MEDIUM: acl/pattern: start merging common sample fetch functions
src_port, dst_port and url_param have converged between ACLs and patterns.
This means that src_port is now available in patterns and that urlp_* has
been added to ACLs. Some code has moved to accommodate for static function
definitions, but there were little changes.
diff --git a/doc/configuration.txt b/doc/configuration.txt
index 0059fe1..c2b063a 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -7935,7 +7935,7 @@
Use the shdr() variant for response headers sent by the server.
The "hdr" criteria returns true if any of the headers matching the criteria
- match any of the strings. This can be used to check exact for values. For
+ match any of the strings. This can be used to check for exact values. For
instance, checking that "connection: close" is set :
hdr(Connection) -i close
@@ -8126,6 +8126,52 @@
Returns true when the URL contains one of the strings. It can be used to
detect particular patterns in query strings for example. See also "path_sub".
+urlp(<name>) <string>
+ Note: all "urlp*" matching criteria apply to the first occurrence of the
+ parameter <name> in the query string. The parameter name is case-sensitive.
+
+ The "urlp" matching criteria returns true if the designated URL parameter
+ matches any of the strings. This can be used to check for exact values.
+
+urlp_beg(<name>) <string>
+ Returns true when the URL parameter "<name>" begins with one of the strings.
+ This can be used to check whether a URL begins with a slash or with a
+ protocol scheme.
+
+urlp_dir(<name>) <string>
+ Returns true when the URL parameter "<name>" contains one of the strings
+ either isolated or delimited with slashes. This is used to perform filename
+ or directory name matching in a specific URL parameter without the risk of
+ wrong match due to colliding prefixes. See also "path_dir" and "urlp_sub".
+
+urlp_dom(<name>) <string>
+ Returns true when one of the strings is found isolated or delimited with dots
+ in the URL parameter "<name>". This is used to perform domain name matching
+ in a specific URL parameter without the risk of wrong match due to colliding
+ prefixes. See also "urlp_sub".
+
+urlp_end(<name>) <string>
+ Returns true when the URL parameter "<name>" ends with one of the strings.
+
+urlp_ip(<name>) <ip_address>
+ Returns true when the URL parameter "<name>" contains an IPv4 address which
+ matches one of the specified IP addresses.
+
+urlp_len(<name>) <integer>
+ Returns true when the URL parameter "<name>" has a length matching the values
+ or ranges specified. This is used to detect abusive requests for instance.
+
+urlp_reg(<name>) <regex>
+ Returns true when the URL parameter "<name>" matches one of the regular
+ expressions. It can be used any time, but it is important to remember that
+ regex matching is slower than other methods. See also "path_reg" and all
+ "urlp_" criteria.
+
+urlp_sub(<name>) <string>
+ Returns true when the URL parameter "<name>" contains one of the strings. It
+ can be used to detect particular patterns in query strings for example. See
+ also "path_sub" and other "urlp_" criteria.
+
7.6. Pre-defined ACLs
---------------------
@@ -8293,6 +8339,11 @@
<lengthoffset> + <lengthsize> else it is absolute.
Ex: see SSL session id example in "stick table" chapter.
+ src_port This is the source TCP port of the session on the client side,
+ which is the port the client connected from. It is very unlikely
+ that this function will be useful but it's available at no cost.
+ It is of type integer and only works with such tables.
+
url_param(<name>)
This extracts the first occurrence of the parameter <name> in
the query string of the request and uses the corresponding value
diff --git a/src/proto_http.c b/src/proto_http.c
index 6302ea4..08750d7 100644
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -8257,93 +8257,6 @@
}
/************************************************************************/
-/* All supported keywords must be declared here. */
-/************************************************************************/
-
-/* Note: must not be declared <const> as its list will be overwritten.
- * Please take care of keeping this list alphabetically sorted.
