I only add the "tcp-request inspect-delay 5s" to the code indicated by Thierry and it work as expected. Before, some request pass over the limit.
Den, you can change the header in the error file. The 500 error file can reply with a 404, for example: http://cbonte.github.io/haproxy-dconv/configuration-1.5.html#errorfile Thanks, El Martes 12 de agosto de 2014 12:59, Den Bozhok <undyin...@yandex.ru> escribió: Wow! Thanks a lot for this information, it`s very useful. From documentation "tarpit" returns 500 when timeout is reached. Is it possible to change response code? 500 it`s not the best code for timeout :) Thanks again 12.08.2014, 14:18, "Thierry FOURNIER" <tfourn...@haproxy.com>: On Tue, 12 Aug 2014 13:29:45 +0400 >Den Bozhok <undyin...@yandex.ru> wrote: > >> Well, now I know how to count connections by user`s header: >> >> stick-table type string size 32m expire 1m store conn_cur >> tcp-request content track-sc0 hdr(X-User-Id) >> acl limit_x_user_id sc0_conn_cur gt 500 >> >> so acl is created, but I`m only know how to drop connection if it already >>reached his maximum, but is it possible to push connection to the queue and >>pull it when limit is passed? >> >Hello, > >For information, you can also store the connection rate in the stick >table like this: > > stick-table type string size 32m expire 1m store http_req_rate(1s) > tcp-request content track-sc0 hdr(X-User-Id) > acl limit_x_user_id sc0_http_req_rate gt 1 # limit to one request per >second / per user > >The acl to drop the connection is: > > http-request <KEYWORD> if { limit_x_user_id } > >KEYWORD can be: > > "tarpit" if you want to slow down this user > "redirect" if you want to redirect the user to an information page > >You can also use "block if { limit_x_user_id }" to send a 403 to the user. > >Thierry > 12.08.2014, 11:44, "Ricardo Fraile" <rfra...@yahoo.es>: >> Hello, >> >> I'm interested on it too. >> >> Thanks,
