search

crowdsecurity / cs-haproxy-bouncer

Crowdsec bouncer for HAProxy
MIT License
18 stars 7 forks source link

HaProxy Doesn't write in map file #30

Closed Berthe01 closed 10 months ago

Berthe01 commented 10 months ago

Hello,

I've got an Haproxy 2.8.2-1~bpo11+1 2023/08/12 installation on Debian. Installed cs-haproxy-bouncer using apt-get.

It seems that haproxy doesn't write entries in the runtime.conf["MAP_PATH"] provided map file.

config_file_extract :

path to community_blocklist.map

MAP_PATH=/var/lib/crowdsec/lua/haproxy/community_blocklist.map

live or stream

MODE=stream

Is there a way to test permissions or file access issue ?

Thanks,

LaurenceJJones commented 10 months ago

Do you see any issues in haproxy logs?

Berthe01 commented 10 months ago

Unfortunatly no. Can't see any errors when it tries to add an entry in the map file.

But when haproxy's running with bouncer configured I can't see any entries in the files :

root@haproxy-01:~# cat /var/lib/crowdsec/lua/haproxy/community_blocklist.map
# ip or range    remediationroot
root@haproxy-01:~#
aderumier commented 10 months ago

Hi, I think it's normal, it's filled in memory in lua script, but a file need to exist for haproxy at start, to create the map in memory first.

LaurenceJJones commented 10 months ago

Closing due to intended functionality