1berry/haproxy
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

MINOR: tcp-act: Rename "set-{mark,tos}" to "set-fc-{mark,tos}"

Browse Source 
"set-mark" and "set-tos" only alter packets from haproxy to client
(frontend connection). Since we may add support for equivalent keywords
on server side, we rename them with an explicit name to prevent
confusions.

Thus, we rename:
 - "set-mark" to "set-fc-mark"
 - "set-tos" to "set-fc-tos"

"set-mark" and "set-tos" were kept as aliases (to "set-fc-mark" and
"set-fc-tos" respectively) for now to prevent config breakage, but they
have been marked as deprecated so they can be removed in future version.
This commit is contained in:
Aurelien DARRAGON 2024-01-15 16:08:40 +01:00
parent eea3b94514
commit acf6383076
2 changed files with 68 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

66
doc/configuration.txt
View File

@ -13793,10 +13793,12 @@ send-spoe-group - - X X X X -
set-bandwidth-limit - - X X X X -
set-dst X X X - X - -
set-dst-port X X X - X - -
set-fc-mark X X X X X X -
set-fc-tos X X X X X X -
set-header - - - - X X X
set-log-level - - X X X X X
set-map - - - - X X X
set-mark X X X X X X -
set-mark (deprecated) X X X X X X -
set-method - - - - X - -
set-nice - - X X X X -
set-path - - - - X - -
@ -13809,7 +13811,7 @@ set-src X X X - X - -
set-src-port X X X - X - -
set-status - - - - - X X
set-timeout - - - - X X -
set-tos X X X X X X -
set-tos (deprecated) X X X X X X -
set-uri - - - - X - -
set-var X X X X X X X
set-var-fmt X X X X X X X
@ -14742,6 +14744,36 @@ set-dst-port <expr>
destination address to IPv4 "0.0.0.0" before rewriting the port.
set-fc-mark <mark>
Usable in: TCP RqCon| RqSes| RqCnt| RsCnt| HTTP Req| Res| Aft
X | X | X | X | X | X | -
This is used to set the Netfilter/IPFW MARK on all packets sent to the client
to the value passed in <mark> on platforms which support it. This value is an
unsigned 32 bit value which can be matched by netfilter/ipfw and by the
routing table or monitoring the packets through DTrace. It can be expressed
both in decimal or hexadecimal format (prefixed by "0x").
This can be useful to force certain packets to take a different route (for
example a cheaper network path for bulk downloads). This works on Linux
kernels 2.6.32 and above and requires admin privileges, as well on FreeBSD
and OpenBSD.
set-fc-tos <tos>
Usable in: TCP RqCon| RqSes| RqCnt| RsCnt| HTTP Req| Res| Aft
X | X | X | X | X | X | -
This is used to set the TOS or DSCP field value of packets sent to the client
to the value passed in <tos> on platforms which support this. This value
represents the whole 8 bits of the IP TOS field, and can be expressed both in
decimal or hexadecimal format (prefixed by "0x"). Note that only the 6 higher
bits are used in DSCP or TOS, and the two lower bits are always 0. This can
be used to adjust some routing behavior on border routers based on some
information from the request.
See RFC 2474, 2597, 3260 and 4594 for more information.
set-header <name> <fmt>
Usable in: TCP RqCon| RqSes| RqCnt| RsCnt| HTTP Req| Res| Aft
- | - | - | - | X | X | X
@ -14790,19 +14822,8 @@ set-map(<map-name>) <key fmt> <value fmt>
stats socket, but can be triggered by an HTTP request.
set-mark <mark>
Usable in: TCP RqCon| RqSes| RqCnt| RsCnt| HTTP Req| Res| Aft
X | X | X | X | X | X | -
This is used to set the Netfilter/IPFW MARK on all packets sent to the client
to the value passed in <mark> on platforms which support it. This value is an
unsigned 32 bit value which can be matched by netfilter/ipfw and by the
routing table or monitoring the packets through DTrace. It can be expressed
both in decimal or hexadecimal format (prefixed by "0x").
This can be useful to force certain packets to take a different route (for
example a cheaper network path for bulk downloads). This works on Linux
kernels 2.6.32 and above and requires admin privileges, as well on FreeBSD
and OpenBSD.
set-mark <mark> (deprecated)
This is an alias for "set-fc-mark" (which should be used instead).
set-method <fmt>
@ -14989,19 +15010,8 @@ set-timeout { client | server | tunnel } { <timeout> | <expr> }
http-response set-timeout server res.hdr(X-Refresh-Seconds),mul(1000)
set-tos <tos>
Usable in: TCP RqCon| RqSes| RqCnt| RsCnt| HTTP Req| Res| Aft
X | X | X | X | X | X | -
This is used to set the TOS or DSCP field value of packets sent to the client
to the value passed in <tos> on platforms which support this. This value
represents the whole 8 bits of the IP TOS field, and can be expressed both in
decimal or hexadecimal format (prefixed by "0x"). Note that only the 6 higher
bits are used in DSCP or TOS, and the two lower bits are always 0. This can
be used to adjust some routing behavior on border routers based on some
information from the request.
See RFC 2474, 2597, 3260 and 4594 for more information.
set-tos <tos> (deprecated)
This is an alias for "set-fc-tos" (which should be used instead).
set-uri <fmt>

