Actually, it looks like I can make use of existing stick stuff to hit
my end goal. Still curious if the above could work, tho.
Example of what I'm going to go with for now:
stick-table type ip size 1m expire 5m store gpc0,sess_cnt
stick on hdr_ip(X-Forwarded-For,-1)
On Wed, Dec 16, 2015 at 9:39 PM, Jason Harvey <[email protected]> wrote:
> Is it possible to modify the client src address in the proxy protocol
> and loop back to haproxy over abns without needing tproxy? I'm hoping
> that by encapsulating the usesrc in the proxy protocol I can avoid
> needing any type of tproxy setup.
>
> End goal is to ratelimit based on source address that is contained in
> a request header.
>
> Config I'm trying which doesn't seem to work is below. The connection
> gets through, but the frontend doesn't see a modified source address.
>
> listen test
> bind :80
> mode http
> log global
> source 0.0.0.0 usesrc hdr_ip(x-forwarded-for,-1)
> server http abns@test send-proxy-v
>
> frontend fe
> bind abns@test accept-proxy
> option httplog
> mode http
> log global
>
>
> Thanks!
> Jason
