From a3eb39ca6280897115cb31f6d5a1fb74821a80f2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Herv=C3=A9=20COMMOWICK?= Date: Fri, 5 Aug 2011 18:48:51 +0200 Subject: [PATCH] [DOC] small fixes to clearly distinguish between keyword and variables Variables needs to be presented inside <> to be distinguished from keywords --- doc/configuration.txt | 104 +++++++++++++++++++++--------------------- 1 file changed, 52 insertions(+), 52 deletions(-) diff --git a/doc/configuration.txt b/doc/configuration.txt index f4c1692e5..ffa5c5f82 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -1319,7 +1319,7 @@ balance url_param [check_post []] that changing a server's weight on the fly will have no effect, but this can be changed using "hash-type". - hdr(name) The HTTP header will be looked up in each HTTP request. + hdr() The HTTP header will be looked up in each HTTP request. Just as with the equivalent ACL 'hdr()' function, the header name in parenthesis is not case sensitive. If the header is absent or if it does not contain any value, the roundrobin @@ -1335,7 +1335,7 @@ balance url_param [check_post []] but this can be changed using "hash-type". rdp-cookie - rdp-cookie(name) + rdp-cookie() The RDP cookie (or "mstshash" if omitted) will be looked up and hashed for each incoming TCP request. Just as with the equivalent ACL 'req_rdp_cookie()' function, the name @@ -4108,7 +4108,7 @@ no option transparent persist rdp-cookie -persist rdp-cookie(name) +persist rdp-cookie() Enable RDP cookie-based persistence May be used in sections : defaults | frontend | listen | backend yes | no | yes | yes @@ -7086,7 +7086,7 @@ always_true a temporary replacement for another one when adjusting configurations. avg_queue -avg_queue(backend) +avg_queue() Returns the total number of queued connections of the designated backend divided by the number of active servers. This is very similar to "queue" except that the size of the farm is considered, in order to give a more @@ -7100,7 +7100,7 @@ avg_queue(backend) "be_conn", and "be_sess_rate" criteria. be_conn -be_conn(backend) +be_conn() Applies to the number of currently established connections on the backend, possibly including the connection being evaluated. If no backend name is specified, the current one is used. But it is also possible to check another @@ -7112,7 +7112,7 @@ be_id backend it was called. be_sess_rate -be_sess_rate(backend) +be_sess_rate() Returns true when the sessions creation rate on the backend matches the specified values or ranges, in number of new sessions per second. This is used to switch to an alternate backend when an expensive or fragile one @@ -7127,7 +7127,7 @@ be_sess_rate(backend) redirect location /denied.html if being_scanned connslots -connslots(backend) +connslots() The basic idea here is to be able to measure the number of connection "slots" still available (connection + queue), so that anything beyond that (intended usage; see "use_backend" keyword) can be redirected to a different backend. @@ -7165,7 +7165,7 @@ dst_port to a different backend for some alternative ports. fe_conn -fe_conn(frontend) +fe_conn() Applies to the number of currently established connections on the frontend, possibly including the connection being evaluated. If no frontend name is specified, the current one is used. But it is also possible to check another @@ -7179,7 +7179,7 @@ fe_id frontend it was called. fe_sess_rate -fe_sess_rate(frontend) +fe_sess_rate() Returns true when the session creation rate on the current or the named frontend matches the specified values or ranges, expressed in new sessions per second. This is used to limit the connection rate to acceptable ranges in @@ -7202,7 +7202,7 @@ fe_sess_rate(frontend) tcp-request content accept if WAIT_END nbsrv -nbsrv(backend) +nbsrv() Returns true when the number of usable servers of either the current backend or the named backend matches the values or ranges specified. This is used to switch to an alternate backend when the number of servers is too low to @@ -7210,7 +7210,7 @@ nbsrv(backend) "monitor fail". queue -queue(backend) +queue() Returns the total number of queued connections of the designated backend, including all the connections in server queues. If no backend name is specified, the current one is used, but it is also possible to check another @@ -7333,56 +7333,56 @@ src address which is used, and not the address of a client behind a proxy. src_bytes_in_rate -src_bytes_in_rate(table) +src_bytes_in_rate() Returns the average bytes rate from the connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table, measured in amount of bytes over the period configured in the table. If the address is not found, zero is returned. See also sc1/sc2_bytes_in_rate. src_bytes_out_rate -src_bytes_out_rate(table) +src_bytes_out_rate(
