Http-request track-scX does not work since 2.4/2.4.1/2.4.2

Hey Pros,

randomly I detected in my logs that some http-request track-sc0 rule doe not work anymore. I have a dummy-backend for stick-tables and want to track there base32+src. In 2.3 or maybe in 2.4/2.4.1 it worked (I was ill and cant check older logs). But in 2.4.2 it does not work.

I have stripped down my config and will attache it, can someone reproduce this? Over socat the table is always empty! My https table has my test-record but the cache_limiter table is empty.

Thanks for your help!

Attached my config

	#log /dev/log local0 info
	log len 65535 format raw local0 info
	log /dev/log	local1 notice
	chroot /var/lib/haproxy
	stats socket /run/haproxy/admin.sock mode 666 level admin expose-fd listeners
	stats timeout 30s
	user haproxy
	group haproxy

	#Close old thread after realod
	hard-stop-after 1h

	#Default SSL material locations
	ca-base /etc/ssl/certs
	crt-base /etc/ssl/private

	#Default ciphers to use on SSL-enabled listening sockets.
	#For more information, see ciphers(1SSL). This list is from:

	#ssl-default-bind-options no-sslv3 #no-tls-tickets
	ssl-default-bind-options ssl-min-ver TLSv1.0 no-tls-tickets
	#ssl-min-ver TLSv1.0

	spread-checks 40
	tune.ssl.default-dh-param 2048
	tune.bufsize 4069000
	maxconn 50000

	log	global
	mode	http
	option	dontlognull
	option http-use-htx

	log-format '{"version":"1.1","source":"haproxy01a","host":"haproxy01a","log_type":"http_access","short_message":"%r","level":5,"remote_address":"%[src,ipmask(24)]","frontend":"%ft","backend":"%b","server":"%s","time_connect":%TR,"time_wait":%Tw,"time_connect_server":%Tc,"time_response_server":%Tr,"time_total":%Tt,"response_status":%ST,"response_bytes":%B,"termination_state":"%tsc","server_queue":%sq,"server_conn":%sc,"backend_conn":%bc,"backend_queue":%bq,"retry":%rc,"unique_id":"%ID","http_method":"%HM","http_version":"%HV","request_path":"%HP","query_param":"%HQ","tls_version":"%sslv","ssl_cipher":"%sslc","vhost":"%[capture.req.hdr(1)]","user_agent":"%[capture.req.hdr(0)]","referer":"%[capture.req.hdr(2)]","phpsessid":"%CC"}' #,"post_content":"%{+E}hr","post_content2":"%hs","client_connections":"%[capture.res.hdr(0)]","phpsessid":"%CC"}'

	timeout connect 5000
	##timeout client  50000
	timeout server  50000
	timeout tarpit	2s

	#new for websocket
	timeout client 2h
	timeout client-fin 30s
	timeout http-keep-alive 50000
	#timeout http-request 30s #set to prevent slowloris
	unique-id-format %{+X}o\ %ci:%cp_%fi:%fp_%Ts_%rt:%pid
	unique-id-header X-Unique-ID
	option log-health-checks
	#option splice-auto
	errorfile 400 /etc/haproxy/errors/400.http
	errorfile 403 /etc/haproxy/errors/403.http
	errorfile 408 /etc/haproxy/errors/408.http
	#errorfile 410 /etc/haproxy/errors/410.http
	errorfile 429 /etc/haproxy/errors/429.http
	errorfile 500 /etc/haproxy/errors/500.http
	errorfile 502 /etc/haproxy/errors/502.http
	errorfile 503 /etc/haproxy/errors/503.http
	errorfile 504 /etc/haproxy/errors/504.http

frontend https
	bind *:443 ssl crt /etc/cert/cert.pem alpn h2,http/1.1

	#IMPORTANT if there is some strange behavior comment ignore in and comment no dontlog out!! IT is hard debug with this options..
	#no option dontlognull
	option http-ignore-probes
	#option http-use-htx
	option http-buffer-request

	capture request header User-Agent len 128
	capture request header Host len 48
	capture request header Referer len 48
	capture response header x-haproxy-ccount len 10
	capture cookie PHPSESSID len 63
	declare capture request len 1024
	#option accept-invalid-http-request

	tcp-request connection reject if { src_get_gpc0 gt 0 }
	#tcp-request content track-sc0 src
	tcp-request session track-sc0 src

	http-request capture req.body id 3
	http-request track-sc1 src table data_login
	http-request track-sc2 src table post_shop

