Is it possible to inspect directly the value of ACL clause during runtime? For example having
acl srv1 path_dir /site1
acl srv2 path_dir /site2
I can only conclude from HAProxy log what is the result of ACLs.
Is it possible to inspect directly the value of ACL clause during runtime? For example having
acl srv1 path_dir /site1
acl srv2 path_dir /site2
I can only conclude from HAProxy log what is the result of ACLs.
What do you mean by “inspecting directly”? I.e. give some examples on how you would use such a feature.
You could for example set some headers based on selected ACLs, thus you could see if they are set or not in the request / response. Also you can use set-var(txn.something)
based on ACLs.
I mean by “inspecting directly” to write the value to the log file or on the console in -d mode.
To my knowledge there isn’t any such option.
However you could use a combination of request headers and capture
statements to see if an ACL is set for a particular HTTP request.
I will try. Thanks.
Any ideas? I also want the same thing.
Write whatever you want into a txn variable, based on the ACL:
acl srv1 path_beg /site1
http-request set-var(txn.srv1acl) str(acl-srv1-site1-match) if srv1
http-request set-var(txn.srv1acl) str(acl-srv1-site1-nomatch) if ! srv1
Then configure logging referring to that variable:
log-format "%{+Q}[var(txn.srv1acl)]"
I was successful using headers and captures, but your approach is way more elegant. Thanks!