) Returns the average bytes rate to the connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table, measured in amount of bytes over the period configured in the table. If the address is not found, zero is returned. See also sc1/sc2_bytes_out_rate. src_conn_cnt -src_conn_cnt(table) +src_conn_cnt(
) Returns the cumulated number of connections initiated from the current connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table. If the address is not found, zero is returned. See also sc1/sc2_conn_cnt. src_conn_cur -src_conn_cur(table) +src_conn_cur(
) Returns the current amount of concurrent connections initiated from the current connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table. If the address is not found, zero is returned. See also sc1/sc2_conn_cur. src_conn_rate -src_conn_rate(table) +src_conn_rate(
) Returns the average connection rate from the connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table, measured in amount of connections over the period configured in the table. If the address is not found, zero is returned. See also sc1/sc2_conn_rate. src_get_gpc0 -src_get_gpc0(table) +src_get_gpc0(
) Returns the value of the first General Purpose Counter associated to the connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table. If the address is not found, zero is returned. See also sc1/sc2_get_gpc0 and src_inc_gpc0. src_http_err_cnt -src_http_err_cnt(table) +src_http_err_cnt(
) Returns the cumulated number of HTTP errors from the current connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table. This includes the both request errors and 4xx error responses. If the address is not found, zero is returned. See also sc1/sc2_http_err_cnt. src_http_err_rate -src_http_err_rate(table) +src_http_err_rate(
) Returns the average rate of HTTP errors from the current connection's source IPv4 address in the current proxy's stick-table or in the designated stick- table, measured in amount of errors over the period configured in the table. @@ -7390,14 +7390,14 @@ src_http_err_rate(table) is not found, zero is returned. See also sc1/sc2_http_err_rate. src_http_req_cnt -src_http_req_cnt(table) +src_http_req_cnt(
) Returns the cumulated number of HTTP requests from the current connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table. This includes every started request, valid or not. If the address is not found, zero is returned. See also sc1/sc2_http_req_cnt. src_http_req_rate -src_http_req_rate(table) +src_http_req_rate(
) Returns the average rate of HTTP requests from the current connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table, measured in amount of requests over the period configured in the @@ -7405,7 +7405,7 @@ src_http_req_rate(table) not found, zero is returned. See also sc1/sc2_http_req_rate. src_inc_gpc0 -src_inc_gpc0(table) +src_inc_gpc0(
) Increments the first General Purpose Counter associated to the connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table, and returns its value. If the address is not found, an entry is @@ -7418,7 +7418,7 @@ src_inc_gpc0(table) tcp-request connection reject if abuse kill src_kbytes_in -src_kbytes_in(table) +src_kbytes_in(
) Returns the amount of data received from the connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table, measured in kilobytes over the period configured in the table. If the address is not @@ -7426,7 +7426,7 @@ src_kbytes_in(table) which limits values to 4 terabytes. See also sc1/sc2_kbytes_in. src_kbytes_out -src_kbytes_out(table) +src_kbytes_out(
) Returns the amount of data sent to the connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table, measured in kilobytes over the period configured in the table. If the address is not @@ -7437,7 +7437,7 @@ src_port Applies to the client's TCP source port. This has a very limited usage. src_sess_cnt -src_sess_cnt(table) +src_sess_cnt(
