Build ACL from map

rhada · May 25, 2021, 3:35pm

Hello,

I’m trying to build an acl with a map file. I’m using haproxy 2.2.9. This is to allow us to deploy a map file with a tool like ansible or a cron task without having to update the haproxy config, a simple reload should be able to update the loaded map.

I have a list of client, allowed to access a list of uri :

127.0.0.1 /uri1
127.0.0.1 /uri2
127.0.0.2 /uri2
127.0.0.3 /uri1

Now, i want to allow the access only if src is in map and if begining of the request uri match the one in the map.

Is there a way to achieve this ? A made a lots of tries without success

lukastribus · May 25, 2021, 3:48pm

A map is a key/value store. You cannot have multiple entries for the same key.

Use ACL files instead of map files, and group the URI prefixes together.

Like Group1 is allowed to access /uri1 and /uri3, Group2 is allowed to access /uri2 and /uri3.

Then just make a ACL file with the IPs for Group1, and another one for Group2 and use normal ACL rules in haproxy to achieve what you want.

Topic		Replies	Views
HAProxy acl and maps Help!	1	1448	December 5, 2019
Load ACL value from map Help!	3	422	January 31, 2024
Setting up HAProxy 1.5 to use map to match acls to backends Help!	0	797	September 25, 2020
Haproxy ACL for query-string "Authorization" Help!	1	614	April 13, 2022
Configuring virtual ACL and Map files Help!	2	30	August 13, 2024

Build ACL from map

Related topics