Certainly, Postrgres sends this message across the wire:
Jun 2 21:14:40 ip-172-31-77-193 haproxy[9031]: #0110x000000: 00 00 00 4c 00 03 00 00 75 73 65 72 00 74 73 64 |...L....user.tsd| Jun 2 21:14:40 ip-172-31-77-193 haproxy[9031]: #0110x000010: 62 00 64 61 74 61 62 61 73 65 00 74 73 64 62 00 |b.database.tsdb.| Jun 2 21:14:40 ip-172-31-77-193 haproxy[9031]: #0110x000020: 61 70 70 6c 69 63 61 74 69 6f 6e 5f 6e 61 6d 65 |application_name| Jun 2 21:14:40 ip-172-31-77-193 haproxy[9031]: #0110x000030: 00 70 73 71 6c 00 63 6c 69 65 6e 74 5f 65 6e 63 |.psql.client_enc| Jun 2 21:14:40 ip-172-31-77-193 haproxy[9031]: #0110x000040: 6f 64 69 6e 67 00 55 54 46 38 00 00 |oding.UTF8..| Bytes, 8 – are user\0 Byte 13 starts the userid. I would like to be able to test that userid and make a routing decision on that. This is what the HAProxy docs suggest: acl check-rw req.payload(8,32),hex -m sub 757365720074736462727700 use_backend pg_readwrite if check-rw But the ACL never results in true… pg From: Jarno Huuskonen <jarno.huusko...@uef.fi> Sent: Tuesday, June 8, 2021 8:35 AM To: Godfrin, Philippe E <philippe.godf...@nov.com> Cc: haproxy@formilux.org Subject: Re: [EXTERNAL] Re: built in ACL, REQ_CONTENT Use caution when interacting with this [EXTERNAL] email! Hello, On Tue, 2021-06-08 at 12:25 +0000, Godfrin, Philippe E wrote: > OK, I see. An associated question, how do I gain access to that content to > interrogate/parse the data in that content? req.body (https://cbonte.github.io/haproxy-dconv/2.4/configuration.html#7.3.6-req.body) Can you explain a little bit what you're trying to do ? -Jarno > pg > > -----Original Message----- > From: Lukas Tribus <lu...@ltri.eu> > Sent: Monday, June 7, 2021 4:08 PM > To: Godfrin, Philippe E <philippe.godf...@nov.com> > Cc: haproxy@formilux.org > Subject: [EXTERNAL] Re: built in ACL, REQ_CONTENT > > Use caution when interacting with this [EXTERNAL] email! > > Hello, > > On Mon, 7 Jun 2021 at 14:51, Godfrin, Philippe E <philippe.godf...@nov.com> > wrote: > > > > Greetings! > > > > I can’t seem to find instructions on how to use this builtin ACL. Can > > someone point me in the right direction, please? > > There is nothing specific about it, you use just like every other ACL. > > http-request deny if REQ_CONTENT > > http-request deny unless REQ_CONTENT > > > Lukas > > > > -- Jarno Huuskonen