blob: 8242fa4ab66172f69d39bc7d7723661f4a6f2c20 [file] [log] [blame]
Willy Tarreau8987e7a2020-08-28 11:37:21 +02001/*
2 * AF_INET/AF_INET6 SOCK_STREAM protocol layer (tcp)
3 *
4 * Copyright 2000-2013 Willy Tarreau <w@1wt.eu>
5 *
6 * This program is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU General Public License
8 * as published by the Free Software Foundation; either version
9 * 2 of the License, or (at your option) any later version.
10 *
11 */
12
13/* this is to have tcp_info defined on systems using musl
14 * library, such as Alpine Linux.
15 */
16#define _GNU_SOURCE
17
18#include <ctype.h>
19#include <errno.h>
20#include <fcntl.h>
21#include <stdio.h>
22#include <stdlib.h>
23#include <string.h>
24#include <time.h>
25
26#include <sys/param.h>
27#include <sys/socket.h>
28#include <sys/types.h>
29
30#include <netinet/tcp.h>
31#include <netinet/in.h>
32
33#include <haproxy/api.h>
34#include <haproxy/arg.h>
35#include <haproxy/connection.h>
36#include <haproxy/global.h>
37#include <haproxy/listener-t.h>
38#include <haproxy/namespace.h>
39#include <haproxy/proxy-t.h>
40#include <haproxy/sample.h>
41#include <haproxy/tools.h>
42
43
Christopher Faulet7d081f02021-04-15 09:38:37 +020044/* Fetch the connection's source IPv4/IPv6 address. Depending on the keyword, it
45 * may be the frontend or the backend connection.
Willy Tarreau8987e7a2020-08-28 11:37:21 +020046 */
47static int
48smp_fetch_src(const struct arg *args, struct sample *smp, const char *kw, void *private)
49{
Christopher Faulet003df1c2021-04-15 09:39:38 +020050 struct connection *conn;
51
52 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
53 conn = (kw[0] == 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
54 else
55 conn = (kw[0] != 'b') ? objt_conn(smp->sess->origin) :
56 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreau8987e7a2020-08-28 11:37:21 +020057
Christopher Faulet7d081f02021-04-15 09:38:37 +020058 if (!conn)
Willy Tarreau8987e7a2020-08-28 11:37:21 +020059 return 0;
60
Christopher Faulet7d081f02021-04-15 09:38:37 +020061 if (!conn_get_src(conn))
Willy Tarreau8987e7a2020-08-28 11:37:21 +020062 return 0;
63
Christopher Faulet7d081f02021-04-15 09:38:37 +020064 switch (conn->src->ss_family) {
Willy Tarreau8987e7a2020-08-28 11:37:21 +020065 case AF_INET:
Christopher Faulet7d081f02021-04-15 09:38:37 +020066 smp->data.u.ipv4 = ((struct sockaddr_in *)conn->src)->sin_addr;
Willy Tarreau8987e7a2020-08-28 11:37:21 +020067 smp->data.type = SMP_T_IPV4;
68 break;
69 case AF_INET6:
Christopher Faulet7d081f02021-04-15 09:38:37 +020070 smp->data.u.ipv6 = ((struct sockaddr_in6 *)conn->src)->sin6_addr;
Willy Tarreau8987e7a2020-08-28 11:37:21 +020071 smp->data.type = SMP_T_IPV6;
72 break;
73 default:
74 return 0;
75 }
76
77 smp->flags = 0;
78 return 1;
79}
80
Christopher Faulet7d081f02021-04-15 09:38:37 +020081/* set temp integer to the connection's source port. Depending on the
82 * keyword, it may be the frontend or the backend connection.
