Hug Hugues :p Sorry for the delay in my response, I'm a bit busy and "far" right now :)
Well, this sounds a configuration issue, some typo or misnamed ACLs. Baptiste On Mon, Jun 10, 2013 at 6:15 PM, Hugues Lepesant <hug...@lepesant.com> wrote: > Hello all, > > > > I'm trying to make this tutorial work : > > > > http://blog.exceliance.fr/2012/10/16/high-performance-waf-platform-with-naxsi-and-haproxy/ > > > > But when I check the configuration of haproxy I've got a this errors : > > > > # haproxy -c -f /etc/haproxy/haproxy.test.cfg > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:32] : > error detected while parsing ACL 'abuse' : ACL keyword 'sc1_http_req_rate' > takes no argument. > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:33] : > error detected while parsing ACL 'flag_abuser' : ACL keyword 'sc1_inc_gpc0' > takes no argument. > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:34] : > 'tcp-request content reject' : error detected in frontend 'ft_waf' while > parsing 'if' condition : no such ACL : 'abuse' > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:56] : > error detected while parsing ACL 'abuse' : ACL keyword 'sc1_http_err_rate' > takes no argument. > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:57] : > error detected while parsing ACL 'flag_abuser' : ACL keyword 'sc1_inc_gpc0' > takes no argument. > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:58] : > 'tcp-request content reject' : error detected in backend 'bk_waf' while > parsing 'if' condition : no such ACL : 'abuse' > [ALERT] 160/191308 (22091) : Error(s) found in configuration file : > /etc/haproxy/haproxy.test.cfg > [WARNING] 160/191308 (22091) : config : log format ignored for frontend > 'ft_waf' since it has no log address. > [WARNING] 160/191308 (22091) : config : log format ignored for frontend > 'ft_web' since it has no log address. > [ALERT] 160/191308 (22091) : Fatal errors found in configuration. > > > I'm running on Debian Squeeze 64 bits this version of haproxy : > > # haproxy -vvvv > HA-Proxy version 1.5-dev17 2012/12/28 > Copyright 2000-2012 Willy Tarreau <w...@1wt.eu> > > Build options : > TARGET = linux2628 > CPU = native > CC = gcc > CFLAGS = -O2 -march=native -g -fno-strict-aliasing > OPTIONS = USE_ZLIB=1 USE_OPENSSL=1 USE_PCRE=1 USE_STATIC_PCRE=1 > > Default settings : > maxconn = 2000, bufsize = 16384, maxrewrite = 8192, maxpollevents = 200 > > Encrypted password support via crypt(3): yes > Built with zlib version : 1.2.3.4 > Compression algorithms supported : identity, deflate, gzip > Built with OpenSSL version : OpenSSL 0.9.8o 01 Jun 2010 > OpenSSL library supports TLS extensions : yes > OpenSSL library supports SNI : yes > OpenSSL library supports prefer-server-ciphers : yes > > Available polling systems : > epoll : pref=300, test result OK > poll : pref=200, test result OK > select : pref=150, test result OK > Total: 3 (3 usable), will use epoll. > > > Any help is welcome. > > > > Best regards, > > Hug > >