trafficserver-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alan M. Carroll" <...@network-geographics.com>
Subject Issue 1971: Remap config filters / ACLS
Date Fri, 01 Mar 2019 20:57:53 GMT
I'm heavily involved in working on issue #1971, which is about the fact that filters / acls
on remap rules are broken. I'm at the point of having to finalize the implementation and therefore
I wanted to check one last time on whether that style is acceptable. Following this are some
examples in the new implementation. I would like any dev ops people to email me *privately*
what they think these configurations will do. This is to prevent cross contamination. It is
unclear if this is backwards compatible or not, as the current implementation doesn't work
as the documentation claims, and even there the documentation is rather vague. For this reason
I think the actual impact will be minimal.

A) map http://foo.example.com/  http://foo.example.com/ @action=allow @src_ip=172.17.0.0/24

B) map http://foo.example.com/path  http://foo.example.com/path @action=deny @method=post

C) map http://foo.example.com/  http://foo.example.com/ @action=allow @method=~GET|HEAD

D) map http://foo.example.com/  http://foo.example.com/ @action=deny @src_ip=172.17.9.123

E) map http://foo.example.com/  http://foo.example.com/ @action=deny @src_ip=~172.17.9.123

F) map http://foo.example.com/  http://foo.example.com/ @action=deny @src_ip=172.17.9.123
@proxy_ip=10.97.185.17

G) map http://foo.example.com/  http://foo.example.com/ @action=allow @src_ip=127.0.0.1 @method=post
@method=get @method=head @action=deny

H) map http://foo.example.com/  http://foo.example.com/ @action=deny @method=HEAD @action=allow
@src_ip=10.1.0.0/16 @action=deny @src_ip=10.0.0.0/8

I) map http://foo.example.com/path  http://foo.example.com/path @action=deny @method=~HEAD|GET

Issue 1971: https://github.com/apache/trafficserver/issues/1971


Mime
View raw message