- */
-static struct acl_kw_list acl_kws = {{ },{
- { "cook", acl_parse_str, acl_fetch_cookie_value, acl_match_str, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
- { "cook_beg", acl_parse_str, acl_fetch_cookie_value, acl_match_beg, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "cook_cnt", acl_parse_int, acl_fetch_cookie_cnt, acl_match_int, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "cook_dir", acl_parse_str, acl_fetch_cookie_value, acl_match_dir, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "cook_dom", acl_parse_str, acl_fetch_cookie_value, acl_match_dom, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "cook_end", acl_parse_str, acl_fetch_cookie_value, acl_match_end, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "cook_len", acl_parse_int, acl_fetch_cookie_value, acl_match_len, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "cook_reg", acl_parse_reg, acl_fetch_cookie_value, acl_match_reg, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "cook_sub", acl_parse_str, acl_fetch_cookie_value, acl_match_sub, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
-
- { "hdr", acl_parse_str, acl_fetch_hdr, acl_match_str, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
- { "hdr_beg", acl_parse_str, acl_fetch_hdr, acl_match_beg, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "hdr_cnt", acl_parse_int, acl_fetch_hdr_cnt, acl_match_int, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "hdr_dir", acl_parse_str, acl_fetch_hdr, acl_match_dir, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "hdr_dom", acl_parse_str, acl_fetch_hdr, acl_match_dom, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "hdr_end", acl_parse_str, acl_fetch_hdr, acl_match_end, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "hdr_ip", acl_parse_ip, acl_fetch_hdr_ip, acl_match_ip, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
- { "hdr_len", acl_parse_int, acl_fetch_hdr, acl_match_len, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "hdr_reg", acl_parse_reg, acl_fetch_hdr, acl_match_reg, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "hdr_sub", acl_parse_str, acl_fetch_hdr, acl_match_sub, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
- { "hdr_val", acl_parse_int, acl_fetch_hdr_val, acl_match_int, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
-
- { "http_auth", acl_parse_nothing, acl_fetch_http_auth, acl_match_nothing, ACL_USE_L7REQ_VOLATILE, ARG1(0,USR) },
- { "http_auth_group", acl_parse_strcat, acl_fetch_http_auth, acl_match_auth, ACL_USE_L7REQ_VOLATILE, ARG1(0,USR) },
- { "http_first_req", acl_parse_nothing, acl_fetch_http_first_req, acl_match_nothing, ACL_USE_L7REQ_PERMANENT, 0 },
-
- { "method", acl_parse_meth, acl_fetch_meth, acl_match_meth, ACL_USE_L7REQ_PERMANENT, 0 },
-
- { "path", acl_parse_str, acl_fetch_path, acl_match_str, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, 0 },
- { "path_beg", acl_parse_str, acl_fetch_path, acl_match_beg, ACL_USE_L7REQ_VOLATILE, 0 },
- { "path_dir", acl_parse_str, acl_fetch_path, acl_match_dir, ACL_USE_L7REQ_VOLATILE, 0 },
- { "path_dom", acl_parse_str, acl_fetch_path, acl_match_dom, ACL_USE_L7REQ_VOLATILE, 0 },
- { "path_end", acl_parse_str, acl_fetch_path, acl_match_end, ACL_USE_L7REQ_VOLATILE, 0 },
- { "path_len", acl_parse_int, acl_fetch_path, acl_match_len, ACL_USE_L7REQ_VOLATILE, 0 },
- { "path_reg", acl_parse_reg, acl_fetch_path, acl_match_reg, ACL_USE_L7REQ_VOLATILE, 0 },
- { "path_sub", acl_parse_str, acl_fetch_path, acl_match_sub, ACL_USE_L7REQ_VOLATILE, 0 },
-
