diff --git a/include/proto/proto_http.h b/include/proto/proto_http.h index 1f63c5720..a3a261fa0 100644 --- a/include/proto/proto_http.h +++ b/include/proto/proto_http.h @@ -210,12 +210,12 @@ static inline int http_body_bytes(const struct http_msg *msg) return len; } -/* for an http-request action HTTP_REQ_ACT_TRK_*, return a tracking index +/* for an http-request action ACT_HTTP_REQ_TRK_*, return a tracking index * starting at zero for SC0. Unknown actions also return zero. */ static inline int http_req_trk_idx(int trk_action) { - return trk_action - HTTP_REQ_ACT_TRK_SC0; + return trk_action - ACT_ACTION_TRK_SC0; } /* for debugging, reports the HTTP message state name */ diff --git a/include/proto/proto_tcp.h b/include/proto/proto_tcp.h index d38a81582..312762538 100644 --- a/include/proto/proto_tcp.h +++ b/include/proto/proto_tcp.h @@ -92,12 +92,12 @@ static inline struct stktable_key *addr_to_stktable_key(struct sockaddr_storage return static_table_key; } -/* for a tcp-request action TCP_ACT_TRK_*, return a tracking index starting at +/* for a tcp-request action ACT_TCP_TRK_*, return a tracking index starting at * zero for SC0. Unknown actions also return zero. */ static inline int tcp_trk_idx(int trk_action) { - return trk_action - TCP_ACT_TRK_SC0; + return trk_action - ACT_ACTION_TRK_SC0; } #endif /* _PROTO_PROTO_TCP_H */ diff --git a/include/types/action.h b/include/types/action.h index 9d8b2f959..09c14c504 100644 --- a/include/types/action.h +++ b/include/types/action.h @@ -36,60 +36,40 @@ enum act_name { ACT_ACTION_CONT = 0, ACT_ACTION_STOP, - /* http request actions. */ - HTTP_REQ_ACT_UNKNOWN, - HTTP_REQ_ACT_ALLOW, - HTTP_REQ_ACT_DENY, - HTTP_REQ_ACT_TARPIT, - HTTP_REQ_ACT_AUTH, - HTTP_REQ_ACT_ADD_HDR, - HTTP_REQ_ACT_SET_HDR, - HTTP_REQ_ACT_DEL_HDR, - HTTP_REQ_ACT_REPLACE_HDR, - HTTP_REQ_ACT_REPLACE_VAL, - HTTP_REQ_ACT_REDIR, - HTTP_REQ_ACT_SET_NICE, - HTTP_REQ_ACT_SET_LOGL, - HTTP_REQ_ACT_SET_TOS, - HTTP_REQ_ACT_SET_MARK, - HTTP_REQ_ACT_ADD_ACL, - HTTP_REQ_ACT_DEL_ACL, - HTTP_REQ_ACT_DEL_MAP, - HTTP_REQ_ACT_SET_MAP, - HTTP_REQ_ACT_SET_SRC, - HTTP_REQ_ACT_TRK_SC0, - /* SC1, SC2, ... SCn */ - HTTP_REQ_ACT_TRK_SCMAX = HTTP_REQ_ACT_TRK_SC0 + MAX_SESS_STKCTR - 1, + /* common action */ + ACT_ACTION_ALLOW, + ACT_ACTION_DENY, - /* http response actions */ - HTTP_RES_ACT_UNKNOWN, - HTTP_RES_ACT_ALLOW, - HTTP_RES_ACT_DENY, - HTTP_RES_ACT_ADD_HDR, - HTTP_RES_ACT_REPLACE_HDR, - HTTP_RES_ACT_REPLACE_VAL, - HTTP_RES_ACT_SET_HDR, - HTTP_RES_ACT_DEL_HDR, - HTTP_RES_ACT_SET_NICE, - HTTP_RES_ACT_SET_LOGL, - HTTP_RES_ACT_SET_TOS, - HTTP_RES_ACT_SET_MARK, - HTTP_RES_ACT_ADD_ACL, - HTTP_RES_ACT_DEL_ACL, - HTTP_RES_ACT_DEL_MAP, - HTTP_RES_ACT_SET_MAP, - HTTP_RES_ACT_REDIR, + /* common http actions .*/ + ACT_HTTP_ADD_HDR, + ACT_HTTP_REPLACE_HDR, + ACT_HTTP_REPLACE_VAL, + ACT_HTTP_SET_HDR, + ACT_HTTP_DEL_HDR, + ACT_HTTP_REDIR, + ACT_HTTP_SET_NICE, + ACT_HTTP_SET_LOGL, + ACT_HTTP_SET_TOS, + ACT_HTTP_SET_MARK, + ACT_HTTP_ADD_ACL, + ACT_HTTP_DEL_ACL, + ACT_HTTP_DEL_MAP, + ACT_HTTP_SET_MAP, + + /* http request actions. */ + ACT_HTTP_REQ_TARPIT, + ACT_HTTP_REQ_AUTH, + ACT_HTTP_REQ_SET_SRC, /* tcp actions */ - TCP_ACT_ACCEPT, - TCP_ACT_REJECT, - TCP_ACT_EXPECT_PX, - TCP_ACT_TRK_SC0, /* TCP request tracking : must be contiguous and cover up to MAX_SESS_STKCTR values */ - TCP_ACT_TRK_SC1, - TCP_ACT_TRK_SC2, - TCP_ACT_TRK_SCMAX = TCP_ACT_TRK_SC0 + MAX_SESS_STKCTR - 1, - TCP_ACT_CLOSE, /* close at the sender's */ - TCP_ACT_CAPTURE, /* capture a fetched sample */ + ACT_TCP_EXPECT_PX, + ACT_TCP_CLOSE, /* close at the sender's */ + ACT_TCP_CAPTURE, /* capture a fetched sample */ + + /* track stick counters */ + ACT_ACTION_TRK_SC0, + /* SC1, SC2, ... SCn */ + ACT_ACTION_TRK_SCMAX = ACT_ACTION_TRK_SC0 + MAX_SESS_STKCTR - 1, }; struct act_rule { @@ -111,10 +91,10 @@ struct act_rule { struct my_regex re; /* used by replace-header and replace-value */ } hdr_add; /* args used by "add-header" and "set-header" */ struct redirect_rule *redir; /* redirect rule or "http-request redirect" */ - int nice; /* nice value for HTTP_REQ_ACT_SET_NICE */ - int loglevel; /* log-level value for HTTP_REQ_ACT_SET_LOGL */ - int tos; /* tos value for HTTP_REQ_ACT_SET_TOS */ - int mark; /* nfmark value for HTTP_REQ_ACT_SET_MARK */ + int nice; /* nice value for ACT_HTTP_SET_NICE */ + int loglevel; /* log-level value for ACT_HTTP_SET_LOGL */ + int tos; /* tos value for ACT_HTTP_SET_TOS */ + int mark; /* nfmark value for ACT_HTTP_SET_MARK */ struct { char *ref; /* MAP or ACL file name to update */ struct list key; /* pattern to retrieve MAP or ACL key */ diff --git a/src/cfgparse.c b/src/cfgparse.c index cacbccb28..a7d49c6a7 100644 --- a/src/cfgparse.c +++ b/src/cfgparse.c @@ -3550,10 +3550,10 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) if (!LIST_ISEMPTY(&curproxy->http_req_rules) && !LIST_PREV(&curproxy->http_req_rules, struct act_rule *, list)->cond && - (LIST_PREV(&curproxy->http_req_rules, struct act_rule *, list)->action == HTTP_REQ_ACT_ALLOW || - LIST_PREV(&curproxy->http_req_rules, struct act_rule *, list)->action == HTTP_REQ_ACT_DENY || - LIST_PREV(&curproxy->http_req_rules, struct act_rule *, list)->action == HTTP_REQ_ACT_REDIR || - LIST_PREV(&curproxy->http_req_rules, struct act_rule *, list)->action == HTTP_REQ_ACT_AUTH)) { + (LIST_PREV(&curproxy->http_req_rules, struct act_rule *, list)->action == ACT_ACTION_ALLOW || + LIST_PREV(&curproxy->http_req_rules, struct act_rule *, list)->action == ACT_ACTION_DENY || + LIST_PREV(&curproxy->http_req_rules, struct act_rule *, list)->action == ACT_HTTP_REDIR || + LIST_PREV(&curproxy->http_req_rules, struct act_rule *, list)->action == ACT_HTTP_REQ_AUTH)) { Warning("parsing [%s:%d]: previous '%s' action is final and has no condition attached, further entries are NOOP.\n", file, linenum, args[0]); err_code |= ERR_WARN; @@ -3584,8 +3584,8 @@ int cfg_parse_listen(const char *file, int linenum, char **args, int kwm) if (!LIST_ISEMPTY(&curproxy->http_res_rules) && !LIST_PREV(&curproxy->http_res_rules, struct act_rule *, list)->cond && - (LIST_PREV(&curproxy->http_res_rules, struct act_rule *, list)->action == HTTP_RES_ACT_ALLOW || - LIST_PREV(&curproxy->http_res_rules, struct act_rule *, list)->action == HTTP_RES_ACT_DENY)) { + (LIST_PREV(&curproxy->http_res_rules, struct act_rule *, list)->action == ACT_ACTION_ALLOW || + LIST_PREV(&curproxy->http_res_rules, struct act_rule *, list)->action == ACT_ACTION_DENY)) { Warning("parsing [%s:%d]: previous '%s' action is final and has no condition attached, further entries are NOOP.\n", file, linenum, args[0]); err_code |= ERR_WARN; @@ -7536,7 +7536,7 @@ int check_config_validity() list_for_each_entry(trule, &curproxy->tcp_req.l4_rules, list) { struct proxy *target; - if (trule->action < TCP_ACT_TRK_SC0 || trule->action > TCP_ACT_TRK_SCMAX) + if (trule->action < ACT_ACTION_TRK_SC0 || trule->action > ACT_ACTION_TRK_SCMAX) continue; if (trule->arg.trk_ctr.table.n) @@ -7575,7 +7575,7 @@ int check_config_validity() list_for_each_entry(trule, &curproxy->tcp_req.inspect_rules, list) { struct proxy *target; - if (trule->action < TCP_ACT_TRK_SC0 || trule->action > TCP_ACT_TRK_SCMAX) + if (trule->action < ACT_ACTION_TRK_SC0 || trule->action > ACT_ACTION_TRK_SCMAX) continue; if (trule->arg.trk_ctr.table.n) @@ -7614,7 +7614,7 @@ int check_config_validity() list_for_each_entry(hrqrule, &curproxy->http_req_rules, list) { struct proxy *target; - if (hrqrule->action < HTTP_REQ_ACT_TRK_SC0 || hrqrule->action > HTTP_REQ_ACT_TRK_SCMAX) + if (hrqrule->action < ACT_ACTION_TRK_SC0 || hrqrule->action > ACT_ACTION_TRK_SCMAX) continue; if (hrqrule->arg.trk_ctr.table.n) @@ -8225,10 +8225,10 @@ out_uri_auth_compat: */ if ((curproxy->cap & PR_CAP_FE) && !curproxy->tcp_req.inspect_delay) { list_for_each_entry(trule, &curproxy->tcp_req.inspect_rules, list) { - if (trule->action == TCP_ACT_CAPTURE && + if (trule->action == ACT_TCP_CAPTURE && !