Haproxy配置拦截指定src的连接
需求:
haproxy不让指定的ip连接进来。
配置方式:
listen xxxx
bind 0.0.0.0:8888
mode tcp
option tcplog
balance roundrobin
timeout client 3h
timeout server 3h
server 10.10.10.10 10.10.10.10:18888 check inter 5000 rise 2 fall 3
server 10.10.10.11 10.10.10.11:18888 check inter 5000 rise 2 fall 3
tcp-request connection reject if { src 10.10.10.11/32 }
参考链接:
https://www.haproxy.com/blog/introduction-to-haproxy-acls/
http://cbonte.github.io/haproxy-dconv/2.2/configuration.html#7
http://cbonte.github.io/haproxy-dconv/2.2/configuration.html#7
任凭弱水三千,我只取一瓢饮