ACL to block certain vcloud pages unless from certain IPs

Smudger

9/18/23, 9:52 PM

I have a need to block a tenant URL in vcloud and have managed to do this for the direct attempts, ie vcloudaddress.com/tenant/tenantname, but I can't seem to block the

/login/?service=tenant:tenantname&redirectTo=blahblahblah

I need to wildcard, it but how do I do that in HAProxy-speak?

This is what I have at present:

acl trusted_ip src IP1

acl trusted_ip src IP2

acl trusted_ip src IP3

acl trusted_ip src IP4

acl trusted_ip src IP5

acl protected_page path_beg -i /cloud/org/tenantname/

acl protected_page path_beg -i /tenant/tenantname

acl protected_page path_beg -i /login/?service=tenant:tenantname

acl protected_page path_beg -i /api-explorer/tenant/tenantname

block if !trusted_ip protected_page

All seem to work apart from this one:

acl protected_page path_beg -i /login/?service=tenant:tenantname

Any help would be much appreciated

0 + 0

haproxy

vmware-vsphere

vmware-vcloud-director

nsx

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: ACL to block certain vcloud pages unless from certain IPs

TH: ACL เพื่อบล็อกหน้า vcloud บางหน้ายกเว้นจาก IP บางตัว

RO: ACL pentru a bloca anumite pagini vcloud, cu excepția cazului din anumite IP-uri

RU: ACL для блокировки определенных страниц vcloud, кроме как с определенных IP-адресов

VI: ACL để chặn một số trang vcloud trừ khi từ một số IP nhất định

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.