(trule->arg.cap.expr->fetch->val & SMP_VAL_FE_SES_ACC)) break; - if ((trule->action >= TCP_ACT_TRK_SC0 && trule->action <= TCP_ACT_TRK_SCMAX) && + if ((trule->action >= ACT_ACTION_TRK_SC0 && trule->action <= ACT_ACTION_TRK_SCMAX) && !(trule->arg.trk_ctr.expr->fetch->val & SMP_VAL_FE_SES_ACC)) break; } diff --git a/src/hlua.c b/src/hlua.c index 0c03b775c..16ebc8d07 100644 --- a/src/hlua.c +++ b/src/hlua.c @@ -3095,7 +3095,7 @@ __LJMP static int hlua_http_req_rep_hdr(lua_State *L) MAY_LJMP(check_args(L, 4, "req_rep_hdr")); htxn = MAY_LJMP(hlua_checkhttp(L, 1)); - return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->req, HTTP_REQ_ACT_REPLACE_HDR)); + return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->req, ACT_HTTP_REPLACE_HDR)); } __LJMP static int hlua_http_res_rep_hdr(lua_State *L) @@ -3105,7 +3105,7 @@ __LJMP static int hlua_http_res_rep_hdr(lua_State *L) MAY_LJMP(check_args(L, 4, "res_rep_hdr")); htxn = MAY_LJMP(hlua_checkhttp(L, 1)); - return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->rsp, HTTP_RES_ACT_REPLACE_HDR)); + return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->rsp, ACT_HTTP_REPLACE_HDR)); } __LJMP static int hlua_http_req_rep_val(lua_State *L) @@ -3115,7 +3115,7 @@ __LJMP static int hlua_http_req_rep_val(lua_State *L) MAY_LJMP(check_args(L, 4, "req_rep_hdr")); htxn = MAY_LJMP(hlua_checkhttp(L, 1)); - return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->req, HTTP_REQ_ACT_REPLACE_VAL)); + return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->req, ACT_HTTP_REPLACE_VAL)); } __LJMP static int hlua_http_res_rep_val(lua_State *L) @@ -3125,7 +3125,7 @@ __LJMP static int hlua_http_res_rep_val(lua_State *L) MAY_LJMP(check_args(L, 4, "res_rep_val")); htxn = MAY_LJMP(hlua_checkhttp(L, 1)); - return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->rsp, HTTP_RES_ACT_REPLACE_VAL)); + return MAY_LJMP(hlua_http_rep_hdr(L, htxn, &htxn->s->txn->rsp, ACT_HTTP_REPLACE_VAL)); } /* This function deletes all the occurences of an header. diff --git a/src/proto_http.c b/src/proto_http.c index 17278aa0f..6bd73b1cd 100644 --- a/src/proto_http.c +++ b/src/proto_http.c @@ -3350,12 +3350,10 @@ int http_transform_header_str(struct stream* s, struct http_msg *msg, /* Choose the header browsing function. */ switch (action) { - case HTTP_REQ_ACT_REPLACE_VAL: - case HTTP_RES_ACT_REPLACE_VAL: + case ACT_HTTP_REPLACE_VAL: http_find_hdr_func = http_find_header2; break; - case HTTP_REQ_ACT_REPLACE_HDR: - case HTTP_RES_ACT_REPLACE_HDR: + case ACT_HTTP_REPLACE_HDR: http_find_hdr_func = http_find_full_header2; break; default: /* impossible */ @@ -3449,19 +3447,19 @@ http_req_get_intercept_rule(struct proxy *px, struct list *rules, struct stream resume_execution: switch (rule->action) { - case HTTP_REQ_ACT_ALLOW: + case ACT_ACTION_ALLOW: return HTTP_RULE_RES_STOP; - case HTTP_REQ_ACT_DENY: + case ACT_ACTION_DENY: txn->rule_deny_status = rule->deny_status; return HTTP_RULE_RES_DENY; - case HTTP_REQ_ACT_TARPIT: + case ACT_HTTP_REQ_TARPIT: txn->flags |= TX_CLTARPIT; txn->rule_deny_status = rule->deny_status; return HTTP_RULE_RES_DENY; - case HTTP_REQ_ACT_AUTH: + case ACT_HTTP_REQ_AUTH: /* Auth might be performed on regular http-req rules as well as on stats */ auth_realm = rule->arg.auth.realm; if (!auth_realm) { @@ -3480,33 +3478,33 @@ resume_execution: stream_inc_http_err_ctr(s); return HTTP_RULE_RES_ABRT; - case HTTP_REQ_ACT_REDIR: + case ACT_HTTP_REDIR: if (!http_apply_redirect_rule(rule->arg.redir, s, txn)) return HTTP_RULE_RES_BADREQ; return HTTP_RULE_RES_DONE; - case HTTP_REQ_ACT_SET_NICE: + case ACT_HTTP_SET_NICE: s->task->nice = rule->arg.nice; break; - case HTTP_REQ_ACT_SET_TOS: + case ACT_HTTP_SET_TOS: if ((cli_conn = objt_conn(sess->origin)) && conn_ctrl_ready(cli_conn)) inet_set_tos(cli_conn->t.sock.fd, cli_conn->addr.from, rule->arg.tos); break; - case HTTP_REQ_ACT_SET_MARK: + case ACT_HTTP_SET_MARK: #ifdef SO_MARK if ((cli_conn = objt_conn(sess->origin)) && conn_ctrl_ready(cli_conn)) setsockopt(cli_conn->t.sock.fd, SOL_SOCKET, SO_MARK, &rule->arg.mark, sizeof(rule->arg.mark)); #endif break; - case HTTP_REQ_ACT_SET_LOGL: + case ACT_HTTP_SET_LOGL: s->logs.level = rule->arg.loglevel; break; - case HTTP_REQ_ACT_REPLACE_HDR: - case HTTP_REQ_ACT_REPLACE_VAL: + case ACT_HTTP_REPLACE_HDR: + case ACT_HTTP_REPLACE_VAL: if (http_transform_header(s, &txn->req, rule->arg.hdr_add.name, rule->arg.hdr_add.name_len, &rule->arg.hdr_add.fmt, @@ -3514,7 +3512,7 @@ resume_execution: return HTTP_RULE_RES_BADREQ; break; - case HTTP_REQ_ACT_DEL_HDR: + case ACT_HTTP_DEL_HDR: ctx.idx = 0; /* remove all occurrences of the header */ while (http_find_header2(rule->arg.hdr_add.name, rule->arg.hdr_add.name_len, @@ -3523,8 +3521,8 @@ resume_execution: } break; - case HTTP_REQ_ACT_SET_HDR: - case HTTP_REQ_ACT_ADD_HDR: + case ACT_HTTP_SET_HDR: + case ACT_HTTP_ADD_HDR: chunk_printf(&trash, "%s: ", rule->arg.hdr_add.name); memcpy(trash.str, rule->arg.hdr_add.name, rule->arg.hdr_add.name_len); trash.len = rule->arg.hdr_add.name_len; @@ -3532,7 +3530,7 @@ resume_execution: trash.str[trash.len++] = ' '; trash.len += build_logline(s, trash.str + trash.len, trash.size - trash.len, &rule->arg.hdr_add.fmt); - if (rule->action == HTTP_REQ_ACT_SET_HDR) { + if (rule->action == ACT_HTTP_SET_HDR) { /* remove all occurrences of the header */ ctx.idx = 0; while (http_find_header2(rule->arg.hdr_add.name, rule->arg.hdr_add.name_len, @@ -3544,8 +3542,8 @@ resume_execution: http_header_add_tail2(&txn->req, &txn->hdr_idx, trash.str, trash.len); break; - case HTTP_REQ_ACT_DEL_ACL: - case HTTP_REQ_ACT_DEL_MAP: { + case ACT_HTTP_DEL_ACL: + case ACT_HTTP_DEL_MAP: { struct pat_ref *ref; char *key; int len; @@ -3567,7 +3565,7 @@ resume_execution: break; } - case HTTP_REQ_ACT_ADD_ACL: { + case ACT_HTTP_ADD_ACL: { struct pat_ref *ref; char *key; struct chunk *trash_key; @@ -3593,7 +3591,7 @@ resume_execution: break; } - case HTTP_REQ_ACT_SET_MAP: { + case ACT_HTTP_SET_MAP: { struct pat_ref *ref; char *key, *value; struct chunk *trash_key, *trash_value; @@ -3639,7 +3637,7 @@ resume_execution: rule->action_ptr(rule, px, s->sess, s); return HTTP_RULE_RES_DONE; - case HTTP_REQ_ACT_TRK_SC0 ... HTTP_REQ_ACT_TRK_SCMAX: + case ACT_ACTION_TRK_SC0 ... ACT_ACTION_TRK_SCMAX: /* Note: only the first valid tracking parameter of each * applies. */ @@ -3673,7 +3671,7 @@ resume_execution: } break; - case HTTP_REQ_ACT_SET_SRC: + case ACT_HTTP_REQ_SET_SRC: if ((cli_conn = objt_conn(sess->origin)) && conn_ctrl_ready(cli_conn)) { struct sample *smp; @@ -3754,35 +3752,35 @@ http_res_get_intercept_rule(struct proxy *px, struct list *rules, struct stream resume_execution: switch (rule->action) { - case HTTP_RES_ACT_ALLOW: + case ACT_ACTION_ALLOW: return HTTP_RULE_RES_STOP; /* "allow" rules are OK */ - case HTTP_RES_ACT_DENY: + case ACT_ACTION_DENY: txn->flags |= TX_SVDENY; return HTTP_RULE_RES_STOP; - case HTTP_RES_ACT_SET_NICE: + case ACT_HTTP_SET_NICE: s->task->nice = rule->arg.nice; break; - case HTTP_RES_ACT_SET_TOS: + case ACT_HTTP_SET_TOS: if ((cli_conn = objt_conn(sess->origin)) && conn_ctrl_ready(cli_conn)) inet_set_tos(cli_conn->t.sock.fd, cli_conn->addr.from, rule->arg.tos); break; - case HTTP_RES_ACT_SET_MARK: + case ACT_HTTP_SET_MARK: #ifdef SO_MARK if ((cli_conn = objt_conn(sess->origin)) && conn_ctrl_ready(cli_conn)) setsockopt(cli_conn->t.sock.fd, SOL_SOCKET, SO_MARK, &rule->arg.mark, sizeof(rule->arg.mark)); #endif break; - case HTTP_RES_ACT_SET_LOGL: + case ACT_HTTP_SET_LOGL: s->logs.level = rule->arg.loglevel; break; - case HTTP_RES_ACT_REPLACE_HDR: - case HTTP_RES_ACT_REPLACE_VAL: + case ACT_HTTP_REPLACE_HDR: + case ACT_HTTP_REPLACE_VAL: if (http_transform_header(s, &txn->rsp, rule->arg.hdr_add.name, rule->arg.hdr_add.name_len, &rule->arg.hdr_add.fmt, @@ -3790,7 +3788,7 @@ resume_execution: return HTTP_RULE_RES_STOP; /* note: we should report an error here */ break; - case HTTP_RES_ACT_DEL_HDR: + case ACT_HTTP_DEL_HDR: ctx.idx = 0; /* remove all occurrences of the header */ while (http_find_header2(rule->arg.hdr_add.name, rule->arg.hdr_add.name_len, @@ -3799,8 +3797,8 @@ resume_execution: } break; - case HTTP_RES_ACT_SET_HDR: - case HTTP_RES_ACT_ADD_HDR: + case ACT_HTTP_SET_HDR: + case ACT_HTTP_ADD_HDR: chunk_printf(&trash, "%s: ", rule->arg.hdr_add.name); memcpy(trash.str, rule->arg.hdr_add.name, rule->arg.hdr_add.name_len); trash.len = rule->arg.hdr_add.name_len; @@ -3808,7 +3806,7 @@ resume_execution: trash.str[trash.len++] = ' '; trash.len += build_logline(s, trash.str + trash.len, trash.size - trash.len, &rule->arg.hdr_add.fmt); - if (rule->action == HTTP_RES_ACT_SET_HDR) { + if (rule->action == ACT_HTTP_SET_HDR) { /* remove all occurrences of the header */ ctx.idx = 0; while (http_find_header2(rule->arg.hdr_add.name, rule->arg.hdr_add.name_len, @@ -3819,8 +3817,8 @@ resume_execution: http_header_add_tail2(&txn->rsp, &txn->hdr_idx, trash.str, trash.len); break; - case HTTP_RES_ACT_DEL_ACL: - case HTTP_RES_ACT_DEL_MAP: { + case ACT_HTTP_DEL_ACL: + case ACT_HTTP_DEL_MAP: { struct pat_ref *ref; char *key; int len; @@ -3842,7 +3840,7 @@ resume_execution: break; } - case HTTP_RES_ACT_ADD_ACL: { + case ACT_HTTP_ADD_ACL: { struct pat_ref *ref; char *key; struct chunk *trash_key; @@ -3868,7 +3866,7 @@ resume_execution: break; } - case HTTP_RES_ACT_SET_MAP: { + case ACT_HTTP_SET_MAP: { struct pat_ref *ref; char *key, *value; struct chunk *trash_key, *trash_value; @@ -3903,7 +3901,7 @@ resume_execution: break; } - case HTTP_RES_ACT_REDIR: + case ACT_HTTP_REDIR: if (!http_apply_redirect_rule(rule->arg.redir, s, txn)) return HTTP_RULE_RES_BADREQ; return HTTP_RULE_RES_DONE; @@ -8911,7 +8909,7 @@ void free_http_req_rules(struct list *r) list_for_each_entry_safe(pr, tr, r, list) { LIST_DEL(&pr->list); - if (pr->action == HTTP_REQ_ACT_AUTH) + if (pr->action == ACT_HTTP_REQ_AUTH) free(pr->arg.auth.realm); regex_free(&pr->arg.hdr_add.re); @@ -8935,13 +8933,13 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li rule->deny_status = HTTP_ERR_403; if (!strcmp(args[0], "allow")) { - rule->action = HTTP_REQ_ACT_ALLOW; + rule->action = ACT_ACTION_ALLOW; cur_arg = 1; } else if (!strcmp(args[0], "deny") || !strcmp(args[0], "block")) { int code; int hc; - rule->action = HTTP_REQ_ACT_DENY; + rule->action = ACT_ACTION_DENY; cur_arg = 1; if (strcmp(args[cur_arg], "deny_status") == 0) { cur_arg++; @@ -8966,10 +8964,10 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li } } } else if (!strcmp(args[0], "tarpit")) { - rule->action = HTTP_REQ_ACT_TARPIT; + rule->action = ACT_HTTP_REQ_TARPIT; cur_arg = 1; } else if (!strcmp(args[0], "auth")) { - rule->action = HTTP_REQ_ACT_AUTH; + rule->action = ACT_HTTP_REQ_AUTH; cur_arg = 1; while(*args[cur_arg]) { @@ -8981,7 +8979,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li break; } } else if (!strcmp(args[0], "set-nice")) { - rule->action = HTTP_REQ_ACT_SET_NICE; + rule->action = ACT_HTTP_SET_NICE; cur_arg = 1; if (!*args[cur_arg] || @@ -8999,7 +8997,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li } else if (!strcmp(args[0], "set-tos")) { #ifdef IP_TOS char *err; - rule->action = HTTP_REQ_ACT_SET_TOS; + rule->action = ACT_HTTP_SET_TOS; cur_arg = 1; if (!*args[cur_arg] || @@ -9023,7 +9021,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li } else if (!strcmp(args[0], "set-mark")) { #ifdef SO_MARK char *err; - rule->action = HTTP_REQ_ACT_SET_MARK; + rule->action = ACT_HTTP_SET_MARK; cur_arg = 1; if (!*args[cur_arg] || @@ -9046,7 +9044,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li goto out_err; #endif } else if (!strcmp(args[0], "set-log-level")) { - rule->action = HTTP_REQ_ACT_SET_LOGL; + rule->action = ACT_HTTP_SET_LOGL; cur_arg = 1; if (!*args[cur_arg] || @@ -9062,7 +9060,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li goto bad_log_level; cur_arg++; } else if (strcmp(args[0], "add-header") == 0 || strcmp(args[0], "set-header") == 0) { - rule->action = *args[0] == 'a' ? HTTP_REQ_ACT_ADD_HDR : HTTP_REQ_ACT_SET_HDR; + rule->action = *args[0] == 'a' ? ACT_HTTP_ADD_HDR : ACT_HTTP_SET_HDR; cur_arg = 1; if (!*args[cur_arg] || !*args[cur_arg+1] || @@ -9085,7 +9083,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li proxy->conf.lfs_line = proxy->conf.args.line; cur_arg += 2; } else if (strcmp(args[0], "replace-header") == 0 || strcmp(args[0], "replace-value") == 0) { - rule->action = args[0][8] == 'h' ? HTTP_REQ_ACT_REPLACE_HDR : HTTP_REQ_ACT_REPLACE_VAL; + rule->action = args[0][8] == 'h' ? ACT_HTTP_REPLACE_HDR : ACT_HTTP_REPLACE_VAL; cur_arg = 1; if (!*args[cur_arg] || !*args[cur_arg+1] || !*args[cur_arg+2] || @@ -9117,7 +9115,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li proxy->conf.lfs_line = proxy->conf.args.line; cur_arg += 3; } else if (strcmp(args[0], "del-header") == 0) { - rule->action = HTTP_REQ_ACT_DEL_HDR; + rule->action = ACT_HTTP_DEL_HDR; cur_arg = 1; if (!*args[cur_arg] || @@ -9181,7 +9179,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li cur_arg++; } rule->arg.trk_ctr.expr = expr; - rule->action = HTTP_REQ_ACT_TRK_SC0 + args[0][8] - '0'; + rule->action = ACT_ACTION_TRK_SC0 + args[0][8] - '0'; } else if (strcmp(args[0], "redirect") == 0) { struct redirect_rule *redir; char *errmsg = NULL; @@ -9195,7 +9193,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li /* this redirect rule might already contain a parsed condition which * we'll pass to the http-request rule. */ - rule->action = HTTP_REQ_ACT_REDIR; + rule->action = ACT_HTTP_REDIR; rule->arg.redir = redir; rule->cond = redir->cond; redir->cond = NULL; @@ -9203,7 +9201,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li return rule; } else if (strncmp(args[0], "add-acl", 7) == 0) { /* http-request add-acl() */ - rule->action = HTTP_REQ_ACT_ADD_ACL; + rule->action = ACT_HTTP_ADD_ACL; /* * '+ 8' for 'add-acl(' * '- 9' for 'add-acl(' + trailing ')' @@ -9230,7 +9228,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li cur_arg += 1; } else if (strncmp(args[0], "del-acl", 7) == 0) { /* http-request del-acl() */ - rule->action = HTTP_REQ_ACT_DEL_ACL; + rule->action = ACT_HTTP_DEL_ACL; /* * '+ 8' for 'del-acl(' * '- 9' for 'del-acl(' + trailing ')' @@ -9257,7 +9255,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li cur_arg += 1; } else if (strncmp(args[0], "del-map", 7) == 0) { /* http-request del-map() */ - rule->action = HTTP_REQ_ACT_DEL_MAP; + rule->action = ACT_HTTP_DEL_MAP; /* * '+ 8' for 'del-map(' * '- 9' for 'del-map(' + trailing ')' @@ -9284,7 +9282,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li cur_arg += 1; } else if (strncmp(args[0], "set-map", 7) == 0) { /* http-request set-map() */ - rule->action = HTTP_REQ_ACT_SET_MAP; + rule->action = ACT_HTTP_SET_MAP; /* * '+ 8' for 'set-map(' * '- 9' for 'set-map(' + trailing ')' @@ -9350,7 +9348,7 @@ struct act_rule *parse_http_req_cond(const char **args, const char *file, int li } rule->arg.expr = expr; - rule->action = HTTP_REQ_ACT_SET_SRC; + rule->action = ACT_HTTP_REQ_SET_SRC; } else if (((custom = action_http_req_custom(args[0])) != NULL)) { char *errmsg = NULL; cur_arg = 1; @@ -9408,13 +9406,13 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li } if (!strcmp(args[0], "allow")) { - rule->action = HTTP_RES_ACT_ALLOW; + rule->action = ACT_ACTION_ALLOW; cur_arg = 1; } else if (!strcmp(args[0], "deny")) { - rule->action = HTTP_RES_ACT_DENY; + rule->action = ACT_ACTION_DENY; cur_arg = 1; } else if (!strcmp(args[0], "set-nice")) { - rule->action = HTTP_RES_ACT_SET_NICE; + rule->action = ACT_HTTP_SET_NICE; cur_arg = 1; if (!*args[cur_arg] || @@ -9432,7 +9430,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li } else if (!strcmp(args[0], "set-tos")) { #ifdef IP_TOS char *err; - rule->action = HTTP_RES_ACT_SET_TOS; + rule->action = ACT_HTTP_SET_TOS; cur_arg = 1; if (!*args[cur_arg] || @@ -9456,7 +9454,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li } else if (!strcmp(args[0], "set-mark")) { #ifdef SO_MARK char *err; - rule->action = HTTP_RES_ACT_SET_MARK; + rule->action = ACT_HTTP_SET_MARK; cur_arg = 1; if (!*args[cur_arg] || @@ -9479,7 +9477,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li goto out_err; #endif } else if (!strcmp(args[0], "set-log-level")) { - rule->action = HTTP_RES_ACT_SET_LOGL; + rule->action = ACT_HTTP_SET_LOGL; cur_arg = 1; if (!*args[cur_arg] || @@ -9495,7 +9493,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li goto bad_log_level; cur_arg++; } else if (strcmp(args[0], "add-header") == 0 || strcmp(args[0], "set-header") == 0) { - rule->action = *args[0] == 'a' ? HTTP_RES_ACT_ADD_HDR : HTTP_RES_ACT_SET_HDR; + rule->action = *args[0] == 'a' ? ACT_HTTP_ADD_HDR : ACT_HTTP_SET_HDR; cur_arg = 1; if (!*args[cur_arg] || !*args[cur_arg+1] || @@ -9518,7 +9516,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li proxy->conf.lfs_line = proxy->conf.args.line; cur_arg += 2; } else if (strcmp(args[0], "replace-header") == 0 || strcmp(args[0], "replace-value") == 0) { - rule->action = args[0][8] == 'h' ? HTTP_RES_ACT_REPLACE_HDR : HTTP_RES_ACT_REPLACE_VAL; + rule->action = args[0][8] == 'h' ? ACT_HTTP_REPLACE_HDR : ACT_HTTP_REPLACE_VAL; cur_arg = 1; if (!*args[cur_arg] || !*args[cur_arg+1] || !*args[cur_arg+2] || @@ -9550,7 +9548,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li proxy->conf.lfs_line = proxy->conf.args.line; cur_arg += 3; } else if (strcmp(args[0], "del-header") == 0) { - rule->action = HTTP_RES_ACT_DEL_HDR; + rule->action = ACT_HTTP_DEL_HDR; cur_arg = 1; if (!*args[cur_arg] || @@ -9570,7 +9568,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li cur_arg += 1; } else if (strncmp(args[0], "add-acl", 7) == 0) { /* http-request add-acl() */ - rule->action = HTTP_RES_ACT_ADD_ACL; + rule->action = ACT_HTTP_ADD_ACL; /* * '+ 8' for 'add-acl(' * '- 9' for 'add-acl(' + trailing ')' @@ -9598,7 +9596,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li cur_arg += 1; } else if (strncmp(args[0], "del-acl", 7) == 0) { /* http-response del-acl() */ - rule->action = HTTP_RES_ACT_DEL_ACL; + rule->action = ACT_HTTP_DEL_ACL; /* * '+ 8' for 'del-acl(' * '- 9' for 'del-acl(' + trailing ')' @@ -9625,7 +9623,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li cur_arg += 1; } else if (strncmp(args[0], "del-map", 7) == 0) { /* http-response del-map() */ - rule->action = HTTP_RES_ACT_DEL_MAP; + rule->action = ACT_HTTP_DEL_MAP; /* * '+ 8' for 'del-map(' * '- 9' for 'del-map(' + trailing ')' @@ -9652,7 +9650,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li cur_arg += 1; } else if (strncmp(args[0], "set-map", 7) == 0) { /* http-response set-map() */ - rule->action = HTTP_RES_ACT_SET_MAP; + rule->action = ACT_HTTP_SET_MAP; /* * '+ 8' for 'set-map(' * '- 9' for 'set-map(' + trailing ')' @@ -9701,7 +9699,7 @@ struct act_rule *parse_http_res_cond(const char **args, const char *file, int li /* this redirect rule might already contain a parsed condition which * we'll pass to the http-request rule. */ - rule->action = HTTP_RES_ACT_REDIR; + rule->action = ACT_HTTP_REDIR; rule->arg.redir = redir; rule->cond = redir->cond; redir->cond = NULL; diff --git a/src/proto_tcp.c b/src/proto_tcp.c index ef32207bd..3c70357da 100644 --- a/src/proto_tcp.c +++ b/src/proto_tcp.c @@ -1161,10 +1161,10 @@ int tcp_inspect_request(struct stream *s, struct channel *req, int an_bit) if (ret) { resume_execution: /* we have a matching rule. */ - if (rule->action == TCP_ACT_ACCEPT) { + if (rule->action == ACT_ACTION_ALLOW) { break; } - else if (rule->action == TCP_ACT_REJECT) { + else if (rule->action == ACT_ACTION_DENY) { channel_abort(req); channel_abort(&s->res); req->analysers = 0; @@ -1180,7 +1180,7 @@ resume_execution: s->flags |= SF_FINST_R; return 0; } - else if (rule->action >= TCP_ACT_TRK_SC0 && rule->action <= TCP_ACT_TRK_SCMAX) { + else if (rule->action >= ACT_ACTION_TRK_SC0 && rule->action <= ACT_ACTION_TRK_SCMAX) { /* Note: only the first valid tracking parameter of each * applies. */ @@ -1203,7 +1203,7 @@ resume_execution: stkctr_set_flags(&s->stkctr[tcp_trk_idx(rule->action)], STKCTR_TRACK_BACKEND); } } - else if (rule->action == TCP_ACT_CAPTURE) { + else if (rule->action == ACT_TCP_CAPTURE) { struct sample *key; struct cap_hdr *h = rule->arg.cap.hdr; char **cap = s->req_cap; @@ -1329,10 +1329,10 @@ int tcp_inspect_response(struct stream *s, struct channel *rep, int an_bit) if (ret) { resume_execution: /* we have a matching rule. */ - if (rule->action == TCP_ACT_ACCEPT) { + if (rule->action == ACT_ACTION_ALLOW) { break; } - else if (rule->action == TCP_ACT_REJECT) { + else if (rule->action == ACT_ACTION_DENY) { channel_abort(rep); channel_abort(&s->req); rep->analysers = 0; @@ -1348,7 +1348,7 @@ resume_execution: s->flags |= SF_FINST_D; return 0; } - else if (rule->action == TCP_ACT_CLOSE) { + else if (rule->action == ACT_TCP_CLOSE) { chn_prod(rep)->flags |= SI_FL_NOLINGER | SI_FL_NOHALF; si_shutr(chn_prod(rep)); si_shutw(chn_prod(rep)); @@ -1408,10 +1408,10 @@ int tcp_exec_req_rules(struct session *sess) if (ret) { /* we have a matching rule. */ - if (rule->action == TCP_ACT_ACCEPT) { + if (rule->action == ACT_ACTION_ALLOW) { break; } - else if (rule->action == TCP_ACT_REJECT) { + else if (rule->action == ACT_ACTION_DENY) { sess->fe->fe_counters.denied_conn++; if (sess->listener->counters) sess->listener->counters->denied_conn++; @@ -1419,7 +1419,7 @@ int tcp_exec_req_rules(struct session *sess) result = 0; break; } - else if (rule->action >= TCP_ACT_TRK_SC0 && rule->action <= TCP_ACT_TRK_SCMAX) { + else if (rule->action >= ACT_ACTION_TRK_SC0 && rule->action <= ACT_ACTION_TRK_SCMAX) { /* Note: only the first valid tracking parameter of each * applies. */ @@ -1434,7 +1434,7 @@ int tcp_exec_req_rules(struct session *sess) if (key && (ts = stktable_get_entry(t, key))) stream_track_stkctr(&sess->stkctr[tcp_trk_idx(rule->action)], t, ts); } - else if (rule->action == TCP_ACT_EXPECT_PX) { + else if (rule->action == ACT_TCP_EXPECT_PX) { conn->flags |= CO_FL_ACCEPT_PROXY; conn_sock_want_recv(conn); } @@ -1469,15 +1469,15 @@ static int tcp_parse_response_rule(char **args, int arg, int section_type, if (strcmp(args[arg], "accept") == 0) { arg++; - rule->action = TCP_ACT_ACCEPT; + rule->action = ACT_ACTION_ALLOW; } else if (strcmp(args[arg], "reject") == 0) { arg++; - rule->action = TCP_ACT_REJECT; + rule->action = ACT_ACTION_DENY; } else if (strcmp(args[arg], "close") == 0) { arg++; - rule->action = TCP_ACT_CLOSE; + rule->action = ACT_TCP_CLOSE; } else { struct tcp_action_kw *kw; @@ -1528,11 +1528,11 @@ static int tcp_parse_request_rule(char **args, int arg, int section_type, if (!strcmp(args[arg], "accept")) { arg++; - rule->action = TCP_ACT_ACCEPT; + rule->action = ACT_ACTION_ALLOW; } else if (!strcmp(args[arg], "reject")) { arg++; - rule->action = TCP_ACT_REJECT; + rule->action = ACT_ACTION_DENY; } else if (strcmp(args[arg], "capture") == 0) { struct sample_expr *expr; @@ -1618,7 +1618,7 @@ static int tcp_parse_request_rule(char **args, int arg, int section_type, rule->arg.cap.expr = expr; rule->arg.cap.hdr = hdr; - rule->action = TCP_ACT_CAPTURE; + rule->action = ACT_TCP_CAPTURE; } else if (strncmp(args[arg], "track-sc", 8) == 0 && args[arg][9] == '\0' && args[arg][8] >= '0' && @@ -1662,7 +1662,7 @@ static int tcp_parse_request_rule(char **args, int arg, int section_type, arg++; } rule->arg.trk_ctr.expr = expr; - rule->action = TCP_ACT_TRK_SC0 + args[kw][8] - '0'; + rule->action = ACT_ACTION_TRK_SC0 + args[kw][8] - '0'; } else if (strcmp(args[arg], "expect-proxy") == 0) { if (strcmp(args[arg+1], "layer4") != 0) { @@ -1680,7 +1680,7 @@ static int tcp_parse_request_rule(char **args, int arg, int section_type, } arg += 2; - rule->action = TCP_ACT_EXPECT_PX; + rule->action = ACT_TCP_EXPECT_PX; } else { struct tcp_action_kw *kw;