83 */
Willy Tarreau8987e7a2020-08-28 11:37:21 +020084static int
Christopher Faulet7d081f02021-04-15 09:38:37 +020085smp_fetch_sport(const struct arg *args, struct sample *smp, const char *kw, void *private)
Willy Tarreau8987e7a2020-08-28 11:37:21 +020086{
Christopher Faulet003df1c2021-04-15 09:39:38 +020087 struct connection *conn;
88
89 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
90 conn = (kw[0] == 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
91 else
92 conn = (kw[0] != 'b') ? objt_conn(smp->sess->origin) :
93 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreau8987e7a2020-08-28 11:37:21 +020094
Christopher Faulet7d081f02021-04-15 09:38:37 +020095 if (!conn)
Willy Tarreau8987e7a2020-08-28 11:37:21 +020096 return 0;
97
Christopher Faulet7d081f02021-04-15 09:38:37 +020098 if (!conn_get_src(conn))
Willy Tarreau8987e7a2020-08-28 11:37:21 +020099 return 0;
100
101 smp->data.type = SMP_T_SINT;
Christopher Faulet7d081f02021-04-15 09:38:37 +0200102 if (!(smp->data.u.sint = get_host_port(conn->src)))
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200103 return 0;
104
105 smp->flags = 0;
106 return 1;
107}
108
Christopher Faulet7d081f02021-04-15 09:38:37 +0200109/* fetch the connection's destination IPv4/IPv6 address. Depending on the
110 * keyword, it may be the frontend or the backend connection.
111 */
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200112static int
113smp_fetch_dst(const struct arg *args, struct sample *smp, const char *kw, void *private)
114{
Christopher Faulet003df1c2021-04-15 09:39:38 +0200115 struct connection *conn;
116
117 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
118 conn = (kw[0] == 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
119 else
120 conn = (kw[0] != 'b') ? objt_conn(smp->sess->origin) :
121 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200122
Christopher Faulet7d081f02021-04-15 09:38:37 +0200123 if (!conn)
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200124 return 0;
125
Christopher Faulet7d081f02021-04-15 09:38:37 +0200126 if (!conn_get_dst(conn))
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200127 return 0;
128
Christopher Faulet7d081f02021-04-15 09:38:37 +0200129 switch (conn->dst->ss_family) {
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200130 case AF_INET:
Christopher Faulet7d081f02021-04-15 09:38:37 +0200131 smp->data.u.ipv4 = ((struct sockaddr_in *)conn->dst)->sin_addr;
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200132 smp->data.type = SMP_T_IPV4;
133 break;
134 case AF_INET6:
Christopher Faulet7d081f02021-04-15 09:38:37 +0200135 smp->data.u.ipv6 = ((struct sockaddr_in6 *)conn->dst)->sin6_addr;
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200136 smp->data.type = SMP_T_IPV6;
137 break;
138 default:
139 return 0;
140 }
141
142 smp->flags = 0;
143 return 1;
144}
145
146/* check if the destination address of the front connection is local to the
147 * system or if it was intercepted.
148 */
149int smp_fetch_dst_is_local(const struct arg *args, struct sample *smp, const char *kw, void *private)
150{
151 struct connection *conn = objt_conn(smp->sess->origin);
152 struct listener *li = smp->sess->listener;
153
154 if (!conn)
155 return 0;
156
157 if (!conn_get_dst(conn))
158 return 0;
159
160 smp->data.type = SMP_T_BOOL;
161 smp->flags = 0;
Willy Tarreau818a92e2020-09-03 07:50:19 +0200162 smp->data.u.sint = addr_is_local(li->rx.settings->netns, conn->dst);
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200163 return smp->data.u.sint >= 0;
164}
165
166/* check if the source address of the front connection is local to the system
167 * or not.
168 */
169int smp_fetch_src_is_local(const struct arg *args, struct sample *smp, const char *kw, void *private)
170{
171 struct connection *conn = objt_conn(smp->sess->origin);
172 struct listener *li = smp->sess->listener;
173
174 if (!conn)
175 return 0;
176
177 if (!conn_get_src(conn))
178 return 0;
179
180 smp->data.type = SMP_T_BOOL;
181 smp->flags = 0;
Willy Tarreau818a92e2020-09-03 07:50:19 +0200182 smp->data.u.sint = addr_is_local(li->rx.settings->netns, conn->src);
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200183 return smp->data.u.sint >= 0;
184}
185
Christopher Faulet7d081f02021-04-15 09:38:37 +0200186/* set temp integer to the connexion's destination port. Depending on the
187 * keyword, it may be the frontend or the backend connection.