- { "req_proto_http", acl_parse_nothing, acl_fetch_proto_http, acl_match_nothing, ACL_USE_L7REQ_PERMANENT, 0 },
- { "req_ver", acl_parse_ver, acl_fetch_rqver, acl_match_str, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, 0 },
- { "resp_ver", acl_parse_ver, acl_fetch_stver, acl_match_str, ACL_USE_L7RTR_VOLATILE|ACL_MAY_LOOKUP, 0 },
-
- { "scook", acl_parse_str, acl_fetch_cookie_value, acl_match_str, ACL_USE_L7RTR_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
- { "scook_beg", acl_parse_str, acl_fetch_cookie_value, acl_match_beg, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "scook_cnt", acl_parse_int, acl_fetch_cookie_cnt, acl_match_int, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "scook_dir", acl_parse_str, acl_fetch_cookie_value, acl_match_dir, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "scook_dom", acl_parse_str, acl_fetch_cookie_value, acl_match_dom, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "scook_end", acl_parse_str, acl_fetch_cookie_value, acl_match_end, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "scook_len", acl_parse_int, acl_fetch_cookie_value, acl_match_len, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "scook_reg", acl_parse_reg, acl_fetch_cookie_value, acl_match_reg, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "scook_sub", acl_parse_str, acl_fetch_cookie_value, acl_match_sub, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
-
- { "shdr", acl_parse_str, acl_fetch_hdr, acl_match_str, ACL_USE_L7RTR_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
- { "shdr_beg", acl_parse_str, acl_fetch_hdr, acl_match_beg, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "shdr_cnt", acl_parse_int, acl_fetch_hdr_cnt, acl_match_int, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "shdr_dir", acl_parse_str, acl_fetch_hdr, acl_match_dir, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "shdr_dom", acl_parse_str, acl_fetch_hdr, acl_match_dom, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "shdr_end", acl_parse_str, acl_fetch_hdr, acl_match_end, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "shdr_ip", acl_parse_ip, acl_fetch_hdr_ip, acl_match_ip, ACL_USE_L7RTR_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
- { "shdr_len", acl_parse_int, acl_fetch_hdr, acl_match_len, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "shdr_reg", acl_parse_reg, acl_fetch_hdr, acl_match_reg, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "shdr_sub", acl_parse_str, acl_fetch_hdr, acl_match_sub, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
- { "shdr_val", acl_parse_int, acl_fetch_hdr_val, acl_match_int, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
-
- { "status", acl_parse_int, acl_fetch_stcode, acl_match_int, ACL_USE_L7RTR_PERMANENT, 0 },
-
- { "url", acl_parse_str, acl_fetch_url, acl_match_str, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, 0 },
- { "url_beg", acl_parse_str, acl_fetch_url, acl_match_beg, ACL_USE_L7REQ_VOLATILE, 0 },
- { "url_dir", acl_parse_str, acl_fetch_url, acl_match_dir, ACL_USE_L7REQ_VOLATILE, 0 },
- { "url_dom", acl_parse_str, acl_fetch_url, acl_match_dom, ACL_USE_L7REQ_VOLATILE, 0 },
- { "url_end", acl_parse_str, acl_fetch_url, acl_match_end, ACL_USE_L7REQ_VOLATILE, 0 },
- { "url_ip", acl_parse_ip, acl_fetch_url_ip, acl_match_ip, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, 0 },
- { "url_len", acl_parse_int, acl_fetch_url, acl_match_len, ACL_USE_L7REQ_VOLATILE, 0 },
- { "url_port", acl_parse_int, acl_fetch_url_port, acl_match_int, ACL_USE_L7REQ_VOLATILE, 0 },
