Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
Possible to use Firewall IP Alias list in HAProxy Conditions?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Possible to use Firewall IP Alias list in HAProxy Conditions? (Read 50869 times)
thejasonator
Newbie
Posts: 1
Karma: 0
Possible to use Firewall IP Alias list in HAProxy Conditions?
«
on:
October 28, 2019, 03:22:18 pm »
Hi there,
I want to test if the Source-IP is within a certain list of IPs and then set a header.
For example, I have a Firewall Alias called Trusted_IPs, which is a list of about 10 trusted IP addresses that is reloaded from an URL table once a day.
If the frontend receives a request from one of these IPs I want it to do http-request header set X-Trusted-IP Trusted
So far, I have only been able to get the Condition "Source IP matches specified IP" to work with a single IP address.
I found this exact issue being discussed in OPNsense 17 forum at
https://forum.opnsense.org/index.php?topic=6316.msg27255#msg27255
and it was mooted to be available from 18.1, but I can't find a way of doing it.
Thanks for your help,
Jason
Logged
fog
Newbie
Posts: 24
Karma: 2
Re: Possible to use Firewall IP Alias list in HAProxy Conditions?
«
Reply #1 on:
August 26, 2020, 11:15:59 am »
It is still not possible?
My workaround:
with a Custom condition (option pass through) 'allowed_ip' define a HAProxy acl condition for many IP's, subnet and also dyndns names in textbox Option pass-through i.e.:
src 1.1.1.1 2.2.2.0/24 a.dyndns.com b.dyndns.com
And in the rule to redirect to the backend add the condition 'allowed_ip'.
My Firewall Alias contain many IP's: I copied the IP's from Firewall: Diagnostics: pfTables -> Alias
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
19.7 Legacy Series
»
Possible to use Firewall IP Alias list in HAProxy Conditions?