RepoMirrors
/
haproxy
mirror of http://git.haproxy.org/git/haproxy.git/
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
haproxy/include/proto/proto_tcp.h

68 lines
2.4 KiB
C
Raw Normal View History

[MAJOR] create proto_tcp and move initialization of proxy listeners Proxy listeners were very special and not very easy to manipulate. A proto_tcp file has been created with all that is required to manage TCPv4/TCPv6 as raw protocols, and provide generic listeners. The code of start_proxies() and maintain_proxies() now looks less like spaghetti. Also, event_accept will need a serious lifting in order to use more of the information provided by the listener.
2007-10-29 00:09:36 +00:00
/*
[MEDIUM] backend: move the transparent proxy address selection to backend The transparent proxy address selection was set in the TCP connect function which is not the most appropriate place since this function has limited access to the amount of parameters which could produce a source address. Instead, now we determine the source address in backend.c:connect_server(), right after calling assign_server_address() and we assign this address in the session and pass it to the TCP connect function. This cannot be performed in assign_server_address() itself because in some cases (transparent mode, dispatch mode or http_proxy mode), we assign the address somewhere else. This change will open the ability to bind to addresses extracted from many other criteria (eg: from a header).
2010-03-29 17:36:59 +00:00
* include/proto/proto_tcp.h
* This file contains TCP socket protocol definitions.
*
MEDIUM: samples: move payload-based fetches and ACLs to their own file The file acl.c is a real mess, it both contains functions to parse and process ACLs, and some sample extraction functions which act on buffers. Some other payload analysers were arbitrarily dispatched to proto_tcp.c. So now we're moving all payload-based fetches and ACLs to payload.c which is capable of extracting data from buffers and rely on everything that is protocol-independant. That way we can safely inflate this file and only use the other ones when some fetches are really specific (eg: HTTP, SSL, ...). As a result of this cleanup, the following new sample fetches became available even if they're not really useful : always_false, always_true, rep_ssl_hello_type, rdp_cookie_cnt, req_len, req_ssl_hello_type, req_ssl_sni, req_ssl_ver, wait_end The function 'acl_fetch_nothing' was wrong and never used anywhere so it was removed. The "rdp_cookie" sample fetch used to have a mandatory argument while it was optional in ACLs, which are supposed to iterate over RDP cookies. So we're making it optional as a fetch too, and it will return the first one.
2013-01-07 20:59:07 +00:00
* Copyright (C) 2000-2013 Willy Tarreau - w@1wt.eu
[MEDIUM] backend: move the transparent proxy address selection to backend The transparent proxy address selection was set in the TCP connect function which is not the most appropriate place since this function has limited access to the amount of parameters which could produce a source address. Instead, now we determine the source address in backend.c:connect_server(), right after calling assign_server_address() and we assign this address in the session and pass it to the TCP connect function. This cannot be performed in assign_server_address() itself because in some cases (transparent mode, dispatch mode or http_proxy mode), we assign the address somewhere else. This change will open the ability to bind to addresses extracted from many other criteria (eg: from a header).
2010-03-29 17:36:59 +00:00
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation, version 2.1
* exclusively.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
*/
[MAJOR] create proto_tcp and move initialization of proxy listeners Proxy listeners were very special and not very easy to manipulate. A proto_tcp file has been created with all that is required to manage TCPv4/TCPv6 as raw protocols, and provide generic listeners. The code of start_proxies() and maintain_proxies() now looks less like spaghetti. Also, event_accept will need a serious lifting in order to use more of the information provided by the listener.
2007-10-29 00:09:36 +00:00
#ifndef _PROTO_PROTO_TCP_H
#define _PROTO_PROTO_TCP_H
#include <common/config.h>
CLEANUP: actions: missplaced includes The include of action.h are misplaced.