) Returns the cumulated number of connections initiated from the current connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table, that were transformed into sessions, which means that @@ -7445,7 +7445,7 @@ src_sess_cnt(table) is returned. See also sc1/sc2_sess_cnt. src_sess_rate -src_sess_rate(table) +src_sess_rate(
) Returns the average session rate from the connection's source IPv4 address in the current proxy's stick-table or in the designated stick-table, measured in amount of sessions over the period configured in the table. A session is a @@ -7453,7 +7453,7 @@ src_sess_rate(table) found, zero is returned. See also sc1/sc2_sess_rate. src_updt_conn_cnt -src_updt_conn_cnt(table) +src_updt_conn_cnt(
) Creates or updates the entry associated to the source IPv4 address in the current proxy's stick-table or in the designated stick-table. This table must be configured to store the "conn_cnt" data type, otherwise the match @@ -7474,7 +7474,7 @@ src_updt_conn_cnt(table) tcp-request content reject if { src_update_count gt 3 } server local 127.0.0.1:22 -srv_conn(backend/server) +srv_conn(/) Applies to the number of currently established connections on the server, possibly including the connection being evaluated. It can be used to use a specific farm when one server is full. @@ -7495,12 +7495,12 @@ srv_is_up(/) rules depending on those ACLs can be tweaked in realtime. table_avl -table_avl(table) +table_avl(
) Returns the total number of available entries in the current proxy's stick-table or in the designated stick-table. See also table_cnt. table_cnt -table_cnt(table) +table_cnt(
) Returns the total number of entries currently in use in the current proxy's stick-table or in the designated stick-table. See also src_conn_cnt and table_avl for other entry counting methods. @@ -7531,7 +7531,7 @@ req_proto_http using TCP request content inspection rules. req_rdp_cookie -req_rdp_cookie(name) +req_rdp_cookie() Returns true when data in the request buffer look like the RDP protocol, and a cookie is present and equal to . By default, any cookie name is checked, but a specific cookie name can be specified in parenthesis. The @@ -7542,7 +7542,7 @@ req_rdp_cookie(name) used to restrict access to certain servers to certain users. req_rdp_cookie_cnt -req_rdp_cookie_cnt(name) +req_rdp_cookie_cnt() Returns true when the data in the request buffer look like the RDP protocol and the number of RDP cookies matches the specified range (typically zero or one). Optionally a specific cookie name can be checked. This is a simple way @@ -7603,7 +7603,7 @@ read, and are only evaluated then. They may require slightly more CPU resources than the layer 4 ones, but not much since the request and response are indexed. hdr -hdr(header) +hdr(
) Note: all the "hdr*" matching criteria either apply to all headers, or to a particular header whose name is passed between parenthesis and without any space. The header name is not case-sensitive. The header matching complies @@ -7617,13 +7617,13 @@ hdr(header) hdr(Connection) -i close hdr_beg -hdr_beg(header) +hdr_beg(
) Returns true when one of the headers begins with one of the strings. See "hdr" for more information on header matching. Use the shdr_beg() variant for response headers sent by the server. hdr_cnt -hdr_cnt(header) +hdr_cnt(
) Returns true when the number of occurrence of the specified header matches the values or ranges specified. It is important to remember that one header line may count as several headers if it has several values. This is used to @@ -7633,7 +7633,7 @@ hdr_cnt(header) the shdr_cnt() variant for response headers sent by the server. hdr_dir -hdr_dir(header) +hdr_dir(
) Returns true when one of the headers contains one of the strings either isolated or delimited by slashes. This is used to perform filename or directory name matching, and may be used with Referer. See "hdr" for more @@ -7641,7 +7641,7 @@ hdr_dir(header) headers sent by the server. hdr_dom -hdr_dom(header) +hdr_dom(
) Returns true when one of the headers contains one of the strings either isolated or delimited by dots. This is used to perform domain name matching, and may be used with the Host header. See "hdr" for more information on @@ -7649,20 +7649,20 @@ hdr_dom(header) server. hdr_end -hdr_end(header) +hdr_end(
) Returns true when one of the headers ends with one of the strings. See "hdr" for more information on header matching. Use the shdr_end() variant for response headers sent by the server. hdr_ip -hdr_ip(header) +hdr_ip(
