On Wed, May 21, 2025 at 11:37:58AM +0200, Aleksandar Lazic wrote: > Subject: Re: Dynamically Loading and Selecting ACL Maps / Files > Hi Maximilian. > > On 2025-05-21 (Mi.) 08:42, Maximilian Moehl wrote: > > Hi Aleks > > > > > > So far, it seems like the only options would be custom LUA or SPOE. > > > > > > I see two options :-) . > > > > > > Runtime API directly > > > https://www.haproxy.com/blog/dynamic-configuration-haproxy-runtime-api > > > or > > > Dataplane API https://github.com/haproxytech/dataplaneapi > > > > I'm aware of the runtime API, but I don't see how I can add new ACL lists or > > remove existing ones and dynamically reference them in `tcp-session` rules, > > can you please explain how I could achieve something like this? Maybe I'm > > just > > missing some detail. > > There are examples in the blog post. > https://www.haproxy.com/blog/dynamic-configuration-haproxy-runtime-api#updating-acls > > and in that one > https://www.haproxy.com/blog/introduction-to-haproxy-acls#using-the-runtime-api > > For example. > > ``` > echo "add acl /etc/hapee-1.8/whitelist.acl 1.2.3.4" | socat stdio > /var/run/hapee-lb.sock > > ``` > The documentation for the commands are in the managment guide > https://docs.haproxy.org/3.1/management.html#9.3-add%20acl > https://docs.haproxy.org/3.1/management.html#9.3-add%20map > > Maybe somebody on the list have a comand sequence which works already as I > don't do this very often on cli line. > > > Regards > > Max > > Regards > Aleks
Adding new lists or files dynamically is unfortunately not supported. It's not possible to modify a TCP rule over the CLI. -- William Lallemand
