Hi Baptiste et al., Did you see my last comments? Sorry if this is an issue already addressed, but I wasn't able to find anything on usage specifics in the documentation.
Thanks, William On Tue, Jul 1, 2014 at 2:49 PM, William Jimenez < [email protected]> wrote: > Hi Baptiste > I tried: > >> >> # haproxyctl del acl myacl >> This command expects two parameters: ACL identifier and key. > > > then i tried this > > # haproxyctl del acl myacl 0 >> Unknown map identifier. Please use #<id> or <file>. > > > as well as the inverse ('0 myacl') > > I do see the acl listed though: > > # haproxyctl show acl >> # id (file) description >> 0 (/root/myacl) pattern loaded from file '/root/myacl' used by acl at >> file '/etc/haproxy/haproxy.cfg' line 19 >> 1 () acl 'hdr' file '/etc/haproxy/haproxy.cfg' line 19 >> >> 2 () acl 'src' file '/etc/haproxy/haproxy.cfg' line 21 >> > > Also a redirect stmt that uses the aforementioned threw an error when I > defined it like you suggested: > > [ALERT] 180/204636 (5765) : parsing [/etc/haproxy/haproxy.cfg:31] : error >> detected in frontend 'x' while parsing redirect rule : error in condition: >> no such ACL : 'redir_true'. > > > -William > > > On Tue, Jul 1, 2014 at 2:42 PM, Baptiste <[email protected]> wrote: > >> On Tue, Jul 1, 2014 at 11:16 PM, William Jimenez >> <[email protected]> wrote: >> > Hi Baptiste, thank you for the response. I'm afraid I still don't >> follow. >> > Say I have the an ACL that I want to toggle from its current state (as >> > defined in the flat file) to 'always_false'. I can see it exists from >> the >> > output of the 'show acl' command: >> > >> >> # id (file) description >> >> 0 () acl 'always_true' file '/etc/haproxy/haproxy.cfg' line 19 >> > >> > So to modify it I assume I would run something using 'add acl'. I >> thought >> > you mentioned it needs to be defined in a file so I tried: >> >> >> >> # haproxyctl add acl myacl >> >> 'add acl' expects two parameters: ACL identifier and pattern. >> > >> > >> > where 'myacl' is a file containing: >> > >> >> acl redir_true always_true >> > >> > >> > Hope that helps clarify the situation. What am I doing wrong? >> > >> > Thanks in advance, >> > William >> > >> > >> > On Tue, Jul 1, 2014 at 2:00 PM, Baptiste <[email protected]> wrote: >> >> >> >> On Tue, Jul 1, 2014 at 10:54 PM, William Jimenez >> >> <[email protected]> wrote: >> >> > Hello >> >> > I am trying to modify ACLs via the socket interface. When I try to do >> >> > something like 'get acl', I get an error: >> >> > >> >> > Missing ACL identifier and/or key. >> >> > >> >> > How do I find the ACL identifier or key for a specific ACL? I see the >> >> > list >> >> > of ACLs when i do a 'show acl', but unsure which of these values is >> the >> >> > file >> >> > or key: >> >> > >> >> > # id (file) description >> >> > 0 () acl 'always_true' file '/etc/haproxy/haproxy.cfg' line 19 >> >> > 1 () acl 'src' file '/etc/haproxy/haproxy.cfg' line 20 >> >> > 2 () acl 'src' file '/etc/haproxy/haproxy.cfg' line 21 >> >> > 3 () acl 'src' file '/etc/haproxy/haproxy.cfg' line 22 >> >> > >> >> > Thanks >> >> >> >> Hi William, >> >> >> >> In order to be able to update ACL content, they must load their >> >> content from a file. >> >> The file name will be considered as a 'reference' you can point to >> >> when updating content. >> >> Don't forget to update simultaneously the content from an ACL and from >> >> the flat file to make HAProxy reload reliable :) >> >> >> >> Baptiste >> > >> > >> > >> > >> > -- >> > William Jimenez >> > Systems Engineer, Operations >> > ItsOn, Inc. >> > 650-241-8470 {us/pacific} >> >> >> Hi William, >> >> In your configuration, you should load your acl like this: >> acl myacl hdr(Host) -f /path/to/myhosthdr.acl >> >> then your file acl reference will be myhosthdr.acl. >> >> Baptiste >> > > > > -- > William Jimenez > Systems Engineer, Operations > ItsOn, Inc. > 650-241-8470 {us/pacific} > -- William Jimenez Systems Engineer, Operations ItsOn, Inc. 650-241-8470 {us/pacific}
