From users-return-7575-archive-asf-public=cust-asf.ponee.io@trafficserver.apache.org Fri Mar 1 20:58:02 2019 Return-Path: X-Original-To: archive-asf-public@cust-asf.ponee.io Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by mx-eu-01.ponee.io (Postfix) with SMTP id 1FFA0180647 for ; Fri, 1 Mar 2019 21:58:01 +0100 (CET) Received: (qmail 12020 invoked by uid 500); 1 Mar 2019 20:58:01 -0000 Mailing-List: contact users-help@trafficserver.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: users@trafficserver.apache.org Delivered-To: mailing list users@trafficserver.apache.org Received: (qmail 12008 invoked by uid 99); 1 Mar 2019 20:58:01 -0000 Received: from pnap-us-west-generic-nat.apache.org (HELO spamd1-us-west.apache.org) (209.188.14.142) by apache.org (qpsmtpd/0.29) with ESMTP; Fri, 01 Mar 2019 20:58:01 +0000 Received: from localhost (localhost [127.0.0.1]) by spamd1-us-west.apache.org (ASF Mail Server at spamd1-us-west.apache.org) with ESMTP id AD37DC2E13 for ; Fri, 1 Mar 2019 20:58:00 +0000 (UTC) X-Virus-Scanned: Debian amavisd-new at spamd1-us-west.apache.org X-Spam-Flag: NO X-Spam-Score: 1.433 X-Spam-Level: * X-Spam-Status: No, score=1.433 tagged_above=-999 required=6.31 tests=[KAM_LAZY_DOMAIN_SECURITY=1, NO_RDNS_DOTCOM_HELO=0.433] autolearn=disabled Received: from mx1-lw-us.apache.org ([10.40.0.8]) by localhost (spamd1-us-west.apache.org [10.40.0.7]) (amavisd-new, port 10024) with ESMTP id OG95-Ie1kHl1 for ; Fri, 1 Mar 2019 20:57:59 +0000 (UTC) Received: from mail.network-geographics.com (network-geographics.com [54.235.125.116]) by mx1-lw-us.apache.org (ASF Mail Server at mx1-lw-us.apache.org) with ESMTPS id 3EE4A60FC9 for ; Fri, 1 Mar 2019 20:57:59 +0000 (UTC) Received: from UNKNOWN-172-130-107-X.yahoo.com (unknown [184.165.6.184]) by mail.network-geographics.com (Postfix) with ESMTPSA id 2EEEA20530 for ; Fri, 1 Mar 2019 20:57:53 +0000 (UTC) Date: Fri, 1 Mar 2019 14:57:53 -0600 From: "Alan M. Carroll" Organization: Network Geographics, Inc. Message-ID: <1671360948.20190301145753@network-geographics.com> To: users@trafficserver.apache.org Subject: Issue 1971: Remap config filters / ACLS MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit I'm heavily involved in working on issue #1971, which is about the fact that filters / acls on remap rules are broken. I'm at the point of having to finalize the implementation and therefore I wanted to check one last time on whether that style is acceptable. Following this are some examples in the new implementation. I would like any dev ops people to email me *privately* what they think these configurations will do. This is to prevent cross contamination. It is unclear if this is backwards compatible or not, as the current implementation doesn't work as the documentation claims, and even there the documentation is rather vague. For this reason I think the actual impact will be minimal. A) map http://foo.example.com/ http://foo.example.com/ @action=allow @src_ip=172.17.0.0/24 B) map http://foo.example.com/path http://foo.example.com/path @action=deny @method=post C) map http://foo.example.com/ http://foo.example.com/ @action=allow @method=~GET|HEAD D) map http://foo.example.com/ http://foo.example.com/ @action=deny @src_ip=172.17.9.123 E) map http://foo.example.com/ http://foo.example.com/ @action=deny @src_ip=~172.17.9.123 F) map http://foo.example.com/ http://foo.example.com/ @action=deny @src_ip=172.17.9.123 @proxy_ip=10.97.185.17 G) map http://foo.example.com/ http://foo.example.com/ @action=allow @src_ip=127.0.0.1 @method=post @method=get @method=head @action=deny H) map http://foo.example.com/ http://foo.example.com/ @action=deny @method=HEAD @action=allow @src_ip=10.1.0.0/16 @action=deny @src_ip=10.0.0.0/8 I) map http://foo.example.com/path http://foo.example.com/path @action=deny @method=~HEAD|GET Issue 1971: https://github.com/apache/trafficserver/issues/1971