48
src/tcp_act.c
View File

@ -389,8 +389,8 @@ static enum act_return tcp_exec_action_silent_drop(struct act_rule *rule, struct
#if defined(SO_MARK) || defined(SO_USER_COOKIE) || defined(SO_RTABLE)
static enum act_return tcp_action_set_mark(struct act_rule *rule, struct proxy *px,
struct session *sess, struct stream *s, int flags)
static enum act_return tcp_action_set_fc_mark(struct act_rule *rule, struct proxy *px,
struct session *sess, struct stream *s, int flags)
{
conn_set_mark(objt_conn(sess->origin), (uintptr_t)rule->arg.act.p[0]);
return ACT_RET_CONT;
@ -398,8 +398,8 @@ static enum act_return tcp_action_set_mark(struct act_rule *rule, struct proxy *
#endif
#ifdef IP_TOS
static enum act_return tcp_action_set_tos(struct act_rule *rule, struct proxy *px,
struct session *sess, struct stream *s, int flags)
static enum act_return tcp_action_set_fc_tos(struct act_rule *rule, struct proxy *px,
struct session *sess, struct stream *s, int flags)
{
conn_set_tos(objt_conn(sess->origin), (uintptr_t)rule->arg.act.p[0]);
return ACT_RET_CONT;
@ -585,7 +585,7 @@ static enum act_parse_ret tcp_parse_set_mark(const char **args, int *cur_arg, st
(*cur_arg)++;
/* Register processing function. */
rule->action_ptr = tcp_action_set_mark;
rule->action_ptr = tcp_action_set_fc_mark;
rule->action = ACT_CUSTOM;
rule->arg.act.p[0] = (void *)(uintptr_t)mark;
global.last_checks |= LSTCHK_NETADM;
@ -620,7 +620,7 @@ static enum act_parse_ret tcp_parse_set_tos(const char **args, int *cur_arg, str
(*cur_arg)++;
/* Register processing function. */
rule->action_ptr = tcp_action_set_tos;
rule->action_ptr = tcp_action_set_fc_tos;
rule->action = ACT_CUSTOM;
rule->arg.act.p[0] = (void *)(uintptr_t)tos;
return ACT_RET_PRS_OK;
@ -672,10 +672,12 @@ static enum act_parse_ret tcp_parse_silent_drop(const char **args, int *cur_arg,
static struct action_kw_list tcp_req_conn_actions = {ILH, {
{ "set-dst" , tcp_parse_set_src_dst },
{ "set-dst-port", tcp_parse_set_src_dst },
{ "set-mark", tcp_parse_set_mark },
{ "set-fc-mark", tcp_parse_set_mark },
{ "set-fc-tos", tcp_parse_set_tos },
{ "set-mark", tcp_parse_set_mark }, // DEPRECATED, see set-fc-mark
{ "set-src", tcp_parse_set_src_dst },
{ "set-src-port", tcp_parse_set_src_dst },
{ "set-tos", tcp_parse_set_tos },
{ "set-tos", tcp_parse_set_tos }, // DEPRECATED, see set-fc-tos
{ "silent-drop", tcp_parse_silent_drop },
{ /* END */ }
}};
@ -686,10 +688,12 @@ static struct action_kw_list tcp_req_sess_actions = {ILH, {
{ "attach-srv" , tcp_parse_attach_srv },
{ "set-dst" , tcp_parse_set_src_dst },
{ "set-dst-port", tcp_parse_set_src_dst },
{ "set-mark", tcp_parse_set_mark },
{ "set-fc-mark", tcp_parse_set_mark },
{ "set-fc-tos", tcp_parse_set_tos },
