2014-08-20 19:33 GMT+02:00 [email protected] <[email protected]>:
> 2014-08-18 18:49 GMT+02:00 Emeric Brun <[email protected]>:
>> On 08/18/2014 05:49 PM, Baptiste wrote:
>>>
>>> On Sun, Aug 17, 2014 at 4:49 PM, [email protected] <[email protected]>
>>> wrote:
>>>>
>>>> Hi,
>>>>
>>>> i was digging through some old threads:
>>>>
>>>>
>>>> http://t53814.web-haproxy.webtalks.info/help-with-tcp-request-content-track-sc1-t53814.html
>>>> http://marc.info/?l=haproxy&m=139458469126719&w=2
>>>>
>>>>
>>>> I have the same requirement and want to track not only on src (source
>>>> ip), i want to concatenate src + hdr(User-Agent) or hdr(User-Agent) +
>>>> hdr(X-Forward-For).
>>>>
>>>>
>>>>
>>>> Is there a way to actually do this ? (maybe it could be hashed, like
>>>> it is possible with "base32+src" ?)
>>>>
>>>>
>>>> Thanks,
>>>>
>>>> -----------
>>>> Bjoern
>>>>
>>>
>>>
>>> Hi Bjoern,
>>>
>>> There is no way to do this currently in HAProxy.
>>>
>>> Baptiste
>>>
>>
>>
>> Hi All,
>>
>> I think it is possible:
>>
>> You need to add a new header to the request, with a concat of these
>> different values ("http-request add-header" and use log format to create the
>> value).
>>
>> And use the fetch on this header on the stickin rule.
>>
>> Regards,
>> Emeric
>>
>>
>>
>>
>>
>
>
> Hi,
>
>
> i've tried the following config, but HAProxy isn't tracking anything :
>
>
>
> frontend http_in_01
>
> bind 0.0.0.0:80
> log global
> option httplog
>
> reqidel ^X-Forwarded-For:.*
> option forwardfor
>
> option http-server-close
>
> # http-request set-header X-Concat
> %[req.fhdr(User-Agent)]_%[req.fhdr(X-Forwarded-For,-1)]
>
> http-request set-header X-Concat %[req.fhdr(User-Agent)]_%[src]
>
>
> # stick-table type binary len 180 size 32m expire 1m store
> http_req_rate(10s)
>
> stick-table type string len 180 size 32m expire 1m store
> http_req_rate(10s)
>
>
> tcp-request inspect-delay 10s
> tcp-request content track-sc0 req.fhdr(X-Concat) if HTTP
>
>
> unique-id-format %{+X}o\ %ci:%cp_%fi:%fp_%Ts_%rt:%pid
> unique-id-header X-Unique-ID
>
>
> # acl is_found req.hdr(X-Concat) -m sub Firefox
> # http-request set-header X-Found yes if is_found
>
>
>
> Example "X-Concat"-Header:
>
> Mozilla/5.0 (Windows NT 6.1; WOW64; rv:31.0) Gecko/20100101
> Firefox/31.0_192.168.138.185
>
>
>
> Does anyone have any ideas why HAProxy isn't tracking anything or if
> my config is wrong ?
>
>
> -----------
> Bjoern
Hi,
it's working now with the following "workaround" (config simplified):
frontend http_in_01
bind 0.0.0.0:80
http-request set-header X-Concat %[req.fhdr(User-Agent)]_%[req.fhdr(host)]
acl is_found req.fhdr(X-Concat) -m found
http-request set-header X-Found yes if is_found
default_backend forward
backend forward
server localhost 127.0.0.1:4444
frontend internal_real
bind 127.0.0.1:4444
stick-table type string len 180 size 32m expire 1m store
http_req_rate(10s)
tcp-request inspect-delay 10s
tcp-request content track-sc0 req.fhdr(X-Concat) if HTTP
default_backend live-nodes
backend live-nodes
server apache01 127.0.0.1:8090 check inter 2s rise 2 fall 2
maxconn 250 weight 50
This is the same "workaround" that is used here for logging purposes:
https://github.com/jvehent/haproxy-aws/blob/master/haproxy.cfg
It seems that if you add a new/custom header in frontend, it is
available to ACL's in the same frontend (acl is_found is matched), but
not to stick-table tracking functionality.
Is this by design and intended behaviour ?
-----------
Bjoern
