Hi Vivek, On Sun, Mar 01, 2015 at 12:21:57AM -0600, Vivek Malik wrote: > Hi, > > I spent last few hours scratching my head and wondering where my > configuration was wrong and why was it acting weird. Sending this to > ML to see if this is a bug or expected behavior. I expected ACL to > evaluate its condition only once and store the true/false outcome, > however with rand(), I believe that ACL keeps re-evaluating on every > use. Example, > > acl random rand(50) lt 25 > http-response set-header H1 V1 if random > http-response set-header H2 V2 if random > http-response set-header H3 V3 if random > > I would except either all 3 headers H1, H2, H3 to be set or none to be > set. However, in my test config I observed that H1, H2, H3 are set > independent of each other essentially meaning that ACL is getting > re-evaluated every time it is getting used. > > Is this the expected behavior of ACLs? If yes, how would using a named > ACL be different than using an anonymous ACL?
It's normal and it works as expected (eventhough it doesn't match your expectations). ACLs are evaluated when they're used. So here what happens is that the random value is evaluated on each line. In practice we can find various ways to work around this depending on your use case. Could you please describe what you wanted to achieve, as I suspect that your config above was made only to confirm your observation, and is not related to your target use case ? Thanks, Willy
