On Tue, Jul 1, 2014 at 11:16 PM, William Jimenez <william.jime...@itsoninc.com> wrote: > Hi Baptiste, thank you for the response. I'm afraid I still don't follow. > Say I have the an ACL that I want to toggle from its current state (as > defined in the flat file) to 'always_false'. I can see it exists from the > output of the 'show acl' command: > >> # id (file) description >> 0 () acl 'always_true' file '/etc/haproxy/haproxy.cfg' line 19 > > So to modify it I assume I would run something using 'add acl'. I thought > you mentioned it needs to be defined in a file so I tried: >> >> # haproxyctl add acl myacl >> 'add acl' expects two parameters: ACL identifier and pattern. > > > where 'myacl' is a file containing: > >> acl redir_true always_true > > > Hope that helps clarify the situation. What am I doing wrong? > > Thanks in advance, > William > > > On Tue, Jul 1, 2014 at 2:00 PM, Baptiste <bed...@gmail.com> wrote: >> >> On Tue, Jul 1, 2014 at 10:54 PM, William Jimenez >> <william.jime...@itsoninc.com> wrote: >> > Hello >> > I am trying to modify ACLs via the socket interface. When I try to do >> > something like 'get acl', I get an error: >> > >> > Missing ACL identifier and/or key. >> > >> > How do I find the ACL identifier or key for a specific ACL? I see the >> > list >> > of ACLs when i do a 'show acl', but unsure which of these values is the >> > file >> > or key: >> > >> > # id (file) description >> > 0 () acl 'always_true' file '/etc/haproxy/haproxy.cfg' line 19 >> > 1 () acl 'src' file '/etc/haproxy/haproxy.cfg' line 20 >> > 2 () acl 'src' file '/etc/haproxy/haproxy.cfg' line 21 >> > 3 () acl 'src' file '/etc/haproxy/haproxy.cfg' line 22 >> > >> > Thanks >> >> Hi William, >> >> In order to be able to update ACL content, they must load their >> content from a file. >> The file name will be considered as a 'reference' you can point to >> when updating content. >> Don't forget to update simultaneously the content from an ACL and from >> the flat file to make HAProxy reload reliable :) >> >> Baptiste > > > > > -- > William Jimenez > Systems Engineer, Operations > ItsOn, Inc. > 650-241-8470 {us/pacific}
Hi William, In your configuration, you should load your acl like this: acl myacl hdr(Host) -f /path/to/myhosthdr.acl then your file acl reference will be myhosthdr.acl. Baptiste