Hi. On 26.01.21 05:54, Sangameshwar Babu wrote: > Hello Team, > > I would like to get some suggestions on setting up ratelimit on HAProxy 1.8 version, > my current setup is as below. > > 1000+ rsyslog clients(TCP) -> HAProxy (TCP mode) -> backend centralized rsyslog server. > > I have the below stick table and acl's through which I am able to mark a source as > "abuse" if the client crosses the limit post which all new connections from the > same client are rejected until stick table timer expires. > > haproxy.cfg > ----------------- > stick-table type ip size 200k expire 2m store gpc0,conn_rate(2s),bytes_in_rate(1s),bytes_in_cnt > > acl data_rate_abuse sc1_bytes_in_rate ge 100 > acl data_size_abuse sc1_kbytes_in ge 1 > > tcp-request connection silent-drop if data_rate_abuse > tcp-request connection reject if data_size_abuse > > However I would like to configure in such a way that once a client sends about > "x bytes" of data the connection should be closed instantly instead of marking it > abuse and simultaneous connections being rejected.
+1 I have a similar issue and hope that we get suggestions to get a answer here. > Kindly let me know if the above can be configured with HAProxy version 1.8. I will need it for 2.2+ > BR > Sangam Regards Aleks
