Re: clarification on hdr* matching?
I'm having trouble with the syntax of the hdr* matching for creating ACL's. I know that my control flow is correct. by changing the acl defiinition to a simple src ip, i get the desired change of backends. ie. this will send traffic to img backends (desired) # acl from_vnsh hdr_sub -i nginx acl from_vnsh src 208.94.1.44 use_backend varnish if METH_GET ! from_vnsh default_backend img this will send it to varnish: acl from_vnsh hdr_sub -i nginx # acl from_vnsh src 208.94.1.44 use_backend varnish if METH_GET ! from_vnsh default_backend img I think the problem is you shouldn't have the METH_GET in there use_backend varnish if ! from_vnsh works for me oh, i thought there was an implicit AND when two expressions were put together...which i know is true for the src based acl. i only want GETs to go to this backend. Doh! My bad, then you do want that I wasn't sure you could use that directly in the use_backend or if you had to create an acl based on that "predefine"
Re: clarification on hdr* matching?
On Thu, Sep 17, 2009 at 2:31 PM, David Birdsong wrote: > On Thu, Sep 17, 2009 at 2:19 PM, Hank A. Paulson > wrote: >> >> >> On 9/17/09 1:17 PM, David Birdsong wrote: >>> >>> I'm having trouble with the syntax of the hdr* matching for creating >>> ACL's. >>> >>> I know that my control flow is correct. by changing the acl >>> defiinition to a simple src ip, i get the desired change of backends. >>> >>> ie. this will send traffic to img backends (desired) >>> # acl from_vnsh hdr_sub -i nginx >>> acl from_vnsh src 208.94.1.44 >>> use_backend varnish if METH_GET ! from_vnsh >>> default_backend img >>> >>> this will send it to varnish: >>> acl from_vnsh hdr_sub -i nginx >>> # acl from_vnsh src 208.94.1.44 >>> use_backend varnish if METH_GET ! from_vnsh >>> default_backend img >> >> I think the problem is you shouldn't have the METH_GET in there >> use_backend varnish if ! from_vnsh >> works for me > oh, i thought there was an implicit AND when two expressions were put > together...which i know is true for the src based acl. i only want > GETs to go to this backend. > >> >>> >>> >>> furthermore, is there a way to match on a header field and not the >>> field's value? >>> i have a field: >>> X-Varnish: 751121622 >>> >>> i want to create the acl simply based on X-Varnish being present >>> irrespective of the value of this field. >>> >> >> acl varn_present hdr_cnt(X-Varnish) gt 0 > thanks i'll try this. thanks much, this solved it for me. > >> > to be more clear, haproxy is to direct the first GET to varnish which > in turn will send the request back through haproxy, this is where i > want to direct the request to another backend. >
Re: clarification on hdr* matching?
On Thu, Sep 17, 2009 at 2:19 PM, Hank A. Paulson wrote: > > > On 9/17/09 1:17 PM, David Birdsong wrote: >> >> I'm having trouble with the syntax of the hdr* matching for creating >> ACL's. >> >> I know that my control flow is correct. by changing the acl >> defiinition to a simple src ip, i get the desired change of backends. >> >> ie. this will send traffic to img backends (desired) >> # acl from_vnsh hdr_sub -i nginx >> acl from_vnsh src 208.94.1.44 >> use_backend varnish if METH_GET ! from_vnsh >> default_backend img >> >> this will send it to varnish: >> acl from_vnsh hdr_sub -i nginx >> # acl from_vnsh src 208.94.1.44 >> use_backend varnish if METH_GET ! from_vnsh >> default_backend img > > I think the problem is you shouldn't have the METH_GET in there > use_backend varnish if ! from_vnsh > works for me oh, i thought there was an implicit AND when two expressions were put together...which i know is true for the src based acl. i only want GETs to go to this backend. > >> >> >> furthermore, is there a way to match on a header field and not the >> field's value? >> i have a field: >> X-Varnish: 751121622 >> >> i want to create the acl simply based on X-Varnish being present >> irrespective of the value of this field. >> > > acl varn_present hdr_cnt(X-Varnish) gt 0 thanks i'll try this. > to be more clear, haproxy is to direct the first GET to varnish which in turn will send the request back through haproxy, this is where i want to direct the request to another backend.
Re: clarification on hdr* matching?
On 9/17/09 1:17 PM, David Birdsong wrote: I'm having trouble with the syntax of the hdr* matching for creating ACL's. I know that my control flow is correct. by changing the acl defiinition to a simple src ip, i get the desired change of backends. ie. this will send traffic to img backends (desired) # acl from_vnsh hdr_sub -i nginx acl from_vnsh src 208.94.1.44 use_backend varnish if METH_GET ! from_vnsh default_backend img this will send it to varnish: acl from_vnsh hdr_sub -i nginx # acl from_vnsh src 208.94.1.44 use_backend varnish if METH_GET ! from_vnsh default_backend img I think the problem is you shouldn't have the METH_GET in there use_backend varnish if ! from_vnsh works for me furthermore, is there a way to match on a header field and not the field's value? i have a field: X-Varnish: 751121622 i want to create the acl simply based on X-Varnish being present irrespective of the value of this field. acl varn_present hdr_cnt(X-Varnish) gt 0
clarification on hdr* matching?
I'm having trouble with the syntax of the hdr* matching for creating ACL's. I know that my control flow is correct. by changing the acl defiinition to a simple src ip, i get the desired change of backends. ie. this will send traffic to img backends (desired) # acl from_vnsh hdr_sub -i nginx acl from_vnsh src 208.94.1.44 use_backend varnish if METH_GET ! from_vnsh default_backend img this will send it to varnish: acl from_vnsh hdr_sub -i nginx # acl from_vnsh src 208.94.1.44 use_backend varnish if METH_GET ! from_vnsh default_backend img furthermore, is there a way to match on a header field and not the field's value? i have a field: X-Varnish: 751121622 i want to create the acl simply based on X-Varnish being present irrespective of the value of this field.