mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2025-01-18 11:40:50 +00:00
7aff1bf6b9
HAProxy 2.0 is the lowest supported version, thus this always matches. see 1b095cac9468d0c3eeb157e9b1a2947487bd3c83
78 lines
1.6 KiB
Plaintext
78 lines
1.6 KiB
Plaintext
varnishtest "haproxy ACL, CLI and mCLI spaces"
|
|
feature ignore_unknown_macro
|
|
|
|
server s1 {
|
|
rxreq
|
|
expect req.method == "GET"
|
|
txresp
|
|
} -repeat 2 -start
|
|
|
|
haproxy h1 -W -S -conf {
|
|
defaults
|
|
mode http
|
|
log global
|
|
option httplog
|
|
timeout connect "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
timeout client "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
timeout server "${HAPROXY_TEST_TIMEOUT-5s}"
|
|
|
|
frontend fe1
|
|
bind "fd@${fe1}"
|
|
|
|
http-request deny if { req.hdr(user-agent) -i -m str -f ${testdir}/agents.acl }
|
|
|
|
default_backend be1
|
|
|
|
backend be1
|
|
server s1 ${s1_addr}:${s1_port}
|
|
|
|
} -start
|
|
|
|
client c1 -connect ${h1_fe1_sock} {
|
|
txreq -hdr "User-Agent: Mon User Agent"
|
|
rxresp
|
|
expect resp.status == 200
|
|
} -run
|
|
|
|
haproxy h1 -cli {
|
|
send "add acl ${testdir}/agents.acl Mon\\ User\\ Agent\\;"
|
|
expect ~ .*
|
|
|
|
send "show acl ${testdir}/agents.acl"
|
|
expect ~ ".*Mon User Agent.*"
|
|
}
|
|
|
|
client c1 -connect ${h1_fe1_sock} {
|
|
txreq -hdr "User-Agent: Mon User Agent;"
|
|
rxresp
|
|
expect resp.status == 403
|
|
} -run
|
|
|
|
|
|
haproxy h1 -cli {
|
|
send "del acl ${testdir}/agents.acl Mon\\ User\\ Agent\\;"
|
|
expect ~ .*
|
|
|
|
send "show acl ${testdir}/agents.acl"
|
|
expect ~ .*
|
|
}
|
|
|
|
client c1 -connect ${h1_fe1_sock} {
|
|
txreq -hdr "User-Agent: Mon User Agent;"
|
|
rxresp
|
|
expect resp.status == 200
|
|
} -run
|
|
|
|
|
|
# Try it with the master CLI
|
|
haproxy h1 -mcli {
|
|
send "@1 add acl ${testdir}/agents.acl Mon\\ User\\ Agent\\;;@1 show acl ${testdir}/agents.acl"
|
|
expect ~ ".*Mon User Agent;.*"
|
|
}
|
|
|
|
client c1 -connect ${h1_fe1_sock} {
|
|
txreq -hdr "User-Agent: Mon User Agent;"
|
|
rxresp
|
|
expect resp.status == 403
|
|
} -run
|