	#declare all in a whitelist so that nothing is blocked from there
	acl is_myrr src -f /etc/haproxy/myrr.lst
	acl is_secure hdr(host) -i secure

	#bot detection and deny bots
	acl is_robot hdr_reg(User-Agent) -i -f /etc/haproxy/bots.lst
	http-request deny if is_robot !is_secure
	acl is_blacklist src -f /etc/haproxy/blacklist.lst
	acl is_tor_client src -f /etc/haproxy/tor.lst
	http-request deny if is_blacklist !is_secure
	#http-request deny deny_status 429 if is_tor_client !is_secure
	http-request return status 412 content-type "text/plain" string "query accepted and queued" if is_tor_client !is_secure
	#acl is_referer_abuse hdr_reg(Referer) -m found -i http -i -

	stick-table type ip size 500k expire 60m store gpc0,gpc1,conn_cur,conn_rate(3s),http_req_rate(5s),http_err_rate(10s),gpc0_rate(10s),gpc1_rate(15s)
	#http-request tarpit if { src_conn_cur ge 500 } !is_myrr
	http-request tarpit deny_status 429 if { src_conn_cur ge 300 } !is_myrr !is_secure
	http-request tarpit if { src_conn_rate ge 6000 } !is_myrr !is_secure
	#http-request tarpit if { sc0_http_err_rate() gt 200 } !is_myrr
	http-request tarpit if { sc0_http_req_rate() gt 10000 } !is_myrr !is_secure

	use_backend cache_GO_http_BE if { hdr(host) -i -i }

backend data_login
	stick-table type ip size 1m expire 10m store gpc0,gpc0_rate(15s)

backend post_shop
	stick-table type ip size 1m expire 10m store gpc0,gpc0_rate(10s),gpt0

backend abuser_200er
	http-request deny deny_status 200

backend maintenance_410
	http-request deny deny_status 410

backend cache_limiter
	stick-table type binary len 8 size 100k expire 1m store http_req_rate(900)

backend token_limiter
	stick-table type ip size 10k expire 10m store http_req_rate(10m)

backend cache_GO_http_BE
	mode http
	balance roundrobin
	#option forwardfor header X-Client-IP
	http-request add-header X-Client-IP %[src,ipmask(24)]
	fullconn 2000
	timeout server 5m
	option forwardfor
	acl is_myrr src -f /etc/haproxy/myrr.lst
	acl is_eventid_whitelist path_dir -i -f /etc/haproxy/api_whitelist.lst
	acl is_limit_exclusion path_end -i groups.php scale.php
	acl is_limit_path_exclusion path_dir -i complaints
	acl is_office hdr_reg(User-Agent) -i Excel Microsoft

	http-request track-sc0 base32+src table cache_limiter if TRUE
	http-request return status 406 content-type "application/json" lf-string '{ "errors" : [ { "status" : "406", "title" : "Not Acceptable", "detail" : "Your IP %[src] reached out the request limit for this specific call to %[base]" } ] }' if { base32+src,table_http_req_rate(cache_limiter) gt 1 } !is_myrr !is_limit_exclusion !is_limit_path_exclusion !is_office !METH_POST !is_eventid_whitelist

	filter compression
	compression algo gzip
	compression type text/html text/plain text/xml text/json text/css# text/javascript application/javascript

	server cache2_140 check weight 10 maxconn 250 inter 1s fall 3 #backup```

If have tested this with some older versions and it does not work since HaProxy 2.2.10/11 (2.2.11 is broken, but I cant test 2.2.10)! With Version 2.2.9 all works fine.

Can anybody confirm this bug?