Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / 19bbbe05629ea947dd60d5b96d96f0066b047b97^! / .
commit19bbbe05629ea947dd60d5b96d96f0066b047b97[log] [tgz]
authorChristopher Faulet <cfaulet@haproxy.com>Wed Jun 23 12:07:21 2021 +0200
committerChristopher Faulet <cfaulet@haproxy.com>Wed Jun 23 12:07:24 2021 +0200
tree17e381a635a9b7f3cf850a04b6d2288f1e1bc20e
parent5ffb045ed12f14a0367bcb0aa39931806c84357a [diff]
MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules

If it possible to set source IP/Port from "tcp-request connection",
"tcp-request session" and "http-request" rules but not from "tcp-request
content" rules. There is no reason for this limitation and it may be a
problem for anyone wanting to call a lua fetch to dynamically set source
IP/Port from a TCP proxy. Indeed, to call a lua fetch, we must have a
stream. And there is no stream when "tcp-request connection/session" rules
are evaluated.

Thanks to this patch, "set-src" and "set-src-port" action are now supported
by "tcp_request content" rules.

This patch is related to the issue #1303. It may be backported to all stable
versions.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 4dd8fae..10a1948 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt

@@ -12056,6 +12056,8 @@
     - sc-set-gpt0(<sc-id>) { <int> | <expr> }
     - set-dst <expr>
     - set-dst-port <expr>
+    - set-src <expr>
+    - set-src-port <expr>
     - set-var(<var-name>) <expr>
     - switch-mode http [ proto <name> ]
     - unset-var(<var-name>)
@@ -12106,6 +12108,9 @@
   The "set-dst" and "set-dst-port" are used to set respectively the destination
   IP and port. More information on how to use it at "http-request set-dst".
 
+  The "set-src" and "set-src-port" are used to set respectively the source IP
+  and port. More information on how to use it at "http-request set-src".
+
   The "set-var" is used to set the content of a variable. The variable is
   declared inline. For "tcp-request session" rules, only session-level
   variables can be used, without any layer7 contents.

diff --git a/src/tcp_act.c b/src/tcp_act.c
index d55475c..a6f0596 100644
--- a/src/tcp_act.c
+++ b/src/tcp_act.c

@@ -318,6 +318,8 @@
 INITCALL1(STG_REGISTER, tcp_req_sess_keywords_register, &tcp_req_sess_actions);
 
 static struct action_kw_list tcp_req_cont_actions = {ILH, {
+	{ "set-src",      tcp_parse_set_src_dst },
+	{ "set-src-port", tcp_parse_set_src_dst },
 	{ "set-dst"     , tcp_parse_set_src_dst },
 	{ "set-dst-port", tcp_parse_set_src_dst },
 	{ "silent-drop",  tcp_parse_silent_drop },