secu 429 out lan 1et2

haproxy.cfg

@@ -105,10 +105,14 @@ frontend https
 
     	# Whitelist IP perso (optionnel)
     	acl my_ip src 82.67.3.126
+    	acl my_lan1 src 192.168.1.0/24
+    	acl my_lan2 src 192.168.2.0/24
 
     	# Autoriser ton domaine (ou ton IP) à passer sans rate-limit
     	http-request allow if n8n_domain
     	http-request allow if my_ip
+    	http-request allow if my_lan1
+    	http-request allow if my_lan2
 
     	# Appliquer la rate-limit globale pour le reste
     	http-request deny deny_status 429 if { sc0_http_req_rate gt 100 }
@@ -321,10 +325,12 @@ backend per_ip_rates
 
     	# Whitelist IP: 82.67.3.126 (bypass rate limiting)
     	acl is_whitelisted_ip src 82.67.3.126
+    	acl is_whitelisted_lan1 src 192.168.1.0/24
+    	acl is_whitelisted_lan2 src 192.168.2.0/24
 
     	# Whitelist domain: *.gyozamancave.fr (bypass rate limiting)
     	acl is_whitelisted_domain hdr_end(host) -i gyozamancave.fr
 
     # Apply rate limiting (10 req/10s) unless whitelisted
     	#http-request deny deny_status 429 if !is_whitelisted_ip !is_whitelisted_domain { sc0_http_req_rate(per_ip_rates) gt 10 }
-    	http-request deny deny_status 429 if !is_whitelisted_ip !is_whitelisted_domain { sc0_http_req_rate gt 10 }    	
+    	http-request deny deny_status 429 if !is_whitelisted_ip !is_whitelisted_lan1 !is_whitelisted_lan2 !is_whitelisted_domain { sc0_http_req_rate gt 10 }