Im not sure if this is the exact issue that Anup was having, and maybe
i'm hijacking his thread, if so i'm sorry for that, but when try to
check how it works i also having difficulties getting it to work as i
expected it to.
I'm using HAProxy v1.5dev21 on FreeBSD 8.3.
Ive written in a frontend the following which checks for a GET web
request to determine which backend to use, this works..:
tcp-request inspect-delay 5s
acl PAYLOADcheck req.payload(0,3) -m bin 474554
use_backend web_80_tcp if PAYLOADcheck
tcp-request content accept if PAYLOADcheck
However when changing the match line to the following it fails:
acl PAYLOADcheck req.payload(0,3) -m str GET
acl PAYLOADcheck req.payload(0,3) -m sub GET
acl PAYLOADcheck req.payload(0,3) -m reg -i GET
The req.payload returns a piece of 'binary' data, but the 'compatibility
matrix' seems to say that converting for use with sub/reg/others should
not be an issue.
Then the next step is of course to not match only the first 3 characters
but some content further in the 'middle' of the data stream..
Am i missing something ? Or might there be an issue with the implementation?
This is currently only for finding if and how that req.payload check can
be used. Of course using 'mode http' would be much better for this
purpose when running http traffic, but that isn't the purpose of this
Ive spoken on irc with mculp who was trying something similar but
couldnt get it to work either, and seen a previous question
http://comments.gmane.org/gmane.comp.web.haproxy/11942 which seems to
have gone without a final solution as well.
So the question is, is this possible or might there be some issues in
'converting' the checks?
Thanks for your time.
Baptiste schreef op 28-2-2014 10:57:
and where is your problem exactly?
On Tue, Feb 25, 2014 at 7:39 AM, anup katariya <anup.katar...@gmail.com> wrote:
I wanted to inspect incoming tcp request. I wanted to something like below
payload(0, 100) match with string like 49=ABC.