mirrors/haproxy
1
0
Fork 0
mirror of https://git.haproxy.org/git/haproxy.git/ synced 2026-05-04 12:41:00 +02:00
Code Issues Projects Releases Wiki Activity

[MINOR] allow TCP inspection rules to make use of HTTP ACLs

Browse Source 
Since we can call the HTTP parser from TCP inspection rules, it makes
sense to be able to use the HTTP ACLs with it. That way, we can decide
from a TCP frontend to take a switching decision based on full layer7
decoding. This might be useful to perform layer7 content switching from
a layer4 frontend in fact. For instance, we might want to be able to
detect http/https on a frontend, but still switch to backend X or Y
depending on the Host header. Note that it is mandatory to wait for
an HTTP request otherwise the ACLs will randomly match.
This commit is contained in:
Willy Tarreau 2009-07-12 10:10:05 +02:00
parent cd7afc0a13
commit 51d5dad90a
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/proto_tcp.c
View File

@ -406,7 +406,7 @@ int tcp_inspect_request(struct session *s, struct buffer *req, int an_bit)
int ret = ACL_PAT_PASS;
if (rule->cond) {
ret = acl_exec_cond(rule->cond, s->fe, s, NULL, ACL_DIR_REQ | partial);
ret = acl_exec_cond(rule->cond, s->fe, s, &s->txn, ACL_DIR_REQ | partial);
if (ret == ACL_PAT_MISS) {
buffer_write_dis(req);
/* just set the request timeout once at the beginning of the request */