188 */
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200189static int
190smp_fetch_dport(const struct arg *args, struct sample *smp, const char *kw, void *private)
191{
Christopher Faulet003df1c2021-04-15 09:39:38 +0200192 struct connection *conn;
193
194 if (obj_type(smp->sess->origin) == OBJ_TYPE_CHECK)
195 conn = (kw[0] == 'b') ? cs_conn(__objt_check(smp->sess->origin)->cs) : NULL;
196 else
197 conn = (kw[0] != 'b') ? objt_conn(smp->sess->origin) :
198 smp->strm ? cs_conn(objt_cs(smp->strm->si[1].end)) : NULL;
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200199
Christopher Faulet7d081f02021-04-15 09:38:37 +0200200 if (!conn)
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200201 return 0;
202
Christopher Faulet7d081f02021-04-15 09:38:37 +0200203 if (!conn_get_dst(conn))
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200204 return 0;
205
206 smp->data.type = SMP_T_SINT;
Christopher Faulet7d081f02021-04-15 09:38:37 +0200207 if (!(smp->data.u.sint = get_host_port(conn->dst)))
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200208 return 0;
209
210 smp->flags = 0;
211 return 1;
212}
213
214#ifdef TCP_INFO
215
216
217/* Validates the arguments passed to "fc_*" fetch keywords returning a time
218 * value. These keywords support an optional string representing the unit of the
219 * result: "us" for microseconds and "ms" for milliseconds". Returns 0 on error
220 * and non-zero if OK.
221 */
222static int val_fc_time_value(struct arg *args, char **err)
223{
224 if (args[0].type == ARGT_STR) {
225 if (strcmp(args[0].data.str.area, "us") == 0) {
226 chunk_destroy(&args[0].data.str);
227 args[0].type = ARGT_SINT;
228 args[0].data.sint = TIME_UNIT_US;
229 }
230 else if (strcmp(args[0].data.str.area, "ms") == 0) {
231 chunk_destroy(&args[0].data.str);
232 args[0].type = ARGT_SINT;
233 args[0].data.sint = TIME_UNIT_MS;
234 }
235 else {
236 memprintf(err, "expects 'us' or 'ms', got '%s'",
237 args[0].data.str.area);
238 return 0;
239 }
240 }
241 else {
242 memprintf(err, "Unexpected arg type");
243 return 0;
244 }
245
246 return 1;
247}
248
249/* Validates the arguments passed to "fc_*" fetch keywords returning a
250 * counter. These keywords should be used without any keyword, but because of a
251 * bug in previous versions, an optional string argument may be passed. In such
252 * case, the argument is ignored and a warning is emitted. Returns 0 on error
253 * and non-zero if OK.
254 */
255static int var_fc_counter(struct arg *args, char **err)
256{
257 if (args[0].type != ARGT_STOP) {
258 ha_warning("no argument supported for 'fc_*' sample expressions returning counters.\n");
259 if (args[0].type == ARGT_STR)
260 chunk_destroy(&args[0].data.str);
261 args[0].type = ARGT_STOP;
262 }
263
264 return 1;
265}
266
267/* Returns some tcp_info data if it's available. "dir" must be set to 0 if
268 * the client connection is required, otherwise it is set to 1. "val" represents
269 * the required value.
270 * If the function fails it returns 0, otherwise it returns 1 and "result" is filled.
