HAProxy tips and tricks

Checking to see if an ACL is present in HAProxy

For when you aren't sure if the whole process is working, you can manually connect to the HAProxy socket and print out the contents.

socat is the way forward here. Install it with your favourite package manager, and then run something like this:
$grep socket /etc/haproxy/haproxy.cfg |grep admin to get the socket path:

stats socket /run/haproxy-stats.sock mode 0660 level admin user haproxy group haproxy

then:

echo "show acl #202" |socat /run/haproxy-stats.sock stdio

being the path you grepped out of the config above. This command requests the contents of ACL 202 from HAProxy. ACL 202 in this example is the relevant ACL number in your HAProxy config.

You should see something like:
0x556b19ecd4a0 200.206.23.125 in the output if it works.

Consider Your Use Case

SSH

Remote Desktop

Web applications

Ivanti Connect Secure

Video

FortiOS, FortiProxy or SSL VPN

VOIP

AWS Infrastructure

Azure Portal

Licensing Knocknoc

Server Installation

Agent Installation

Create Users

Create Groups

Admins

Settings

SAML

SAML Principles and Terms

Local Authentication

SAML with EntraID (Azure AD)

SAML with OKTA

Knocknoc with ADFS

SAML with Gsuite as IDP

SAML with Jumpcloud

SAML for the Admin Interface

LDAP

IPset (Linux Netfilter/IPTables)

HAProxy

IPsets with UFW

IPsets with Shorewall

Script Any Arbitrary Backend

AWS (EC2) Security Groups

Mikrotik RouterOS

Nginx

Apache Webserver

Fortigate Address Groups

Microsoft Entra

Allowlist

ACL Basics

Time for NTP

LDAP Troubleshooting tips

Knocknoc server behind HAProxy

HAProxy tips and tricks

HAProxy tips and tricks

Checking to see if an ACL is present in HAProxy