K enabled logging in haproxy but even more confused
i think i had a misconfiguration the problem my www_backend had incorrect conn
rate limit set as 200bytes
acl DATARATE_ABUSER sc2_bytes_out_rate gt 200
instead of
acl DATARATE_ABUSER sc2_bytes_out_rate gt 20000000
but in either case once rate was corrected, with or without acl in place,
/forums/images/i.png still bypassed stick-tables ?
###################################
With acl path_beg 3 lines enabled
- /forums/images/i.png bypasses stick-tables
- log shows:
Feb 18 21:36:47 localhost haproxy[3564]: 192.168.56.120:33470
[18/Feb/2012:21:36:47.442] www imagepath_backend/server2 0/0/0/0/+0 200 +381 -
- --NI 1/1/1/1/0 0/0 {192.168.56.120||} {Apache/2.2.21 (|247|max-age=||} "GET
/forums/images/i.png HTTP/1.1"
- /phpinfo.php gets rate limited via stick-tables
- log shows
Feb 18 21:38:37 localhost haproxy[3564]: 192.168.56.120:38054
[18/Feb/2012:21:38:27.659] www backend_tarpit/ -1/9815/-1/-1/+9816 500 +433 - -
PT-- 49/49/49/0/3 0/0 {192.168.56.120||} {||||} "GET /phpinfo.php HTTP/1.1"
###################################
With acl path_beg 3 lines disabled
- /forums/images/i.png bypasses stick-tables
- log shows:
Feb 18 21:43:41 localhost haproxy[3842]: 192.168.56.120:58633
[18/Feb/2012:21:43:41.501] www www_backend/server2 0/0/0/0/+0 200 +381 - - --NI
1/1/1/1/0 0/0 {192.168.56.120||} {Apache/2.2.21 (|247|max-age=||} "GET
/forums/images/i.png HTTP/1.1"
- /phpinfo.php gets rate limited via stick-tables
- log shows
Feb 18 21:45:20 localhost haproxy[3842]: 192.168.56.120:34635
[18/Feb/2012:21:45:13.417] www backend_tarpit/ -1/6866/-1/-1/+6866 500 +433 - -
PT-- 0/0/0/0/3 0/0 {192.168.56.120||} {||||} "GET /phpinfo.php HTTP/1.1"
###################################
---
posted at http://www.serverphorums.com
http://www.serverphorums.com/read.php?10,447870,447974#msg-447974
