Re: Acl url_sub doesn't seems to match

[Hank A. Paulson]

I think this covers the most cases, I am not sure if the "-i" is needed or not:

 acl acl_aspc url_dom -i autos-prestige-collection HTTP_URL_ABS
 acl acl_aspc hdr_dom(Host) -i autos-prestige-collection
 use_backend aspc if acl_aspc

On 1/12/11 11:38 AM, Bryan Talbot wrote:

I think the problem is that url_dom operates on the URL found in the request
line but in your case, that URL is a relative URI (/) which does not contain a
host name.

I think if you use hdr_dom(Host) it'll do what you want.

-Bryan


On Wed, Jan 12, 2011 at 8:39 AM, Contact Dowhile mailto:cont...@dowhile.fr>> wrote:

Hello,

i have a pretty simple HAProxy configuration, but it can't match an
super-simple acl..

Here is the config
global
   daemon
   user haproxy
   group haproxy
   maxconn 5000

defaults
   mode http
   maxconn  4950
   retries  2
   timeout client 60s   # Client and server timeout must match the longest
   timeout server 60s   # time we may wait for a response from the server.
   timeout queue  60s   # Don't queue requests too long if saturated.
   timeout connect 4s   # There's no reason to change this one.
   timeout http-request 5s  # A complete request may never take that 
long.

frontend web :80
option forwardfor
acl acl_aspc url_dom autos-prestige-collection
use_backend aspc if acl_aspc
default_backend webfarm

backend aspc
balance source
server webC 10.1.0.26:80  check

backend webfarm
balance source
server webA 10.1.0.20:80  check

What i want is going to webfarm for every website, and going to aspc for
http://*.autos-prestige-collection.com/*

This is because this site is located on a windows iis server...
If i'm in debug mode here is what happen

myhost etc # haproxy -d -f haproxy.cfg
Available polling systems :
 sepoll : pref=400,  test result OK
  epoll : pref=300,  test result OK
   poll : pref=200,  test result OK
 select : pref=150,  test result OK
Total: 4 (4 usable), will use sepoll.
Using sepoll() as the polling mechanism.
:web.accept(0004)=0005 from [xx.xx.xx.xx:27615]
:web.clireq[0005:]: GET / HTTP/1.1
:web.clihdr[0005:]: Host: www.autos-prestige-collection.com

:web.clihdr[0005:]: User-Agent: Mozilla/5.0 (X11; U; Linux
x86_64; en-US; rv:1.9.2.12) Gecko/20101027 Firefox/3.6.12
:web.clihdr[0005:]: Accept:
text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
:web.clihdr[0005:]: Accept-Language:
fr,fr-fr;q=0.8,en-us;q=0.5,en;q=0.3
:web.clihdr[0005:]: Accept-Encoding: gzip,deflate
:web.clihdr[0005:]: Accept-Charset: 
ISO-8859-1,utf-8;q=0.7,*;q=0.7
:web.clihdr[0005:]: Keep-Alive: 115
:web.clihdr[0005:]: Connection: keep-alive
:webfarm.srvrep[0005:0006]: HTTP/1.1 200 OK
:webfarm.srvhdr[0005:0006]: Date: Wed, 12 Jan 2011 16:31:13 GMT
:webfarm.srvhdr[0005:0006]: Server: Apache/2.2.17 (Fedora)
:webfarm.srvhdr[0005:0006]: X-Powered-By: PHP/5.3.4
:webfarm.srvhdr[0005:0006]: Content-Length: 3546
:webfarm.srvhdr[0005:0006]: Connection: close
:webfarm.srvhdr[0005:0006]: Content-Type: text/html; charset=UTF-8
:webfarm.srvcls[0005:0006]
:webfarm.clicls[0005:0006]
:webfarm.closed[0005:0006]

We see that "Host: www.autos-prestige-collection.com
"  (so it should match my acl
isn't it ???) but we see that haproxy redirected this query to "webfarm
:webfarm.srvhdr[0005:0006]: Server: Apache/2.2.17 (Fedora)"

My iis server is going ok, if i put this in
frontend web :80
default_backend aspc

i'm redirected to my iis server (but then ALL my websites are redirected
to the iis which i don't want...)

I tried with url_dom and url_sub, nothing changes, it never catch the acl
rule...

I'm running haproxy 1.4.10 on gentoo.

Thanks for reading
Guillaume

help

[Sergey Khaliulov]

-- 
 Sergey Khaliulov