{ "set-mark", tcp_parse_set_mark }, // DEPRECATED, see set-fc-mark
{ "set-src", tcp_parse_set_src_dst },
{ "set-src-port", tcp_parse_set_src_dst },
{ "set-tos", tcp_parse_set_tos },
{ "set-tos", tcp_parse_set_tos }, // DEPRECATED, see set-fc-tos
{ "silent-drop", tcp_parse_silent_drop },
{ /* END */ }
}};
@ -699,10 +703,12 @@ INITCALL1(STG_REGISTER, tcp_req_sess_keywords_register, &tcp_req_sess_actions);
static struct action_kw_list tcp_req_cont_actions = {ILH, {
{ "set-dst" , tcp_parse_set_src_dst },
{ "set-dst-port", tcp_parse_set_src_dst },
{ "set-mark", tcp_parse_set_mark },
{ "set-fc-mark", tcp_parse_set_mark },
{ "set-fc-tos", tcp_parse_set_tos },
{ "set-mark", tcp_parse_set_mark }, // DEPRECATED, see set-fc-mark
{ "set-src", tcp_parse_set_src_dst },
{ "set-src-port", tcp_parse_set_src_dst },
{ "set-tos", tcp_parse_set_tos },
{ "set-tos", tcp_parse_set_tos }, // DEPRECATED, see set-fc-tos
{ "silent-drop", tcp_parse_silent_drop },
{ /* END */ }
}};
@ -710,8 +716,10 @@ static struct action_kw_list tcp_req_cont_actions = {ILH, {
INITCALL1(STG_REGISTER, tcp_req_cont_keywords_register, &tcp_req_cont_actions);
static struct action_kw_list tcp_res_cont_actions = {ILH, {
{ "set-mark", tcp_parse_set_mark },
{ "set-tos", tcp_parse_set_tos },
{ "set-fc-mark", tcp_parse_set_mark },
{ "set-fc-tos", tcp_parse_set_tos },
{ "set-mark", tcp_parse_set_mark }, // DEPRECATED, see set-fc-mark
{ "set-tos", tcp_parse_set_tos }, // DEPRECATED, see set-fc-tos
{ "silent-drop", tcp_parse_silent_drop },
{ /* END */ }
}};
@ -721,10 +729,12 @@ INITCALL1(STG_REGISTER, tcp_res_cont_keywords_register, &tcp_res_cont_actions);
static struct action_kw_list http_req_actions = {ILH, {
{ "set-dst", tcp_parse_set_src_dst },
{ "set-dst-port", tcp_parse_set_src_dst },
{ "set-mark", tcp_parse_set_mark },
{ "set-fc-mark", tcp_parse_set_mark },
{ "set-fc-tos", tcp_parse_set_tos },
{ "set-mark", tcp_parse_set_mark }, // DEPRECATED, see set-fc-mark
{ "set-src", tcp_parse_set_src_dst },
{ "set-src-port", tcp_parse_set_src_dst },
{ "set-tos", tcp_parse_set_tos },
{ "set-tos", tcp_parse_set_tos }, // DEPRECATED, see set-fc-tos
{ "silent-drop", tcp_parse_silent_drop },
{ /* END */ }
}};
@ -732,8 +742,10 @@ static struct action_kw_list http_req_actions = {ILH, {
INITCALL1(STG_REGISTER, http_req_keywords_register, &http_req_actions);
static struct action_kw_list http_res_actions = {ILH, {
{ "set-mark", tcp_parse_set_mark },
{ "set-tos", tcp_parse_set_tos },
{ "set-fc-mark", tcp_parse_set_mark },
{ "set-fc-tos", tcp_parse_set_tos },
{ "set-mark", tcp_parse_set_mark }, // DEPRECATED, see set-fc-mark
{ "set-tos", tcp_parse_set_tos }, // DEPRECATED, see set-fc-tos
{ "silent-drop", tcp_parse_silent_drop },
{ /* END */ }
}};