2015-09-10 16:28:10 +00:00
#include <types/action.h>
[MAJOR] create proto_tcp and move initialization of proxy listeners Proxy listeners were very special and not very easy to manipulate. A proto_tcp file has been created with all that is required to manage TCPv4/TCPv6 as raw protocols, and provide generic listeners. The code of start_proxies() and maintain_proxies() now looks less like spaghetti. Also, event_accept will need a serious lifting in order to use more of the information provided by the listener.
2007-10-29 00:09:36 +00:00
#include <types/task.h>
[MAJOR] session: add track-counters to track counters related to the session This patch adds the ability to set a pointer in the session to an entry in a stick table which holds various counters related to a specific pattern. Right now the syntax matches the target syntax and only the "src" pattern can be specified, to track counters related to the session's IPv4 source address. There is a special function to extract it and convert it to a key. But the goal is to be able to later support as many patterns as for the stick rules, and get rid of the specific function. The "track-counters" directive may only be set in a "tcp-request" statement right now. Only the first one applies. Probably that later we'll support multi-criteria tracking for a single session and that we'll have to name tracking pointers. No counter is updated right now, only the refcount is. Some subsequent patches will have to bring that feature.
2010-06-14 19:04:55 +00:00
#include <proto/stick_table.h>
[MAJOR] create proto_tcp and move initialization of proxy listeners Proxy listeners were very special and not very easy to manipulate. A proto_tcp file has been created with all that is required to manage TCPv4/TCPv6 as raw protocols, and provide generic listeners. The code of start_proxies() and maintain_proxies() now looks less like spaghetti. Also, event_accept will need a serious lifting in order to use more of the information provided by the listener.
2007-10-29 00:09:36 +00:00
[MEDIUM] add internal support for IPv6 server addresses This patch turns internal server addresses to sockaddr_storage to store IPv6 addresses, and makes the connect() function use it. This code already works but some caveats with getaddrinfo/gethostbyname still need to be sorted out while the changes had to be merged at this stage of internal architecture changes. So for now the config parser will not emit an IPv6 address yet so that user experience remains unchanged. This change should have absolutely zero user-visible effect, otherwise it's a bug introduced during the merge, that should be reported ASAP.
2011-03-10 21:26:24 +00:00
int tcp_bind_socket(int fd, int flags, struct sockaddr_storage *local, struct sockaddr_storage *remote);
[MAJOR] create proto_tcp and move initialization of proxy listeners Proxy listeners were very special and not very easy to manipulate. A proto_tcp file has been created with all that is required to manage TCPv4/TCPv6 as raw protocols, and provide generic listeners. The code of start_proxies() and maintain_proxies() now looks less like spaghetti. Also, event_accept will need a serious lifting in order to use more of the information provided by the listener.
2007-10-29 00:09:36 +00:00
void tcpv4_add_listener(struct listener *listener);
void tcpv6_add_listener(struct listener *listener);
MEDIUM: listener: implement a per-protocol pause() function In order to fix the abstact socket pause mechanism during soft restarts, we'll need to proceed differently depending on the socket protocol. The pause_listener() function already supports some protocol-specific handling for the TCP case. This commit makes this cleaner by adding a new ->pause() function to the protocol struct, which, if defined, may be used to pause a listener of a given protocol. For now, only TCP has been adapted, with the specific code moved from pause_listener() to tcp_pause_listener().
2014-07-07 18:22:12 +00:00
int tcp_pause_listener(struct listener *l);
MEDIUM: tcp: add explicit support for delayed ACK in connect() Commit 24db47e0 tried to improve support for delayed ACK upon connect but it was incomplete, because checks with the proxy protocol would always enable polling for data receive and there was no way of distinguishing data polling and delayed ack. So we add a distinct delack flag to the connect() function so that the caller decides whether or not to use a delayed ack regardless of pending data (eg: when send-proxy is in use). Doing so covers all combinations of { (check with data), (sendproxy), (smart-connect) }.
