On Wed, May 27, 2015 at 3:42 PM, Roland RoLaNd <r_o_l_a_...@hotmail.com> wrote: > managed to successfully reject access from specific users depending on > condition; but what i eventually want is to provide them with a certain page > instead of reject (redirect isn't an option) > > > backend phoenix > stick-table type string len 40 size 5M expire 2m store conn_rate(60s) > tcp-request inspect-delay 10s > stick on url_param(sid) table phoenix > tcp-request content track-sc0 url_param(sid) > errorfile 200 /etc/haproxy/custom_response/phoenix.http if { sc0_conn_rate > gt 10 } > > > checking socket; the conn rate is above 10: > 0x8581a0: key=10000000000testing000001 use=0 exp=119272 server_id=1 > conn_rate(60000)=90 > > > i think the problem is that condition should be set in frontend config in > a way that points to the "phoenix" table instead of the default frontend > table... > > any advice?
Hi Roland, You can use the stick table gpc0 as a flag and query it from the frontend for the next coming request. If greater than 0, route the user to a specific backend where you can deliver pages. Some examples here: http://blog.haproxy.com/2012/02/27/use-a-load-balancer-as-a-first-row-of-defense-against-ddos/ Baptiste