- { "url_reg", acl_parse_reg, acl_fetch_url, acl_match_reg, ACL_USE_L7REQ_VOLATILE, 0 },
- { "url_sub", acl_parse_str, acl_fetch_url, acl_match_sub, ACL_USE_L7REQ_VOLATILE, 0 },
-
- { NULL, NULL, NULL, NULL },
-}};
-
-/************************************************************************/
/* The code below is dedicated to pattern fetching and matching */
/************************************************************************/
@@ -8417,7 +8330,7 @@
static int
find_url_param_value(char* path, size_t path_l,
char* url_param_name, size_t url_param_name_l,
- char** value, size_t* value_l)
+ char** value, int* value_l)
{
char *query_string, *qs_end;
char *arg_start;
@@ -8445,22 +8358,24 @@
}
static int
-pattern_fetch_url_param(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
- const struct arg *arg_p, struct sample *smp)
+smp_fetch_url_param(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
+ const struct arg *args, struct sample *smp)
{
struct http_txn *txn = l7;
struct http_msg *msg = &txn->req;
- char *url_param_value;
- size_t url_param_value_l;
+
+ if (!args || args->type != ARGT_STR)
+ return 0;
+
+ CHECK_HTTP_MESSAGE_FIRST();
if (!find_url_param_value(msg->buf->p + msg->sol + msg->sl.rq.u, msg->sl.rq.u_l,
- arg_p->data.str.str, arg_p->data.str.len,
- &url_param_value, &url_param_value_l))
+ args->data.str.str, args->data.str.len,
+ &smp->data.str.str, &smp->data.str.len))
return 0;
smp->type = SMP_T_CSTR;
- smp->data.str.str = url_param_value;
- smp->data.str.len = url_param_value_l;
+ smp->flags = SMP_F_VOL_1ST;
return 1;
}
@@ -8544,12 +8459,109 @@
}
/************************************************************************/
+/* All supported ACL keywords must be declared here. */
+/************************************************************************/
+
+/* Note: must not be declared <const> as its list will be overwritten.
+ * Please take care of keeping this list alphabetically sorted.
+ */
+static struct acl_kw_list acl_kws = {{ },{
+ { "cook", acl_parse_str, acl_fetch_cookie_value, acl_match_str, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
+ { "cook_beg", acl_parse_str, acl_fetch_cookie_value, acl_match_beg, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "cook_cnt", acl_parse_int, acl_fetch_cookie_cnt, acl_match_int, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "cook_dir", acl_parse_str, acl_fetch_cookie_value, acl_match_dir, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "cook_dom", acl_parse_str, acl_fetch_cookie_value, acl_match_dom, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "cook_end", acl_parse_str, acl_fetch_cookie_value, acl_match_end, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "cook_len", acl_parse_int, acl_fetch_cookie_value, acl_match_len, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "cook_reg", acl_parse_reg, acl_fetch_cookie_value, acl_match_reg, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "cook_sub", acl_parse_str, acl_fetch_cookie_value, acl_match_sub, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+
+ { "hdr", acl_parse_str, acl_fetch_hdr, acl_match_str, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
+ { "hdr_beg", acl_parse_str, acl_fetch_hdr, acl_match_beg, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "hdr_cnt", acl_parse_int, acl_fetch_hdr_cnt, acl_match_int, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "hdr_dir", acl_parse_str, acl_fetch_hdr, acl_match_dir, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "hdr_dom", acl_parse_str, acl_fetch_hdr, acl_match_dom, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "hdr_end", acl_parse_str, acl_fetch_hdr, acl_match_end, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "hdr_ip", acl_parse_ip, acl_fetch_hdr_ip, acl_match_ip, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