2012-11-24 09:24:27 +00:00
int tcp_connect_server(struct connection *conn, int data, int delack);
MEDIUM: stream_interface: pass connection instead of fd in sock_ops The sock_ops I/O callbacks made use of an FD till now. This has become inappropriate and the struct connection is much more useful. It also fixes the race condition introduced by previous change.
2012-07-23 16:53:03 +00:00
int tcp_connect_probe(struct connection *conn);
BUG/MEDIUM: stream_interface: restore get_src/get_dst Commit e164e7a removed get_src/get_dst setting in the stream interfaces but forgot to set it in proto_tcp. Get the feature back because we need it for logging, transparent mode, ACLs etc... We now rely on the stream interface direction to know what syscall to use. One benefit of doing it this way is that we don't use getsockopt() anymore on outgoing stream interfaces nor on UNIX sockets.
2012-05-11 14:16:40 +00:00
int tcp_get_src(int fd, struct sockaddr *sa, socklen_t salen, int dir);
int tcp_get_dst(int fd, struct sockaddr *sa, socklen_t salen, int dir);
MEDIUM: protocol: implement a "drain" function in protocol layers Since commit cfd97c6f was merged into 1.5-dev14 (BUG/MEDIUM: checks: prevent TIME_WAITs from appearing also on timeouts), some valid health checks sometimes used to show some TCP resets. For example, this HTTP health check sent to a local server : 19:55:15.742818 IP 127.0.0.1.16568 > 127.0.0.1.8000: S 3355859679:3355859679(0) win 32792 <mss 16396,nop,nop,sackOK,nop,wscale 7> 19:55:15.742841 IP 127.0.0.1.8000 > 127.0.0.1.16568: S 1060952566:1060952566(0) ack 3355859680 win 32792 <mss 16396,nop,nop,sackOK,nop,wscale 7> 19:55:15.742863 IP 127.0.0.1.16568 > 127.0.0.1.8000: . ack 1 win 257 19:55:15.745402 IP 127.0.0.1.16568 > 127.0.0.1.8000: P 1:23(22) ack 1 win 257 19:55:15.745488 IP 127.0.0.1.8000 > 127.0.0.1.16568: FP 1:146(145) ack 23 win 257 19:55:15.747109 IP 127.0.0.1.16568 > 127.0.0.1.8000: R 23:23(0) ack 147 win 257 After some discussion with Chris Huang-Leaver, it appeared clear that what we want is to only send the RST when we have no other choice, which means when the server has not closed. So we still keep SYN/SYN-ACK/RST for pure TCP checks, but don't want to see an RST emitted as above when the server has already sent the FIN. The solution against this consists in implementing a "drain" function at the protocol layer, which, when defined, causes as much as possible of the input socket buffer to be flushed to make recv() return zero so that we know that the server's FIN was received and ACKed. On Linux, we can make use of MSG_TRUNC on TCP sockets, which has the benefit of draining everything at once without even copying data. On other platforms, we read up to one buffer of data before the close. If recv() manages to get the final zero, we don't disable lingering. Same for hard errors. Otherwise we do. In practice, on HTTP health checks we generally find that the close was pending and is returned upon first recv() call. The network trace becomes cleaner : 19:55:23.650621 IP 127.0.0.1.16561 > 127.0.0.1.8000: S 3982804816:3982804816(0) win 32792 <mss 16396,nop,nop,sackOK,nop,wscale 7> 19:55:23.650644 IP 127.0.0.1.8000 > 127.0.0.1.16561: S 4082139313:4082139313(0) ack 3982804817 win 32792 <mss 16396,nop,nop,sackOK,nop,wscale 7> 19:55:23.650666 IP 127.0.0.1.16561 > 127.0.0.1.8000: . ack 1 win 257 19:55:23.651615 IP 127.0.0.1.16561 > 127.0.0.1.8000: P 1:23(22) ack 1 win 257 19:55:23.651696 IP 127.0.0.1.8000 > 127.0.0.1.16561: FP 1:146(145) ack 23 win 257 19:55:23.652628 IP 127.0.0.1.16561 > 127.0.0.1.8000: F 23:23(0) ack 147 win 257 19:55:23.652655 IP 127.0.0.1.8000 > 127.0.0.1.16561: . ack 24 win 257 This change should be backported to 1.4 which is where Chris encountered this issue. The code is different, so probably the tcp_drain() function will have to be put in the checks only.
