to work - can you tell me what I'm missing or what >> am I doing wrong? >> >> defaults >> mode http >> contimeout 5000 >> clitimeout 50000 >> srvtimeout 50000 >> >> >> listen app 192.168.9.130:80 >> mode http >> tcp-request connection accept if { src -f /etc/haproxy/whitelist.lst >> } # Just a simple whitelist >> #create a stick table, string type, store number of requests >> stick-table type string len 40 size 200k expire 3m >> #store url parameter called id >> stick store-request urlp(SID,?) # stick on urlp(SID) >> #track counter on url parameter id >> tcp-request content track-sc0 urlp(SID,?) >> #deny if the number of request for the tracked id is greater than X >> tcp-request connection reject if { sc0_http_req_cnt gt 2 } >> default_backend web_servers >> >> backend web_servers >> balance roundrobin >> server web01 192.168.9.128:80 check inter 1000 >> server web02 192.168.9.129:80 check inter 1000 >> >> -- >> >> e-mail: [email protected] >> >> TouK sp. z o.o. s.k.a. >> 02-389 Warszawa, al. Bohaterów Września 9 >> http://touk.pl >> >> Wiadomość napisana przez Baptiste w dniu 18 paź 2013, o godz. 14:40: >> >> Hi Przemyslaw, >> >> You can do this: >> create a stick table, string type, store number of requests >> store url parameter called id >> track counter on url parameter id >> deny if the number of request for the tracked id is greater than X >> >> Baptiste >> >> >> On Fri, Oct 18, 2013 at 11:02 AM, Przemysław Hejman <[email protected]> wrote: >> >> Hello everyone, >> >> >> >> Is there any possibility for HAProxy to perform a rate limit per repeating >> >> request? Consider following situation: >> >> Assume that you have requests like: >> >> >> GET /file&id=123%someotherstuff >> >> GET /file&id=476%someotherstuff >> >> GET /file&id=111%someotherstuff >> >> GET /file&id=111%someotherstuff >> >> GET /file&id=111%someotherstuff >> >> GET /file&id=476%someotherstuff >> >> >> What I want to do is to block the next request containing "id=111". Lets >> >> say that I want to allow only 3 exactly same requests matching [0-9]{3}. >> >> >> Is there any possibility to configure a stick table to work like in this >> >> example? If no, do you know any other mechanisms to perform such an action? >> >> >> Bes >> >> -- >> >> >> e-mail: [email protected] >> >> >> TouK sp. z o.o. s.k.a. >> >> 02-389 Warszawa, al. Bohaterów Września 9 >> >> http://touk.pl >> >> >> >> >
