1. In order to match a boolean, no value is needed and all values are ignored.
    2. Boolean matching is used by default for all fetch methods of type "boolean".
    3. When boolean matching is used, the fetched value is returned as-is, which means
    4. that a boolean "true" will always match and a boolean "false" will never match.
    5.  
    6. Boolean matching may also be enforced using "-m bool" on fetch methods which
    7. return an integer value. Then, integer value 0 is converted to the boolean
    8. "false" and all other values are converted to "true".

    7.1.2. Matching integers

    1. Integer matching applies by default to integer fetch methods. It can also be
    2. enforced on boolean fetches using "-m int". In this case, "false" is converted
    3. to the integer 0, and "true" is converted to the integer 1.
    4.  
    5. Integer matching also supports integer ranges and operators. Note that integer
    6. matching only applies to positive values. A range is a value expressed with a
    7. lower and an upper bound separated with a colon, both of which may be omitted.
    8.  
    9. For instance, "1024:65535" is a valid range to represent a range of
    10. unprivileged ports, and "1024:" would also work. "0:1023" is a valid
    11. representation of privileged ports, and ":1023" would also work.
    12.  
    13. As a special case, some ACL functions support decimal numbers which are in fact
    14. two integers separated by a dot. This is used with some version checks for
    15. instance. All integer properties apply to those decimal numbers, including
    16. ranges and operators.
    17.  
    18. For an easier usage, comparison operators are also supported. Note that using
    19. operators with ranges does not make much sense and is strongly discouraged.
    20. of values.
    21.  
    22. Available operators for integer matching are :
    23.  
    24.   eq : true if the tested value equals at least one value
    25.   ge : true if the tested value is greater than or equal to at least one value
    26.   gt : true if the tested value is greater than at least one value
    27.   le : true if the tested value is less than or equal to at least one value
    28.   lt : true if the tested value is less than at least one value
    29.  
    30. For instance, the following ACL matches any negative Content-Length header :
    31.  
    32.   acl negative-length hdr_val(content-length) lt 0
    33.  
    34. This one matches SSL versions between 3.0 and 3.1 (inclusive) :
    35.  
    36.   acl sslv3 req_ssl_ver 3:3.1

    7.1.4. Matching regular expressions (regexes)

    1. Just like with string matching, regex matching applies to verbatim strings as
    2. they are passed, with the exception of the backslash ("\") which makes it
    3. possible to escape some characters such as the space. If the "-i" flag is
    4. passed before the first regex, then the matching will be performed ignoring
    5. the case. In order to match the string "-i", either set it second, or pass
    6. the "--" flag before the first string. Same principle applies of course to
    7. match the string "--".

    Example :

    7.1.6. Matching IPv4 and IPv6 addresses

    1. IPv4 addresses values can be specified either as plain addresses or with a
    2. netmask appended, in which case the IPv4 address matches whenever it is
    3. within the network. Plain addresses may also be replaced with a resolvable
    4. host name, but this practice is generally discouraged as it makes it more
    5. difficult to read and debug configurations. If hostnames are used, you should
    6. does not depend on any random DNS match at the moment the configuration is
    7. parsed.
    8.  
    9. The dotted IPv4 address notation is supported in both regular as well as the
    10. abbreviated form with all-0-octets omitted:
    11.  
    12.     +------------------+------------------+------------------+
    13.     |   Example 1      |     Example 2    |     Example 3    |
    14.     +------------------+------------------+------------------+
    15.     |  192.168.0.1     |   10.0.0.12      |   127.0.0.1      |
    16.     |  192.168.1       |   10.12          |   127.1          |
    17.     |  192.168.0.1/22  |   10.0.0.12/8    |   127.0.0.1/8    |
    18.     |  192.168.1/22    |   10.12/8        |   127.1/8        |
    19.     +------------------+------------------+------------------+
    20.  
    21. Notice that this is different from RFC 4632 CIDR address notation in which
    22. 192.168.42/24 would be equivalent to 192.168.42.0/24.
    23.  
    24. IPv6 may be entered in their usual form, with or without a netmask appended.
    25. Only bit counts are accepted for IPv6 netmasks. In order to avoid any risk of
    26. trouble with randomly resolved IP addresses, host names are never allowed in
    27. IPv6 patterns.
    28.  
    29. HAProxy is also able to match IPv4 addresses with IPv6 addresses in the
    30. following situations :
    31.   - tested address is IPv4, pattern address is IPv4, the match applies
    32.     in IPv4 using the supplied mask if any.
    33.   - tested address is IPv6, pattern address is IPv6, the match applies
    34.     in IPv6 using the supplied mask if any.
    35.   - tested address is IPv6, pattern address is IPv4, the match applies in IPv4
    36.     using the pattern's mask if the IPv6 address matches with 2002:IPV4::,
    37.     ::IPV4 or ::ffff:IPV4, otherwise it fails.
    38.   - tested address is IPv4, pattern address is IPv6, the IPv4 address is first
    39.     applied in IPv6 using the supplied IPv6 mask.