From 75ecbbd3a23529dc0e0393c3f6aab740591329e3 Mon Sep 17 00:00:00 2001
From: Paul Lecuq <paul@paulbsd.com>
Date: Tue, 22 Apr 2025 22:09:36 +0200
Subject: [PATCH] updated haproxy state

---
 states/haproxy/templates/haproxy.cfg.j2 | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/states/haproxy/templates/haproxy.cfg.j2 b/states/haproxy/templates/haproxy.cfg.j2
index 65703b2..d66984f 100644
--- a/states/haproxy/templates/haproxy.cfg.j2
+++ b/states/haproxy/templates/haproxy.cfg.j2
@@ -196,7 +196,7 @@ frontend fe_http from {{ haproxy.config.namespace }}
   http-request set-var(req.accesshash) str(),concat(,req.src,),concat(-,req.host,)
 
   ## Silent drop all external requests with no host header or HTTP/1.0
-  http-request silent-drop if !domains !internal
+  http-request silent-drop if !domains !internal !ua
   http-request silent-drop if version_http10
 
   ## Returns
@@ -268,7 +268,7 @@ frontend fe_https from {{ haproxy.config.namespace }}
   http-request capture sc_http_req_rate(0) len 4
 
   ## Silent drop all external requests with no host header
-  http-request silent-drop if !domains !internal
+  http-request silent-drop if !domains !internal !ua
   http-request silent-drop if version_http10
 
   ## DDoS