2013-06-10 17:56:38 +00:00
int tcp_drain(int fd);
REORG/MAJOR: session: rename the "session" entity to "stream" With HTTP/2, we'll have to support multiplexed streams. A stream is in fact the largest part of what we currently call a session, it has buffers, logs, etc. In order to catch any error, this commit removes any reference to the struct session and tries to rename most "session" occurrences in function names to "stream" and "sess" to "strm" when that's related to a session. The files stream.{c,h} were added and session.{c,h} removed. The session will be reintroduced later and a few parts of the stream will progressively be moved overthere. It will more or less contain only what we need in an embryonic session. Sample fetch functions and converters will have to change a bit so that they'll use an L5 (session) instead of what's currently called "L4" which is in fact L6 for now. Once all changes are completed, we should see approximately this : L7 - http_txn L6 - stream L5 - session L4 - connection | applet There will be at most one http_txn per stream, and a same session will possibly be referenced by multiple streams. A connection will point to a session and to a stream. The session will hold all the information we need to keep even when we don't yet have a stream. Some more cleanup is needed because some code was already far from being clean. The server queue management still refers to sessions at many places while comments talk about connections. This will have to be cleaned up once we have a server-side connection pool manager. Stream flags "SN_*" still need to be renamed, it doesn't seem like any of them will need to move to the session.
2015-04-02 22:22:06 +00:00
int tcp_inspect_request(struct stream *s, struct channel *req, int an_bit);
int tcp_inspect_response(struct stream *s, struct channel *rep, int an_bit);
MAJOR: tcp: make tcp_exec_req_rules() only rely on the session It passes a NULL wherever a stream was needed (acl_exec_cond() and action_ptr mainly). It can still track the connection rate correctly and block based on ACLs.
2015-04-04 14:41:45 +00:00
int tcp_exec_req_rules(struct session *sess);
[MAJOR] create proto_tcp and move initialization of proxy listeners Proxy listeners were very special and not very easy to manipulate. A proto_tcp file has been created with all that is required to manage TCPv4/TCPv6 as raw protocols, and provide generic listeners. The code of start_proxies() and maintain_proxies() now looks less like spaghetti. Also, event_accept will need a serious lifting in order to use more of the information provided by the listener.
2007-10-29 00:09:36 +00:00
MEDIUM: tcp: add register keyword system. This patch introduces an action keyword registration system for TCP rulesets similar to what is available for HTTP rulesets. This sytem will be useful with lua.
2014-12-12 18:41:33 +00:00
/* TCP keywords. */
MEDIUM: actions: Merge (http|tcp)-(request|reponse) keywords structs This patch merges the conguration keyword struct. Each declared configuration keyword struct are similar with the others. This patch simplify the code.
2015-08-19 07:01:53 +00:00
void tcp_req_conn_keywords_register(struct action_kw_list *kw_list);
void tcp_req_cont_keywords_register(struct action_kw_list *kw_list);
void tcp_res_cont_keywords_register(struct action_kw_list *kw_list);
MEDIUM: tcp: add register keyword system. This patch introduces an action keyword registration system for TCP rulesets similar to what is available for HTTP rulesets. This sytem will be useful with lua.
2014-12-12 18:41:33 +00:00
MINOR: sample/proto_tcp: export "smp_fetch_src" This patch exports the sample fetch "smp_fetch_src()".