271 */
272static inline int get_tcp_info(const struct arg *args, struct sample *smp,
273 int dir, int val)
274{
275 struct connection *conn;
276 struct tcp_info info;
277 socklen_t optlen;
278
279 /* strm can be null. */
280 if (!smp->strm)
281 return 0;
282
283 /* get the object associated with the stream interface.The
284 * object can be other thing than a connection. For example,
285 * it be a appctx. */
286 conn = cs_conn(objt_cs(smp->strm->si[dir].end));
287 if (!conn)
288 return 0;
289
290 /* The fd may not be available for the tcp_info struct, and the
291 syscal can fail. */
292 optlen = sizeof(info);
Willy Tarreau4bfc6632021-03-31 08:45:47 +0200293 if (getsockopt(conn->handle.fd, IPPROTO_TCP, TCP_INFO, &info, &optlen) == -1)
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200294 return 0;
295
296 /* extract the value. */
297 smp->data.type = SMP_T_SINT;
298 switch (val) {
299 case 0: smp->data.u.sint = info.tcpi_rtt; break;
300 case 1: smp->data.u.sint = info.tcpi_rttvar; break;
301#if defined(__linux__)
302 /* these ones are common to all Linux versions */
303 case 2: smp->data.u.sint = info.tcpi_unacked; break;
304 case 3: smp->data.u.sint = info.tcpi_sacked; break;
305 case 4: smp->data.u.sint = info.tcpi_lost; break;
306 case 5: smp->data.u.sint = info.tcpi_retrans; break;
307 case 6: smp->data.u.sint = info.tcpi_fackets; break;
308 case 7: smp->data.u.sint = info.tcpi_reordering; break;
309#elif defined(__FreeBSD__) || defined(__NetBSD__)
310 /* the ones are found on FreeBSD and NetBSD featuring TCP_INFO */
311 case 2: smp->data.u.sint = info.__tcpi_unacked; break;
312 case 3: smp->data.u.sint = info.__tcpi_sacked; break;
313 case 4: smp->data.u.sint = info.__tcpi_lost; break;
314 case 5: smp->data.u.sint = info.__tcpi_retrans; break;
315 case 6: smp->data.u.sint = info.__tcpi_fackets; break;
316 case 7: smp->data.u.sint = info.__tcpi_reordering; break;
317#endif
318 default: return 0;
319 }
320
321 return 1;
322}
323
324/* get the mean rtt of a client connection */
325static int
326smp_fetch_fc_rtt(const struct arg *args, struct sample *smp, const char *kw, void *private)
327{
328 if (!get_tcp_info(args, smp, 0, 0))
329 return 0;
330
331 /* By default or if explicitly specified, convert rtt to ms */
332 if (!args || args[0].type == ARGT_STOP || args[0].data.sint == TIME_UNIT_MS)
333 smp->data.u.sint = (smp->data.u.sint + 500) / 1000;
334
335 return 1;
336}
337
338/* get the variance of the mean rtt of a client connection */
339static int
340smp_fetch_fc_rttvar(const struct arg *args, struct sample *smp, const char *kw, void *private)
341{
342 if (!get_tcp_info(args, smp, 0, 1))
343 return 0;
344
345 /* By default or if explicitly specified, convert rttvar to ms */
346 if (!args || args[0].type == ARGT_STOP || args[0].data.sint == TIME_UNIT_MS)
347 smp->data.u.sint = (smp->data.u.sint + 500) / 1000;
348
349 return 1;
350}
351
352#if defined(__linux__) || defined(__FreeBSD__) || defined(__NetBSD__)
353
354/* get the unacked counter on a client connection */
355static int
356smp_fetch_fc_unacked(const struct arg *args, struct sample *smp, const char *kw, void *private)
357{
358 if (!get_tcp_info(args, smp, 0, 2))
359 return 0;
360 return 1;
361}
362
363/* get the sacked counter on a client connection */
364static int
365smp_fetch_fc_sacked(const struct arg *args, struct sample *smp, const char *kw, void *private)
366{
367 if (!get_tcp_info(args, smp, 0, 3))
368 return 0;
369 return 1;
370}
371
372/* get the lost counter on a client connection */
373static int
374smp_fetch_fc_lost(const struct arg *args, struct sample *smp, const char *kw, void *private)
375{
376 if (!get_tcp_info(args, smp, 0, 4))
377 return 0;
378 return 1;
379}
380
381/* get the retrans counter on a client connection */
382static int
383smp_fetch_fc_retrans(const struct arg *args, struct sample *smp, const char *kw, void *private)
384{
385 if (!get_tcp_info(args, smp, 0, 5))
386 return 0;
387 return 1;
388}
389
390/* get the fackets counter on a client connection */
391static int
392smp_fetch_fc_fackets(const struct arg *args, struct sample *smp, const char *kw, void *private)
393{
394 if (!get_tcp_info(args, smp, 0, 6))
395 return 0;
396 return 1;
397}
398
399/* get the reordering counter on a client connection */
400static int
401smp_fetch_fc_reordering(const struct arg *args, struct sample *smp, const char *kw, void *private)
402{
403 if (!get_tcp_info(args, smp, 0, 7))
404 return 0;
405 return 1;
406}
407#endif // linux || freebsd || netbsd
408#endif // TCP_INFO
409
410/* Note: must not be declared <const> as its list will be overwritten.