+ { "hdr_len", acl_parse_int, acl_fetch_hdr, acl_match_len, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "hdr_reg", acl_parse_reg, acl_fetch_hdr, acl_match_reg, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "hdr_sub", acl_parse_str, acl_fetch_hdr, acl_match_sub, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+ { "hdr_val", acl_parse_int, acl_fetch_hdr_val, acl_match_int, ACL_USE_L7REQ_VOLATILE, ARG1(0,STR) },
+
+ { "http_auth", acl_parse_nothing, acl_fetch_http_auth, acl_match_nothing, ACL_USE_L7REQ_VOLATILE, ARG1(0,USR) },
+ { "http_auth_group", acl_parse_strcat, acl_fetch_http_auth, acl_match_auth, ACL_USE_L7REQ_VOLATILE, ARG1(0,USR) },
+ { "http_first_req", acl_parse_nothing, acl_fetch_http_first_req, acl_match_nothing, ACL_USE_L7REQ_PERMANENT, 0 },
+
+ { "method", acl_parse_meth, acl_fetch_meth, acl_match_meth, ACL_USE_L7REQ_PERMANENT, 0 },
+
+ { "path", acl_parse_str, acl_fetch_path, acl_match_str, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, 0 },
+ { "path_beg", acl_parse_str, acl_fetch_path, acl_match_beg, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "path_dir", acl_parse_str, acl_fetch_path, acl_match_dir, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "path_dom", acl_parse_str, acl_fetch_path, acl_match_dom, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "path_end", acl_parse_str, acl_fetch_path, acl_match_end, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "path_len", acl_parse_int, acl_fetch_path, acl_match_len, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "path_reg", acl_parse_reg, acl_fetch_path, acl_match_reg, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "path_sub", acl_parse_str, acl_fetch_path, acl_match_sub, ACL_USE_L7REQ_VOLATILE, 0 },
+
+ { "req_proto_http", acl_parse_nothing, acl_fetch_proto_http, acl_match_nothing, ACL_USE_L7REQ_PERMANENT, 0 },
+ { "req_ver", acl_parse_ver, acl_fetch_rqver, acl_match_str, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, 0 },
+ { "resp_ver", acl_parse_ver, acl_fetch_stver, acl_match_str, ACL_USE_L7RTR_VOLATILE|ACL_MAY_LOOKUP, 0 },
+
+ { "scook", acl_parse_str, acl_fetch_cookie_value, acl_match_str, ACL_USE_L7RTR_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
+ { "scook_beg", acl_parse_str, acl_fetch_cookie_value, acl_match_beg, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "scook_cnt", acl_parse_int, acl_fetch_cookie_cnt, acl_match_int, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "scook_dir", acl_parse_str, acl_fetch_cookie_value, acl_match_dir, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "scook_dom", acl_parse_str, acl_fetch_cookie_value, acl_match_dom, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "scook_end", acl_parse_str, acl_fetch_cookie_value, acl_match_end, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "scook_len", acl_parse_int, acl_fetch_cookie_value, acl_match_len, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "scook_reg", acl_parse_reg, acl_fetch_cookie_value, acl_match_reg, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "scook_sub", acl_parse_str, acl_fetch_cookie_value, acl_match_sub, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+
+ { "shdr", acl_parse_str, acl_fetch_hdr, acl_match_str, ACL_USE_L7RTR_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
