Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 1 | /* |
| 2 | * Action management functions. |
| 3 | * |
| 4 | * Copyright 2017 HAProxy Technologies, Christopher Faulet <cfaulet@haproxy.com> |
| 5 | * |
| 6 | * This program is free software; you can redistribute it and/or |
| 7 | * modify it under the terms of the GNU General Public License |
| 8 | * as published by the Free Software Foundation; either version |
| 9 | * 2 of the License, or (at your option) any later version. |
| 10 | * |
| 11 | */ |
| 12 | |
Willy Tarreau | 4c7e4b7 | 2020-05-27 12:58:42 +0200 | [diff] [blame] | 13 | #include <haproxy/api.h> |
Willy Tarreau | d0ef439 | 2020-06-02 09:38:52 +0200 | [diff] [blame] | 14 | #include <haproxy/pool.h> |
Willy Tarreau | 853b297 | 2020-05-27 18:01:47 +0200 | [diff] [blame] | 15 | #include <haproxy/list.h> |
Willy Tarreau | 48fbcae | 2020-06-03 18:09:46 +0200 | [diff] [blame] | 16 | #include <haproxy/tools.h> |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 17 | |
| 18 | #include <proto/action.h> |
Christopher Faulet | ac98d81 | 2019-12-18 09:20:16 +0100 | [diff] [blame] | 19 | #include <proto/log.h> |
Baptiste Assmann | 333939c | 2019-01-21 08:34:50 +0100 | [diff] [blame] | 20 | #include <proto/obj_type.h> |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 21 | #include <proto/proxy.h> |
| 22 | #include <proto/stick_table.h> |
Baptiste Assmann | 333939c | 2019-01-21 08:34:50 +0100 | [diff] [blame] | 23 | #include <proto/task.h> |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 24 | |
| 25 | |
Christopher Faulet | ac98d81 | 2019-12-18 09:20:16 +0100 | [diff] [blame] | 26 | /* Find and check the target table used by an action track-sc*. This |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 27 | * function should be called during the configuration validity check. |
| 28 | * |
| 29 | * The function returns 1 in success case, otherwise, it returns 0 and err is |
| 30 | * filled. |
| 31 | */ |
| 32 | int check_trk_action(struct act_rule *rule, struct proxy *px, char **err) |
| 33 | { |
Frédéric Lécaille | 1b8e68e | 2019-03-14 07:07:41 +0100 | [diff] [blame] | 34 | struct stktable *target; |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 35 | |
| 36 | if (rule->arg.trk_ctr.table.n) |
Frédéric Lécaille | 1b8e68e | 2019-03-14 07:07:41 +0100 | [diff] [blame] | 37 | target = stktable_find_by_name(rule->arg.trk_ctr.table.n); |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 38 | else |
Frédéric Lécaille | 1b8e68e | 2019-03-14 07:07:41 +0100 | [diff] [blame] | 39 | target = px->table; |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 40 | |
| 41 | if (!target) { |
| 42 | memprintf(err, "unable to find table '%s' referenced by track-sc%d", |
Frédéric Lécaille | 1b8e68e | 2019-03-14 07:07:41 +0100 | [diff] [blame] | 43 | rule->arg.trk_ctr.table.n ? rule->arg.trk_ctr.table.n : px->id, |
Christopher Faulet | ac98d81 | 2019-12-18 09:20:16 +0100 | [diff] [blame] | 44 | rule->action); |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 45 | return 0; |
| 46 | } |
Frédéric Lécaille | 1b8e68e | 2019-03-14 07:07:41 +0100 | [diff] [blame] | 47 | |
| 48 | if (!stktable_compatible_sample(rule->arg.trk_ctr.expr, target->type)) { |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 49 | memprintf(err, "stick-table '%s' uses a type incompatible with the 'track-sc%d' rule", |
| 50 | rule->arg.trk_ctr.table.n ? rule->arg.trk_ctr.table.n : px->id, |
Christopher Faulet | ac98d81 | 2019-12-18 09:20:16 +0100 | [diff] [blame] | 51 | rule->action); |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 52 | return 0; |
| 53 | } |
Frédéric Lécaille | 1b8e68e | 2019-03-14 07:07:41 +0100 | [diff] [blame] | 54 | else if (target->proxy && (px->bind_proc & ~target->proxy->bind_proc)) { |
Willy Tarreau | 151e1ca | 2019-02-05 11:38:38 +0100 | [diff] [blame] | 55 | memprintf(err, "stick-table '%s' referenced by 'track-sc%d' rule not present on all processes covered by proxy '%s'", |
