> On 9 Jan 2019, at 11:06, gdelafond+hapr...@aquaray.com wrote: > > Hello, > > I try to understand how to use the -M ACL flag. > > From the documentation : > > The "-M" flag allows an ACL to use a map file. If this flag is set, the file > is > parsed as two column file. The first column contains the patterns used by the > ACL, and the second column contain the samples. The sample can be used later > by > a map. This can be useful in some rare cases where an ACL would just be used > to > check for the existence of a pattern in a map before a mapping is applied. > > How can we use "samples" in a map ? > > Could you provide an example ? > > What I'm looking for is a way find all IPs allowed for a hostname and then > filter by these IPs from a map file, ie be able to do something like: > use_backend > %[req.fhdr(host),lower,map(/etc/haproxy/domains.map,default_backend)] if { > src -m ip %[req.fhdr(host),lower,map(/etc/haproxy/iprules.map)] } > with /etc/haproxy/iprules.map containing : > hostname1 ip1 > hostname1 ip2 > hostname2 ip1 > hostname2 ip3 > hostname2 ip4 > .. > > Did I miss something obvious ?
Can anyone help me with this ? Thank you. Regards, -- Guillaume