On 28/11/2014 02:44 μμ, Pavlos Parissis wrote: > Hi, > > I want HAProxy to add a response header if request includes a specific > header. I implemented the logic [1] but I get the following > > parsing [/etc/haproxy/haproxy.cfg:77] : acl 'lb_debug' will never match > because it only involves keywords that are incompatible with 'frontend > http-response header rule' > [WARNING] 331/135906 (6390) : config : log format ignored for proxy > 'haproxy' since it has no log address. > > Found few references on Internet and if I understood them correctly it > fails because at the moment rspadd is evaluated HAProxy doesn't know > request information like headers. Am I right? and if I am right , do we > have solution? Willy mentioned in a similar thread about a dirty way to > get it but I failed to find it. > >
Baptise provided a solution which captures the mentioned header in request and check if it exists during response. But, he also made a note about being a dirty hack. Here it is frontend for_bar_com capture request header User-Agent len 120 capture request header Host len 32 capture request header LBDEBUG len 5 bind 10.189.200.1:80 http-response set-header LBNODE <uuid> if { capture.req.hdr(2) -i yes } default_backend for_bar_com After I sent my e-mail, I changed it to always return the header and use the system UUID which kind of more secure in terms of not exposing any information to all users. That requires to have an easy mapping mechanism in place to map UUIDs with actual hostnames, which can be easily done when you have puppet/salt/REST_APIs available. Thanks for solution Baptise but why is it consider a dirty hack? I must assume that it may cause problems in a more complex setups. Cheers, Pavlos
signature.asc
Description: OpenPGP digital signature