Hi Guys,
I want to only allow certain internal company IP addresses to have access to
one of my web farms. I am using haproxy 1.5 on Debian 7.
I am using a whitelist.lst file with the following contents...
10.0.0.0/8
Here is my frontend configuration...
frontend https-in
bind *:443 ssl crt /etc/ssl/xxx.cert.chain.pem
http-request allow if { src -f
/etc/haproxy/whitelist.lst }
reqadd X-Forwarded-Proto:https
reqadd X-Forwarded-Port:443
timeout client 600000
default-backend web
However any IP is still allowed through this frontend. It does not appear to
be restricting access to any other IP. Am I missing something in my
configuration?
Thanks
John Dzialo | Linux System Administrator
Direct 203.783.8163 | Main 800.352.0050
Environmental Data Resources, Inc.
440 Wheelers Farms Road, Milford, CT 06461
www.edrnet.com<http://www.edrnet.com/> |
commonground.edrnet.com<http://commonground.edrnet.com/>
[Description: Description: Description: Description: Description:
EDR_logo4color_EDR_only_80px2]
