Capture the country name in haproxy log file

I need to capture the country name in haproxy logfile from those who are all accessing my site… Is there anyway to do this…
Is there any option in http-request capture or log-format

I did this based on HAProxy Country filtering ACL | blog.erben.sk

file deny_hosts.map:

example.com antiddos

In frontend:

only create ACL to Brazil and Portugal

acl acl_geoloc_allow src,map_ip(/etc/haproxy/geoip/geoip.txt) -m reg -i (BR|PT)
acl acl_internal src 10.0.0.0/8 192.168.0.0/16

Only add IP to table

http-request track-sc1 src table antiddos if !acl_geoloc_allow !acl_internal

Send to check list or to default backend (default-backend)

use_backend %[req.hdr(host),lower,map_str(/etc/haproxy/deny_hosts.map,default-backend)]

Backend antiddos:

stick-table type ip size 1m expire 10m store http_req_rate(10s)
acl acl_geoloc_allow src,map_ip(/etc/haproxy/geoip/geoip.txt) -m reg -i (BR|PT)
acl acl_internal src 10.0.0.0/8 192.168.0.0/16

Throttling IP for requests from Brazil and Portugal

http-request deny deny_status 429 if { sc_http_req_rate(1,antiddos) gt 50 }

block all the other countries

http-request deny deny_status 403 if !acl_geoloc_allow !acl_internal

pass the requests from brazil and portugal

server antiddos_pass check minconn 1000 maxconn 8000 send-proxy

cron to get once a day the IP countries:

/usr/bin/curl -s http://iwik.org/ipcountry/geoip.txt > /etc/haproxy/geoip/geoip_novo.txt

Thanks a lot :smiley:… It’s also very useful for me.
But I want to know is there anyway to capture the country code or country name in the haproxy log file.
Example:
If someone accessing my website, I want to display that user country code or country name in haproxy.log file.

I don’t know if this is the best or most optimal way, but I’m using this configuration to log the country codes (to a custom log format).

The country code is stored using set-var(), and then logged.

frontend:
  log-format '..., country: %[var(sess.GeoCountryCode)], ...'

  http-request set-var(sess.GeoCountryCode) src,map_ip(/etc/haproxy/geoip/geoip.txt,"unknown")
1 Like

Thanks for the reply… I will try it.