+ { "shdr_beg", acl_parse_str, acl_fetch_hdr, acl_match_beg, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "shdr_cnt", acl_parse_int, acl_fetch_hdr_cnt, acl_match_int, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "shdr_dir", acl_parse_str, acl_fetch_hdr, acl_match_dir, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "shdr_dom", acl_parse_str, acl_fetch_hdr, acl_match_dom, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "shdr_end", acl_parse_str, acl_fetch_hdr, acl_match_end, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "shdr_ip", acl_parse_ip, acl_fetch_hdr_ip, acl_match_ip, ACL_USE_L7RTR_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
+ { "shdr_len", acl_parse_int, acl_fetch_hdr, acl_match_len, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "shdr_reg", acl_parse_reg, acl_fetch_hdr, acl_match_reg, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "shdr_sub", acl_parse_str, acl_fetch_hdr, acl_match_sub, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+ { "shdr_val", acl_parse_int, acl_fetch_hdr_val, acl_match_int, ACL_USE_L7RTR_VOLATILE, ARG1(0,STR) },
+
+ { "status", acl_parse_int, acl_fetch_stcode, acl_match_int, ACL_USE_L7RTR_PERMANENT, 0 },
+
+ { "url", acl_parse_str, acl_fetch_url, acl_match_str, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, 0 },
+ { "url_beg", acl_parse_str, acl_fetch_url, acl_match_beg, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "url_dir", acl_parse_str, acl_fetch_url, acl_match_dir, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "url_dom", acl_parse_str, acl_fetch_url, acl_match_dom, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "url_end", acl_parse_str, acl_fetch_url, acl_match_end, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "url_ip", acl_parse_ip, acl_fetch_url_ip, acl_match_ip, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, 0 },
+ { "url_len", acl_parse_int, acl_fetch_url, acl_match_len, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "url_port", acl_parse_int, acl_fetch_url_port, acl_match_int, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "url_reg", acl_parse_reg, acl_fetch_url, acl_match_reg, ACL_USE_L7REQ_VOLATILE, 0 },
+ { "url_sub", acl_parse_str, acl_fetch_url, acl_match_sub, ACL_USE_L7REQ_VOLATILE, 0 },
+
+ { "urlp", acl_parse_str, smp_fetch_url_param, acl_match_str, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, ARG1(1,STR) },
+ { "urlp_beg", acl_parse_str, smp_fetch_url_param, acl_match_beg, ACL_USE_L7REQ_VOLATILE, ARG1(1,STR) },
+ { "urlp_dir", acl_parse_str, smp_fetch_url_param, acl_match_dir, ACL_USE_L7REQ_VOLATILE, ARG1(1,STR) },
+ { "urlp_dom", acl_parse_str, smp_fetch_url_param, acl_match_dom, ACL_USE_L7REQ_VOLATILE, ARG1(1,STR) },
+ { "urlp_end", acl_parse_str, smp_fetch_url_param, acl_match_end, ACL_USE_L7REQ_VOLATILE, ARG1(1,STR) },
+ { "urlp_ip", acl_parse_ip, smp_fetch_url_param, acl_match_ip, ACL_USE_L7REQ_VOLATILE|ACL_MAY_LOOKUP, ARG1(1,STR) },
+ { "urlp_len", acl_parse_int, smp_fetch_url_param, acl_match_len, ACL_USE_L7REQ_VOLATILE, ARG1(1,STR) },
+ { "urlp_reg", acl_parse_reg, smp_fetch_url_param, acl_match_reg, ACL_USE_L7REQ_VOLATILE, ARG1(1,STR) },
+ { "urlp_sub", acl_parse_str, smp_fetch_url_param, acl_match_sub, ACL_USE_L7REQ_VOLATILE, ARG1(1,STR) },
+
+ { NULL, NULL, NULL, NULL },
+}};
+
+/************************************************************************/
-/* All supported keywords must be declared here. */
+/* All supported pattern keywords must be declared here. */
