Block IP address block ....deny ip is not working for some reason

frontend sites_com
bind ssl crt /etc/haproxy/ssl/
mode http

http-request deny if { src } 

# Add CORS headers when Origin header is present
capture request header origin len 128
# if a preflight request is made, use CORS preflight backend
http-request use-service lua.cors-response if METH_OPTIONS { capture.req.hdr(0) -m found }
# add Access-Control-Allow-Origin HTTP header to response if origin matches the list of allowed URLs
http-request set-header Access-Control-Allow-Origin %[capture.req.hdr(0)] if { capture.req.hdr(0) -m found }

    acl is-blocked-ip src
    http-request deny if is-blocked-ip
    tcp-request content reject if is-blocked-ip

This is currently in my production haproxy configuration however I am still getting traffic passed from addresses. We are getting tons of traffic and I cannot figure out why my blacklist rule nor my broken out rules are stopping the traffic.

Any assistance is appreciated and I have scanned the internet and tried ever combination (including moving the rules with the configuration file) that I can find.

The ip address does not fall within that block, so the rule does not apply.

turns out the subnet needed to be /16 instead of /17 and this addressed the issue

1 Like