What’s the best way to integrate a table of IP blocks (ip_from, ip_to, ip_status) into haproxy? I want to return 403 when status = 0. ip_from and ip_to are numerical values using the mysql method INET_ATON(‘ip address’). I do my lookups by selecting where INET_ATON(‘ip address’) > ip_from limit 1.
I suggest you export the database content periodically into an ACL file (a dedicated file containing only single IP addresses or IP address ranges in CIDR notation), and then load that ACL from the configuration.
If you want to have haproxy running and querying the database in realtime, you can probably do it with LUA (and something like LuaSQL, but you will probably have to invest some time developing this solution.