MEDIUM: http: ACL and MAP updates through http-(request|response) rules
This patch allows manipulation of ACL and MAP content thanks to any
information available in a session: source IP address, HTTP request or
response header, etc...
It's an update "on the fly" of the content of the map/acls. This means
it does not resist to reload or restart of HAProxy.
diff --git a/include/types/proto_http.h b/include/types/proto_http.h
index d937ce1..f084ecd 100644
--- a/include/types/proto_http.h
+++ b/include/types/proto_http.h
@@ -252,6 +252,10 @@
HTTP_REQ_ACT_SET_LOGL,
HTTP_REQ_ACT_SET_TOS,
HTTP_REQ_ACT_SET_MARK,
+ HTTP_REQ_ACT_ADD_ACL,
+ HTTP_REQ_ACT_DEL_ACL,
+ HTTP_REQ_ACT_DEL_MAP,
+ HTTP_REQ_ACT_SET_MAP,
HTTP_REQ_ACT_MAX /* must always be last */
};
@@ -267,6 +271,10 @@
HTTP_RES_ACT_SET_LOGL,
HTTP_RES_ACT_SET_TOS,
HTTP_RES_ACT_SET_MARK,
+ HTTP_RES_ACT_ADD_ACL,
+ HTTP_RES_ACT_DEL_ACL,
+ HTTP_RES_ACT_DEL_MAP,
+ HTTP_RES_ACT_SET_MAP,
HTTP_RES_ACT_MAX /* must always be last */
};
@@ -404,6 +412,11 @@
int loglevel; /* log-level value for HTTP_REQ_ACT_SET_LOGL */
int tos; /* tos value for HTTP_REQ_ACT_SET_TOS */
int mark; /* nfmark value for HTTP_REQ_ACT_SET_MARK */
+ struct {
+ char *ref; /* MAP or ACL file name to update */
+ struct list key; /* pattern to retrieve MAP or ACL key */
+ struct list value; /* pattern to retrieve MAP value */
+ } map;
} arg; /* arguments used by some actions */
};
@@ -421,6 +434,11 @@
int loglevel; /* log-level value for HTTP_RES_ACT_SET_LOGL */
int tos; /* tos value for HTTP_RES_ACT_SET_TOS */
int mark; /* nfmark value for HTTP_RES_ACT_SET_MARK */
+ struct {
+ char *ref; /* MAP or ACL file name to update */
+ struct list key; /* pattern to retrieve MAP or ACL key */
+ struct list value; /* pattern to retrieve MAP value */
+ } map;
} arg; /* arguments used by some actions */
};