Can I define a 'network list' in globa/defaults to be used in acl

f1outsourcing · August 12, 2020, 7:38pm

Can I define a ‘network list’ in globa/defaults to be used in acl. Something like this

localnets 192.168.10.0/24, 127.0.0.1

And then use an acl like :
acl network_allowed src localnets

lukastribus · August 13, 2020, 6:22am

No, but there is a feature request open to define multiple patterns in an environment variable:

Until then, you’d have to either use single patterns in (global) environment variables or duplicate the acl setting in all sections.

stuartluscombe · August 17, 2020, 12:45pm

I’m doing something along these lines, but using external files.

I’ve got files set up in /etc/haproxy/ipranges along the lines of product_prod.subnets and then in each a list of the subnets for it, i.e.:

10.1.2.0/24
10.1.3.0/24

Then, in my acl I’ve defined:

acl product_prod src -f /etc/haproxy/ipranges/product_prod.subnets

Topic		Replies	Views
Using global variables as map() parameter Help!	0	313	November 9, 2022
Setting up HAProxy 1.5 to use map to match acls to backends Help!	0	629	September 25, 2020
"Acl utls work with variables", How can I select exact variable with value to choose HAProxy backend? Help!	0	490	May 11, 2022
How do I setup acls to split a server by directory Help!	2	1233	June 13, 2018
Updating backend used by a list file via Stats socket Help!	0	144	October 4, 2023