Le 05/08/2013 10:44, Baptiste a écrit :
Hi Ghislain,To log such rejected connection please ensure you don't have the "dontlognull" option enabled and you're rejecting connections using the "tcp-request content" statement. Baptiste
thanks for the hint ,i was using dontlognull so i just removed it and added the no option in the frontend
I use a simple thing like this: frontend ft_https mode tcp no option dontlognull option tcplog bind 0.0.0.0:443stick-table type ip size 500k expire 30s store gpc0,http_req_rate(10s),conn_cur
tcp-request connection track-sc1 srctcp-request connection reject if { src_get_gpc0 gt 0 } or { src_conn_cur ge 30 }
default_backend bk_https backend bk_https mode tcp balance roundrobin acl abuse src_http_req_rate(ft_https) ge 200 acl flag_abuser src_inc_gpc0(ft_https) tcp-request content reject if abuse flag_abuseri cannot have any log for rejects, the same version in http mode gives me log with the PR-- flag which is good as it indicate a reject because of a deny rule but in TCP mode i am unable to get any logging of the denied connections. I use a simple 'ab' call to stress it.
regards, Ghislain.
smime.p7s
Description: Signature cryptographique S/MIME