[MEDIUM] add ability to connect to a server from an IP found in a header
Using get_ip_from_hdr2() we can look for occurrence #X or #-X and
extract the IP it contains. This is typically designed for use with
the X-Forwarded-For header.
Using "usesrc hdr_ip(name,occ)", it becomes possible to use the IP address
found in <name>, and possibly specify occurrence number <occ>, as the
source to connect to a server. This is possible both in a server and in
a backend's source statement. This is typically used to use the source
IP previously set by a upstream proxy.
diff --git a/src/backend.c b/src/backend.c
index 845a436..ffd3bca 100644
--- a/src/backend.c
+++ b/src/backend.c
@@ -837,8 +837,19 @@
/* FIXME: what can we do if the client connects in IPv6 ? */
s->from_addr = *(struct sockaddr_in *)&s->cli_addr;
break;
+ case SRV_TPROXY_DYN:
+ if (s->srv->bind_hdr_occ) {
+ /* bind to the IP in a header */
+ s->from_addr.sin_port = 0;
+ s->from_addr.sin_addr.s_addr = htonl(get_ip_from_hdr2(&s->txn.req,
+ s->srv->bind_hdr_name,
+ s->srv->bind_hdr_len,
+ &s->txn.hdr_idx,
+ s->srv->bind_hdr_occ));
+ }
+ break;
default:
- s->from_addr = *(struct sockaddr_in *)0;
+ memset(&s->from_addr, 0, sizeof(s->from_addr));
}
}
else if (s->be->options & PR_O_BIND_SRC) {
@@ -851,8 +862,19 @@
/* FIXME: what can we do if the client connects in IPv6 ? */
s->from_addr = *(struct sockaddr_in *)&s->cli_addr;
break;
+ case PR_O_TPXY_DYN:
+ if (s->be->bind_hdr_occ) {
+ /* bind to the IP in a header */
+ s->from_addr.sin_port = 0;
+ s->from_addr.sin_addr.s_addr = htonl(get_ip_from_hdr2(&s->txn.req,
+ s->be->bind_hdr_name,
+ s->be->bind_hdr_len,
+ &s->txn.hdr_idx,
+ s->be->bind_hdr_occ));
+ }
+ break;
default:
- s->from_addr = *(struct sockaddr_in *)0;
+ memset(&s->from_addr, 0, sizeof(s->from_addr));
}
}
#endif