When on the blacklist, the traffic coming from these source IPs is dropped regardless the TCP port filtering policies.
The size of both whitelist and blacklist cannot go over more than 512 different class C networks.
If you would like create and use a black or white lists HAProxy-WI helps with it. HAProxy-WI gives ability to create and manage lists via web panel
For creating blacklists go to the HAProxy -> Lists page, enter name of a new black list and press the "create":
After page reloading you will see the blacklist in the "Existing blacklists"(in the blue box). Chose server for uploading(in the black box), press on the list name to open to edit the list. Write down you IPs and press the "Just save"(in the green box) to avoid unnecessary reboots HAProxy service.
After you have finished editing the blacklist go to the "Add proxy" page and chose which type of proxy you would like to create. In our example it will be Frontend, therefore we press the "Create HTTP frontend". After need tab opened press the "Show Advanced settings" and you will see additional settings. Check the "blacklist" checkbox in the "WAF" section and start typing name of the blacklist, which we just created:
Chose the blacklist, fill all necessary fields and press the "Add Frontend" button. Do not forget restart the HAProxy service
Without using HAProxy-WI if you want to edit your lists you must go to console, edit your lists and restart HAProxy service. It can be complicated and uncomfortable, especially if you have numbers of HAProxy services.
Due to these reasons HAProxy-WI provides the ability edit lists without restarting HAProxy services via web panel and keeps the changes persistently. Your customers even will not know about any changes =^.^=.
For doing it go to Runtime API -> Lists, chose need server and you will see blacklists which currently used in HAProxy config(in the black box).
Press the "Get list" button and you will see content of chosen list. You can delete some IP(in the blue box) or press the "Add IP" button and add a new IP(in the black box). These changes will implement immediately, also HAProxy-WI will edit the blacklist so on next restart you changes will be kept.