Gitiles
Code Review Sign In
git01.mediatek.com / haproxy / d669a4f72bff0d094d4824d4c46370e9736ec7a3^! / .
commitd669a4f72bff0d094d4824d4c46370e9736ec7a3[log] [tgz]
authorWilly Tarreau <w@1wt.eu>Tue Jul 13 14:49:50 2010 +0200
committerWilly Tarreau <w@1wt.eu>Tue Jul 13 14:57:52 2010 +0200
treef8b2803dbe263a2451fb04c5fc05ff7b57eedefe
parent35da19ca705e1c310ac18db8c91d018f7e8ce7ff [diff]
[MEDIUM] backend: support servers on 0.0.0.0

Till now when a server was configured with address 0.0.0.0, the
connection was forwarded to this address which generally is intercepted
by the system as a local address, so this was completely useless.

One sometimes useful feature for outgoing transparent proxies is to
be able to forward the connection to the same address the client
requested. This patch fixes the meaning of 0.0.0.0 precisely to
ensure that the connection will be forwarded to the initial client's
destination address.

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 11c7a1a..d1fa1fa 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt

@@ -4296,7 +4296,14 @@
 
     <address> is the IPv4 address of the server. Alternatively, a resolvable
               hostname is supported, but this name will be resolved during
-              start-up.
+              start-up. Address "0.0.0.0" or "*" has a special meaning. It
+              indicates that the connection will be forwarded to the same IP
+              address as the one from the client connection. This is useful in
+              transparent proxy architectures where the client's connection is
+              intercepted and haproxy must forward to the original destination
+              address. This is more or less what the "transparent" keyword does
+              except that with a server it's possible to limit concurrency and
+              to report statistics.
 
     <ports>   is an optional port specification. If set, all connections will
               be sent to this port. If unset, the same port the client

diff --git a/src/backend.c b/src/backend.c
index 1fc6b2a..33a81ab 100644
--- a/src/backend.c
+++ b/src/backend.c

@@ -661,6 +661,17 @@
 
 		s->srv_addr = s->srv->addr;
 
+		if (!s->srv_addr.sin_addr.s_addr) {
+			/* if the server has no address, we use the same address
+			 * the client asked, which is handy for remapping ports
+			 * locally on multiple addresses at once.
+			 */
+			if (!(s->be->options & PR_O_TRANSP) && !(s->flags & SN_FRT_ADDR_SET))
+				get_frt_addr(s);
+
+			s->srv_addr.sin_addr = ((struct sockaddr_in *)&s->frt_addr)->sin_addr;
+		}
+
 		/* if this server remaps proxied ports, we'll use
 		 * the port the client connected to with an offset. */
 		if (s->srv->state & SRV_MAPPORTS) {