Christopher Faulet | ac98d81 | 2019-12-18 09:20:16 +0100 | [diff] [blame] | 56 | target->id, rule->action, px->id); |
Willy Tarreau | 151e1ca | 2019-02-05 11:38:38 +0100 | [diff] [blame] | 57 | return 0; |
| 58 | } |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 59 | else { |
Frédéric Lécaille | be36793 | 2019-08-07 09:28:39 +0200 | [diff] [blame] | 60 | if (!in_proxies_list(target->proxies_list, px)) { |
Frédéric Lécaille | 015e4d7 | 2019-03-19 14:55:01 +0100 | [diff] [blame] | 61 | px->next_stkt_ref = target->proxies_list; |
| 62 | target->proxies_list = px; |
| 63 | } |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 64 | free(rule->arg.trk_ctr.table.n); |
Frédéric Lécaille | 1b8e68e | 2019-03-14 07:07:41 +0100 | [diff] [blame] | 65 | rule->arg.trk_ctr.table.t = target; |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 66 | /* Note: if we decide to enhance the track-sc syntax, we may be |
| 67 | * able to pass a list of counters to track and allocate them |
| 68 | * right here using stktable_alloc_data_type(). |
| 69 | */ |
| 70 | } |
Christopher Faulet | ac98d81 | 2019-12-18 09:20:16 +0100 | [diff] [blame] | 71 | |
| 72 | if (rule->from == ACT_F_TCP_REQ_CNT && (px->cap & PR_CAP_FE) && !px->tcp_req.inspect_delay && |
| 73 | !(rule->arg.trk_ctr.expr->fetch->val & SMP_VAL_FE_SES_ACC)) { |
| 74 | ha_warning("config : %s '%s' : a 'tcp-request content track-sc*' rule explicitly depending on request" |
| 75 | " contents without any 'tcp-request inspect-delay' setting." |
| 76 | " This means that this rule will randomly find its contents. This can be fixed by" |
| 77 | " setting the tcp-request inspect-delay.\n", |
| 78 | proxy_type_str(px), px->id); |
| 79 | } |
| 80 | |
Christopher Faulet | 78880fb | 2017-09-18 14:43:55 +0200 | [diff] [blame] | 81 | return 1; |
| 82 | } |
| 83 | |
Christopher Faulet | d73b96d | 2019-12-19 17:27:03 +0100 | [diff] [blame] | 84 | /* check a capture rule. This function should be called during the configuration |
| 85 | * validity check. |
| 86 | * |
| 87 | * The function returns 1 in success case, otherwise, it returns 0 and err is |
| 88 | * filled. |
| 89 | */ |
| 90 | int check_capture(struct act_rule *rule, struct proxy *px, char **err) |
| 91 | { |
| 92 | if (rule->from == ACT_F_TCP_REQ_CNT && (px->cap & PR_CAP_FE) && !px->tcp_req.inspect_delay && |
| 93 | !(rule->arg.trk_ctr.expr->fetch->val & SMP_VAL_FE_SES_ACC)) { |
| 94 | ha_warning("config : %s '%s' : a 'tcp-request capture' rule explicitly depending on request" |
| 95 | " contents without any 'tcp-request inspect-delay' setting." |
| 96 | " This means that this rule will randomly find its contents. This can be fixed by" |
| 97 | " setting the tcp-request inspect-delay.\n", |
| 98 | proxy_type_str(px), px->id); |
| 99 | } |
| 100 | |
| 101 | return 1; |
| 102 | } |
| 103 | |
Baptiste Assmann | 333939c | 2019-01-21 08:34:50 +0100 | [diff] [blame] | 104 | int act_resolution_cb(struct dns_requester *requester, struct dns_nameserver *nameserver) |
| 105 | { |
| 106 | struct stream *stream; |
| 107 | |
| 108 | if (requester->resolution == NULL) |
| 109 | return 0; |
| 110 | |
| 111 | stream = objt_stream(requester->owner); |
| 112 | if (stream == NULL) |
| 113 | return 0; |
| 114 | |
| 115 | task_wakeup(stream->task, TASK_WOKEN_MSG); |
| 116 | |
| 117 | return 0; |
| 118 | } |
| 119 | |
| 120 | int act_resolution_error_cb(struct dns_requester *requester, int error_code) |
| 121 | { |
| 122 | struct stream *stream; |
| 123 | |
| 124 | if (requester->resolution == NULL) |
| 125 | return 0; |
| 126 | |
| 127 | stream = objt_stream(requester->owner); |
| 128 | if (stream == NULL) |
| 129 | return 0; |
| 130 | |
| 131 | task_wakeup(stream->task, TASK_WOKEN_MSG); |
| 132 | |
| 133 | return 0; |
| 134 | } |
| 135 | |