411 * Note: fetches that may return multiple types must be declared as the lowest
412 * common denominator, the type that can be casted into all other ones. For
413 * instance v4/v6 must be declared v4.
414 */
415static struct sample_fetch_kw_list sample_fetch_keywords = {ILH, {
Christopher Faulet7d081f02021-04-15 09:38:37 +0200416 { "bc_dst", smp_fetch_dst, 0, NULL, SMP_T_SINT, SMP_USE_L4SRV },
417 { "bc_dst_port", smp_fetch_dport, 0, NULL, SMP_T_SINT, SMP_USE_L4SRV },
418 { "bc_src", smp_fetch_src, 0, NULL, SMP_T_SINT, SMP_USE_L4SRV },
419 { "bc_src_port", smp_fetch_sport, 0, NULL, SMP_T_SINT, SMP_USE_L4SRV },
420
Willy Tarreau8987e7a2020-08-28 11:37:21 +0200421 { "dst", smp_fetch_dst, 0, NULL, SMP_T_IPV4, SMP_USE_L4CLI },
422 { "dst_is_local", smp_fetch_dst_is_local, 0, NULL, SMP_T_BOOL, SMP_USE_L4CLI },
423 { "dst_port", smp_fetch_dport, 0, NULL, SMP_T_SINT, SMP_USE_L4CLI },
424 { "src", smp_fetch_src, 0, NULL, SMP_T_IPV4, SMP_USE_L4CLI },
425 { "src_is_local", smp_fetch_src_is_local, 0, NULL, SMP_T_BOOL, SMP_USE_L4CLI },
426 { "src_port", smp_fetch_sport, 0, NULL, SMP_T_SINT, SMP_USE_L4CLI },
427#ifdef TCP_INFO
428 { "fc_rtt", smp_fetch_fc_rtt, ARG1(0,STR), val_fc_time_value, SMP_T_SINT, SMP_USE_L4CLI },
429 { "fc_rttvar", smp_fetch_fc_rttvar, ARG1(0,STR), val_fc_time_value, SMP_T_SINT, SMP_USE_L4CLI },
430#if defined(__linux__) || defined(__FreeBSD__) || defined(__NetBSD__)
431 { "fc_unacked", smp_fetch_fc_unacked, ARG1(0,STR), var_fc_counter, SMP_T_SINT, SMP_USE_L4CLI },
432 { "fc_sacked", smp_fetch_fc_sacked, ARG1(0,STR), var_fc_counter, SMP_T_SINT, SMP_USE_L4CLI },
433 { "fc_retrans", smp_fetch_fc_retrans, ARG1(0,STR), var_fc_counter, SMP_T_SINT, SMP_USE_L4CLI },
434 { "fc_fackets", smp_fetch_fc_fackets, ARG1(0,STR), var_fc_counter, SMP_T_SINT, SMP_USE_L4CLI },
435 { "fc_lost", smp_fetch_fc_lost, ARG1(0,STR), var_fc_counter, SMP_T_SINT, SMP_USE_L4CLI },
436 { "fc_reordering", smp_fetch_fc_reordering, ARG1(0,STR), var_fc_counter, SMP_T_SINT, SMP_USE_L4CLI },
437#endif // linux || freebsd || netbsd
438#endif // TCP_INFO
439 { /* END */ },
440}};
441
442INITCALL1(STG_REGISTER, sample_register_fetches, &sample_fetch_keywords);
443
444
445/*
446 * Local variables:
447 * c-indent-level: 8
448 * c-basic-offset: 8
449 * End:
450 */