Hi,
I have a frontend definition that looks like this:
frontend fe_imap from defaults_1
bind 127.0.0.1:143
bind [::1]:143
bind 192.168.0.2:143
stick-table type ip size 100k expire 24h store gpt0
acl INVALID_SRC src_port 0:1023
option tcplog
tcp-request connection reject if INVALID_SRC
use_backend block_imap if { sc_get_gpt0(0) eq 1 }
use_backend %[src,map_ip(/etc/haproxy/maps/blacklist-imap.map)]
default_backend be_imap
My idea is to block some IPs for only an amount of time and others permanently. The latter already woks perfectly.
For some reason the gpt0 idea does not work. I entered this at the command prompt:
echo "set table fe_imap src 127.0.0.1 data.gpt0 1" | socat stdio /var/run/haproxy.sock
which added the IP (just a localhost example. In real life that will be remote IPs)
echo "show table fe_imap" | socat stdio /var/run/haproxy.sock
# table: fe_imap, type: ip, size:102400, used:1
0x7fe788035988: key=127.0.0.1 use=0 exp=85159306 shard=0 gpt0=1
And if I try “telnet 127.0.0.1 143” I still land on the default backend and not the block_imap backend. Can you help me with this?