HAProxy nested ACL conditionals

haproxy

I have a set of the following defined within a frontend:

    acl abc_f path_beg /abc/
    use_backend abc if abc_f

Now, I'd like to direct a domain to a backend, and it should not have any of the above ACL conditions applied to it. I wanted add in:

acl host_xyz hdr(host) -i xyz.com

Is there anyway I can "nest" the ACL conditions so it only occurs on a specific domain, and not to the new domain?

Or do I have to modify each ACL rule to now take account of the domain?

Best Answer

You can evaluate multiple ACLs at once, but keep in mind that HAProxy uses short-circuit evaluation of the conditions (it stops evaluation at the moment it encounters false condition).

If I understood your question correctly, you wish to exclude domain xyz.com from use_backend abc if abc_f (i.e. you don't want to direct requests for domain xyz.com to backend abc). To do that, you can simply add an extra condition to use_backend abc directive:

acl abc_f path_beg /abc/
acl host_xyz hdr(host) -i xyz.com

# Use backend "abc" if ACL "abc_f" is true and if ACL "host_xyz" is not true
use_backend abc if abc_f !host_xyz
Related Topic