If it possible to set source IP/Port from "tcp-request connection",
"tcp-request session" and "http-request" rules but not from "tcp-request
content" rules. There is no reason for this limitation and it may be a
problem for anyone wanting to call a lua fetch to dynamically set source
IP/Port from a TCP proxy. Indeed, to call a lua fetch, we must have a
stream. And there is no stream when "tcp-request connection/session" rules
are evaluated.
Thanks to this patch, "set-src" and "set-src-port" action are now supported
by "tcp_request content" rules.
This patch is related to the issue #1303. It may be backported to all stable
versions.
(cherry picked from commit
19bbbe05629ea947dd60d5b96d96f0066b047b97)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
(cherry picked from commit
40f95c49bbbc79f99fe4d1554c092d0764606a46)
Signed-off-by: Christopher Faulet <cfaulet@haproxy.com>
- sc-set-gpt0(<sc-id>) { <int> | <expr> }
- set-dst <expr>
- set-dst-port <expr>
+ - set-src <expr>
+ - set-src-port <expr>
- set-var(<var-name>) <expr>
- unset-var(<var-name>)
- silent-drop
The "set-dst" and "set-dst-port" are used to set respectively the destination
IP and port. More information on how to use it at "http-request set-dst".
+ The "set-src" and "set-src-port" are used to set respectively the source IP
+ and port. More information on how to use it at "http-request set-src".
+
The "set-var" is used to set the content of a variable. The variable is
declared inline. For "tcp-request session" rules, only session-level
variables can be used, without any layer7 contents.
INITCALL1(STG_REGISTER, tcp_req_sess_keywords_register, &tcp_req_sess_actions);
static struct action_kw_list tcp_req_cont_actions = {ILH, {
+ { "set-src", tcp_parse_set_src_dst },
+ { "set-src-port", tcp_parse_set_src_dst },
{ "set-dst" , tcp_parse_set_src_dst },
{ "set-dst-port", tcp_parse_set_src_dst },
{ "silent-drop", tcp_parse_silent_drop },
projects / haproxy-2.3.git / commitdiff