mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2025-08-07 07:37:02 +02:00
Code Issues Projects Releases Wiki Activity

MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules

Browse Source 
This patch was reverted because it was inconsitent to change connection
addresses at stream level. Especially in HTTP because all requests was
affected by this change and not only the current one. In HTTP/2, it was
worse. Several streams was able to change the connection addresses at the
same time.

It is no longer an issue, thanks to recent changes. With multi-level client
source and destination addresses, it is possible to limit the change to the
current request. Thus this patch can be reintroduced.

If it possible to set source IP/Port from "tcp-request connection",
"tcp-request session" and "http-request" rules but not from "tcp-request
content" rules. There is no reason for this limitation and it may be a
problem for anyone wanting to call a lua fetch to dynamically set source
IP/Port from a TCP proxy. Indeed, to call a lua fetch, we must have a
stream. And there is no stream when "tcp-request connection/session" rules
are evaluated.

Thanks to this patch, "set-src" and "set-src-port" action are now supported
by "tcp_request content" rules.

This patch is related to the issue #1303.
This commit is contained in:
Christopher Faulet 2021-06-23 12:07:21 +02:00
parent d69377eb02
commit 1e83b70409
2 changed files with 11 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
doc/configuration.txt
View File

@ -12179,6 +12179,8 @@ tcp-request content <action> [{if | unless} <condition>]
- set-nice <nice>
- set-priority-class <expr>
- set-priority-offset <expr>
- set-src <expr>
- set-src-port <expr>
- set-tos <tos>
- set-var(<var-name>) <expr>
- set-var-fmt(<var-name>) <fmt>
@ -12397,6 +12399,13 @@ tcp-request content set-priority-offset <expr> [ { if | unless } <condition> ]
request. Please refer to "http-request set-priority-offset" for a complete
description.
tcp-request content set-src <expr> [ { if | unless } <condition> ]
tcp-request content set-src-port <expr> [ { if | unless } <condition> ]
These actions are used to set the source IP/Port address to the value of
specified expression. Please refer to "http-request set-src" and
"http-request set-src-port" for a complete description.
tcp-request content set-tos <tos> [ { if | unless } <condition> ]
This is used to set the TOS or DSCP field value of packets sent to the client

2
src/tcp_act.c
View File

@ -509,6 +509,8 @@ static struct action_kw_list tcp_req_sess_actions = {ILH, {
INITCALL1(STG_REGISTER, tcp_req_sess_keywords_register, &tcp_req_sess_actions);
static struct action_kw_list tcp_req_cont_actions = {ILH, {
{ "set-src", tcp_parse_set_src_dst },
{ "set-src-port", tcp_parse_set_src_dst },
{ "set-dst" , tcp_parse_set_src_dst },
{ "set-dst-port", tcp_parse_set_src_dst },
{ "set-mark", tcp_parse_set_mark },