HAProxy Enterprise Documentation 1.7r1

get acl

Test whether a value would match an ACL.

Description

This command returns a result that indicates whether a value would match an ACL expression. An ACL is found by its ID, which comes from the output of the command show acl. This is useful for debugging ACLs.

Examples

We start with the following ACL expression in the configuration, which checks whether the requested URL path begins with /images/:

frontend www
   bind :80
   acl static_url path -i -m beg /images/

Display a list of defined ACLs by calling show acl:

$ echo "show acl" | socat stdio tcp4-connect:127.0.0.1:9999

# id (file) description
0 () acl 'path' file '/etc/hapee-1.7/hapee-lb.cfg' line 51

Test a value against an ACL that you reference by its ID.

In the example below, we test the value /images/test.jpg against the ACL with an ID of 0:
```
$ echo "get acl #0 /images/test.jpg" | socat stdio tcp4-connect:127.0.0.1:9999

type=beg, case=insensitive, match=yes, idx=list, pattern="/images/"
```
It returns match=yes.

ACL values may also be stored in a file. Given you have a file named paths.acl with the following list of values:

/images/
/scripts/

You would reference this file with an ACL expression like this:

frontend www
      bind :80
      acl static_url path -i -m beg -f /etc/hapee-1.7/paths.acl

Testing a value now checks it against all patterns in the file:

$ echo "get acl #0 /scripts/test.js" | socat stdio tcp4-connect:127.0.0.1:9999
type=beg, case=insensitive, match=yes, idx=list, pattern="/scripts/"

More Versions

HAProxy Products Documentation

get acl

Description

Examples

See also

Your feedback is important to us!