clear table
Remove one or more entries from a stick table.
Description
With no arguments, clear table removes all records from a stick table.
You can also select specific records to remove. Specify either the key of the record to remove or an expression that matches a record's counters.
Examples
Consider this real-world example that uses a stick-table to track clients that exceed a rate limit and bans clients that exceed the limit three times:
frontend fe_main
bind :80
# define stick table
stick-table type ip size 100k expire 24h store http_req_rate(5s),gpc0,gpt0
# begin tracking requests where the key in the table
# is the client's source IP
http-request track-sc0 src
# has the client exceeded 20 requests in 5 seconds?
acl exceeds_rate_limit sc_http_req_rate(0) gt 20
# flag them if they exceeded the limit
http-request sc-set-gpt0(0) 1 if exceeds_rate_limit
# if they exceeded the limit 3 times, mark them as a known speeder
acl known_speeder sc_get_gpc0(0) ge 3
# deny all clients that exceed the limit or are known speeders
http-request deny deny_status 429 if exceeds_rate_limit || known_speeder
# count each time they exceed the limit if they were flagged
acl issue_speeding_ticket sc_get_gpt0(0) eq 1
http-request sc-inc-gpc0(0) if issue_speeding_ticket
# reset the flag
http-request sc-set-gpt0(0) 0
default_backend be_serversFirst, use show table to lists records in the table fe_main:
$ echo "show table fe_main" | \
sudo socat stdio unix-connect:/var/run/hapee-2.4/hapee-lb.sock# table: fe_main, type: ip, size:102400, used:1
0x5641b364f7e8: key=192.168.50.19 use=0 exp=86398242 gpt0=0 gpc0=3 http_req_rate(5000)=5
0x5641b364f7e8: key=192.168.50.24 use=0 exp=86398220 gpt0=0 gpc0=1 http_req_rate(5000)=5
0x5641b364f7e8: key=192.168.50.30 use=0 exp=86398250 gpt0=0 gpc0=1 http_req_rate(5000)=5The key is the client's IP address, and there are three counters tracked: gpt0, gpc0, and http_req_rate(5000).
Use clear table with no arguments to remove all records:
$ echo "clear table fe_main" | \
sudo socat stdio unix-connect:/var/run/hapee-2.4/hapee-lb.sockSet the key parameter to remove only the record that has a key with the given value. Here, we remove the record with the key 192.168.50.19:
$ echo "clear table fe_main key 192.168.50.19" | \
sudo socat stdio unix-connect:/var/run/hapee-2.4/hapee-lb.sockYou can also select records to remove using a filter expression. Prefix the counter you want to filter on with data. Here, we remove records that have a gpc0 counter set to 1:
$ echo "clear table fe_main data.gpc0 eq 1" | \
sudo socat stdio unix-connect:/var/run/hapee-2.4/hapee-lb.sockUse any of the following comparison operators:
eq : true if the counter equals the value
ge : true if the counter is greater than or equal to the value
gt : true if the counter is greater than the value
le : true if the counter is less than or equal to the value
lt : true if the counter is less than the value
See also
Next up
commit acl