/************************************************************************/
/* Note: must not be declared <const> as its list will be overwritten */
static struct pattern_fetch_kw_list pattern_fetch_keywords = {{ },{
{ "hdr", pattern_fetch_hdr, ARG1(1,STR), NULL, SMP_T_CSTR, SMP_CAP_REQ },
- { "url_param", pattern_fetch_url_param, ARG1(1,STR), NULL, SMP_T_CSTR, SMP_CAP_REQ },
+ { "url_param", smp_fetch_url_param, ARG1(1,STR), NULL, SMP_T_CSTR, SMP_CAP_REQ },
{ "cookie", pattern_fetch_cookie, ARG1(1,STR), NULL, SMP_T_CSTR, SMP_CAP_REQ },
{ "set-cookie", pattern_fetch_set_cookie, ARG1(1,STR), NULL, SMP_T_CSTR, SMP_CAP_RES },
{ NULL, NULL, 0, 0, 0 },
diff --git a/src/proto_tcp.c b/src/proto_tcp.c
index 6bc669e..b2a3adb 100644
--- a/src/proto_tcp.c
+++ b/src/proto_tcp.c
@@ -1430,7 +1430,7 @@
/* set temp integer to the connection's source port */
static int
-acl_fetch_sport(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
+smp_fetch_sport(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
smp->type = SMP_T_UINT;
@@ -1499,7 +1499,7 @@
/* set temp integer to the frontend connexion's destination port */
static int
-acl_fetch_dport(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
+smp_fetch_dport(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *args, struct sample *smp)
{
stream_sock_get_to_addr(&l4->si[0]);
@@ -1513,19 +1513,6 @@
}
static int
-pattern_fetch_dport(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
- const struct arg *arg, struct sample *smp)
-{
- smp->type = SMP_T_UINT;
- stream_sock_get_to_addr(&l4->si[0]);
-
- if (!(smp->data.uint = get_host_port(&l4->si[0].addr.to)))
- return 0;
-
- return 1;
-}
-
-static int
pattern_fetch_payloadlv(struct proxy *px, struct session *l4, void *l7, unsigned int opt,
const struct arg *arg_p, struct sample *smp)
{
@@ -1656,11 +1643,11 @@
*/
static struct acl_kw_list acl_kws = {{ },{
{ "dst", acl_parse_ip, acl_fetch_dst, acl_match_ip, ACL_USE_TCP4_PERMANENT|ACL_MAY_LOOKUP, 0 },
- { "dst_port", acl_parse_int, acl_fetch_dport, acl_match_int, ACL_USE_TCP_PERMANENT, 0 },
+ { "dst_port", acl_parse_int, smp_fetch_dport, acl_match_int, ACL_USE_TCP_PERMANENT, 0 },
{ "req_rdp_cookie", acl_parse_str, smp_fetch_rdp_cookie, acl_match_str, ACL_USE_L6REQ_VOLATILE|ACL_MAY_LOOKUP, ARG1(0,STR) },
{ "req_rdp_cookie_cnt", acl_parse_int, acl_fetch_rdp_cookie_cnt, acl_match_int, ACL_USE_L6REQ_VOLATILE, ARG1(0,STR) },
{ "src", acl_parse_ip, acl_fetch_src, acl_match_ip, ACL_USE_TCP4_PERMANENT|ACL_MAY_LOOKUP, 0 },
- { "src_port", acl_parse_int, acl_fetch_sport, acl_match_int, ACL_USE_TCP_PERMANENT, 0 },
+ { "src_port", acl_parse_int, smp_fetch_sport, acl_match_int, ACL_USE_TCP_PERMANENT, 0 },
{ NULL, NULL, NULL, NULL },
}};
@@ -1670,10 +1657,11 @@
{ "src6", pattern_fetch_src6, 0, NULL, SMP_T_IPV6, SMP_CAP_REQ|SMP_CAP_RES },
{ "dst", pattern_fetch_dst, 0, NULL, SMP_T_IPV4, SMP_CAP_REQ|SMP_CAP_RES },
{ "dst6", pattern_fetch_dst6, 0, NULL, SMP_T_IPV6, SMP_CAP_REQ|SMP_CAP_RES },
- { "dst_port", pattern_fetch_dport, 0, NULL, SMP_T_UINT, SMP_CAP_REQ|SMP_CAP_RES },
+ { "dst_port", smp_fetch_dport, 0, NULL, SMP_T_UINT, SMP_CAP_REQ|SMP_CAP_RES },
{ "payload", pattern_fetch_payload, ARG2(2,UINT,UINT), val_payload, SMP_T_CBIN, SMP_CAP_REQ|SMP_CAP_RES },
{ "payload_lv", pattern_fetch_payloadlv, ARG3(2,UINT,UINT,SINT), val_payload_lv, SMP_T_CBIN, SMP_CAP_REQ|SMP_CAP_RES },
{ "rdp_cookie", pattern_fetch_rdp_cookie, ARG1(1,STR), NULL, SMP_T_CSTR, SMP_CAP_REQ|SMP_CAP_RES },
+ { "src_port", smp_fetch_sport, 0, NULL, SMP_T_UINT, SMP_CAP_REQ|SMP_CAP_RES },
{ NULL, NULL, 0, 0, 0 },
}};