) Returns true when one of the headers' values contains an IP address matching . This is mainly used with headers such as X-Forwarded-For or X-Client-IP. See "hdr" for more information on header matching. Use the shdr_ip() variant for response headers sent by the server. hdr_reg -hdr_reg(header) +hdr_reg(
) Returns true when one of the headers matches of the regular expressions. It can be used at any time, but it is important to remember that regex matching is slower than other methods. See also other "hdr_" criteria, as well as @@ -7670,20 +7670,20 @@ hdr_reg(header) response headers sent by the server. hdr_sub -hdr_sub(header) +hdr_sub(
) Returns true when one of the headers contains one of the strings. See "hdr" for more information on header matching. Use the shdr_sub() variant for response headers sent by the server. hdr_val -hdr_val(header) +hdr_val(
) Returns true when one of the headers starts with a number which matches the values or ranges specified. This may be used to limit content-length to acceptable values for example. See "hdr" for more information on header matching. Use the shdr_val() variant for response headers sent by the server. -http_auth(userlist) -http_auth_group(userlist) []* +http_auth() +http_auth_group() []* Returns true when authentication data received from the client matches username & password stored on the userlist. It is also possible to use http_auth_group to check if the user is assigned to at least one @@ -7934,18 +7934,18 @@ The list of currently supported pattern fetch functions is the following : ports to some clients for a whole application session. It is of type integer and only works with such tables. - hdr(name) This extracts the last occurrence of header in an HTTP + hdr() This extracts the last occurrence of header in an HTTP request and converts it to an IP address. This IP address is then used to match the table. A typical use is with the x-forwarded-for header. - payload(offset,length) + payload(,) This extracts a binary block of bytes, and starting at bytes in the buffer of request or response (request on "stick on" or "stick match" or response in on "stick store response"). - payload_lv(offset1,length[,offset2]) + payload_lv(,[,]) This extracts a binary block. In a first step the size of the block is read from response or request buffer at bytes and considered coded on bytes. In a second step @@ -7955,14 +7955,14 @@ The list of currently supported pattern fetch functions is the following : + else it is absolute. Ex: see SSL session id example in "stick table" chapter. - url_param(name) + url_param() This extracts the first occurrence of the parameter in the query string of the request and uses the corresponding value to match. A typical use is to get sticky session through url (e.g. http://example.com/foo?JESSIONID=some_id with url_param(JSESSIONID)), for cases where cookies cannot be used. - rdp_cookie(name) + rdp_cookie() This extracts the value of the rdp cookie as a string and uses this value to match. This enables implementation of persistence based on the mstshash cookie. This is typically @@ -7995,7 +7995,7 @@ The list of currently supported pattern fetch functions is the following : See also : "balance rdp-cookie", "persist rdp-cookie", "tcp-request" and the "req_rdp_cookie" ACL. - cookie(name) + cookie() This extracts the last occurrence of the cookie name on a "Cookie" header line from the request and uses the corresponding value to match. A typical use is to get multiple clients sharing @@ -8006,7 +8006,7 @@ The list of currently supported pattern fetch functions is the following : See also : "appsession" - set-cookie(name) + set-cookie() This extracts the last occurrence of the cookie name on a "Set-Cookie" header line from the response and uses the corresponding value to match. This can be comparable to what @@ -8026,7 +8026,7 @@ The currently available list of transformations include : after a string pattern fetch function or after a conversion function returning a string type. The result is of type string. - ipmask(mask) Apply a mask to an IPv4 address, and use the result for lookups + ipmask() Apply a mask to an IPv4 address, and use the result for lookups and storage. This can be used to make all hosts within a certain mask to share the same table entries and as such use the same server. The mask can be passed in dotted form (eg: