Hello Team,
I would like to get some suggestions on setting up ratelimit on HAProxy 1.8
version, my current setup is as below.
1000+ rsyslog clients(TCP) ----> HAProxy (TCP mode) ----> backend
centralized rsyslog server.
I have the below stick table and acl's through which I am able to mark a
source as "abuse" if the client crosses the limit post which all new
connections from the same client are rejected until stick table timer
expires.
haproxy.cfg
-----------------
stick-table type ip size 200k expire 2m store
gpc0,conn_rate(2s),bytes_in_rate(1s),bytes_in_cnt
acl data_rate_abuse sc1_bytes_in_rate ge 100
acl data_size_abuse sc1_kbytes_in ge 1
tcp-request connection silent-drop if data_rate_abuse
tcp-request connection reject if data_size_abuse
However I would like to configure in such a way that once a client sends
about "x bytes" of data the connection should be closed instantly instead
of marking it abuse and simultaneous connections being rejected.
Kindly let me know if the above can be configured with HAProxy version 1.8.
BR
Sangam
