[MINOR] tcp-inspect: permit the use of no-delay inspection
Sometimes it may make sense to be able to immediately apply a verdict
without waiting at all. It was not possible because no inspect-delay
meant no inspection at all. This is now fixed.
diff --git a/src/proto_tcp.c b/src/proto_tcp.c
index 2fb6a85..ec9d23a 100644
--- a/src/proto_tcp.c
+++ b/src/proto_tcp.c
@@ -404,7 +404,7 @@
* - if one rule returns KO, then return KO
*/
- if (req->flags & BF_SHUTR || tick_is_expired(req->analyse_exp, now_ms))
+ if (req->flags & BF_SHUTR || !s->fe->tcp_req.inspect_delay || tick_is_expired(req->analyse_exp, now_ms))
partial = 0;
else
partial = ACL_PARTIAL;
@@ -417,7 +417,7 @@
if (ret == ACL_PAT_MISS) {
buffer_write_dis(req);
/* just set the request timeout once at the beginning of the request */
- if (!tick_isset(req->analyse_exp))
+ if (!tick_isset(req->analyse_exp) && s->fe->tcp_req.inspect_delay)
req->analyse_exp = tick_add_ifset(now_ms, s->fe->tcp_req.inspect_delay);
return 0;
}