> On Mon, Jun 10, 2013 at 6:15 PM, Hugues Lepesant <hugues@...> wrote: > > Hello all, > > > > > > > > I'm trying to make this tutorial work : > > > > > > > > http://blog.exceliance.fr/2012/10/16/high-performance-waf-platform-with-naxsi-and-haproxy/ > > > > > > > > But when I check the configuration of haproxy I've got a this errors : > > > > > > > > # haproxy -c -f /etc/haproxy/haproxy.test.cfg > > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:32] : > > error detected while parsing ACL 'abuse' : ACL keyword 'sc1_http_req_rate' > > takes no argument. > > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:33] : > > error detected while parsing ACL 'flag_abuser' : ACL keyword 'sc1_inc_gpc0' > > takes no argument. > > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:34] : > > 'tcp-request content reject' : error detected in frontend 'ft_waf' while > > parsing 'if' condition : no such ACL : 'abuse' > > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:56] : > > error detected while parsing ACL 'abuse' : ACL keyword 'sc1_http_err_rate' > > takes no argument. > > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:57] : > > error detected while parsing ACL 'flag_abuser' : ACL keyword 'sc1_inc_gpc0' > > takes no argument. > > [ALERT] 160/191308 (22091) : parsing [/etc/haproxy/haproxy.test.cfg:58] : > > 'tcp-request content reject' : error detected in backend 'bk_waf' while > > parsing 'if' condition : no such ACL : 'abuse' > > [ALERT] 160/191308 (22091) : Error(s) found in configuration file : > > /etc/haproxy/haproxy.test.cfg > > [WARNING] 160/191308 (22091) : config : log format ignored for frontend > > 'ft_waf' since it has no log address. > > [WARNING] 160/191308 (22091) : config : log format ignored for frontend > > 'ft_web' since it has no log address. > > [ALERT] 160/191308 (22091) : Fatal errors found in configuration.
Hug, It looks like these lines from that tutorial are causing some hang ups: --- acl abuse sc1_http_req_rate(ft_web) ge 100 acl flag_abuser sc1_inc_gpc0(ft_web) . . . acl abuse sc1_http_err_rate(ft_waf) ge 10 acl flag_abuser sc1_inc_gpc0(ft_waf) --- HAProxy is complaining because those fetch methods don't take arguments. Also, from the tutorial it looks like neither of these two front-ends tracks anything or has any stick-tables, so: --- acl abuse sc1_http_req_rate ge 100 acl flag_abuser sc1_inc_gpc0 . . . acl abuse sc1_http_err_rate ge 10 acl flag_abuser sc1_inc_gpc0 --- might make more sense. Best of luck, Shannon