2015-07-24 07:12:15 +00:00
/* Export some samples. */
int smp_fetch_src(const struct arg *args, struct sample *smp, const char *kw, void *private);
[MAJOR] session: add track-counters to track counters related to the session This patch adds the ability to set a pointer in the session to an entry in a stick table which holds various counters related to a specific pattern. Right now the syntax matches the target syntax and only the "src" pattern can be specified, to track counters related to the session's IPv4 source address. There is a special function to extract it and convert it to a key. But the goal is to be able to later support as many patterns as for the stick rules, and get rid of the specific function. The "track-counters" directive may only be set in a "tcp-request" statement right now. Only the first one applies. Probably that later we'll support multi-criteria tracking for a single session and that we'll have to name tracking pointers. No counter is updated right now, only the refcount is. Some subsequent patches will have to bring that feature.
2010-06-14 19:04:55 +00:00
MINOR: actions: change actions names For performances considerations, some actions are not processed by remote function. They are directly processed by the function. Some of these actions does the same things but for different processing part (request / response). This patch give the same name for the same actions, and change the normalization of the other actions names. This patch is ONLY a rename, it doesn't modify the code.
2015-08-05 17:05:19 +00:00
/* for a tcp-request action ACT_TCP_TRK_*, return a tracking index starting at
BUG/MINOR: config: report the correct track-sc number in tcp-rules When parsing track-sc* actions in tcp-request rules, we now automatically compute the track-sc identifier number using %d when displaying an error message. But the ID has become wrong since we introduced sc0, we continue to report id+1 in error messages causing some confusion. No backport is needed.
2013-12-02 22:29:05 +00:00
* zero for SC0. Unknown actions also return zero.
MINOR: counters: make it easier to extend the amount of tracked counters By properly affecting the flags and values, it becomes easier to add more tracked counters, for example for experimentation. It also slightly reduces the code and the number of tests. No counters were added with this patch.
2013-05-28 15:40:25 +00:00
*/
static inline int tcp_trk_idx(int trk_action)
{
MINOR: actions: change actions names For performances considerations, some actions are not processed by remote function. They are directly processed by the function. Some of these actions does the same things but for different processing part (request / response). This patch give the same name for the same actions, and change the normalization of the other actions names. This patch is ONLY a rename, it doesn't modify the code.
2015-08-05 17:05:19 +00:00
return trk_action - ACT_ACTION_TRK_SC0;
MINOR: counters: make it easier to extend the amount of tracked counters By properly affecting the flags and values, it becomes easier to add more tracked counters, for example for experimentation. It also slightly reduces the code and the number of tests. No counters were added with this patch.
2013-05-28 15:40:25 +00:00
}
[MAJOR] session: add track-counters to track counters related to the session This patch adds the ability to set a pointer in the session to an entry in a stick table which holds various counters related to a specific pattern. Right now the syntax matches the target syntax and only the "src" pattern can be specified, to track counters related to the session's IPv4 source address. There is a special function to extract it and convert it to a key. But the goal is to be able to later support as many patterns as for the stick rules, and get rid of the specific function. The "track-counters" directive may only be set in a "tcp-request" statement right now. Only the first one applies. Probably that later we'll support multi-criteria tracking for a single session and that we'll have to name tracking pointers. No counter is updated right now, only the refcount is. Some subsequent patches will have to bring that feature.
2010-06-14 19:04:55 +00:00
[MAJOR] create proto_tcp and move initialization of proxy listeners Proxy listeners were very special and not very easy to manipulate. A proto_tcp file has been created with all that is required to manage TCPv4/TCPv6 as raw protocols, and provide generic listeners. The code of start_proxies() and maintain_proxies() now looks less like spaghetti. Also, event_accept will need a serious lifting in order to use more of the information provided by the listener.
2007-10-29 00:09:36 +00:00
#endif /* _PROTO_PROTO_TCP_H */
/*
* Local variables:
* c-indent-level: 8
* c-basic-offset: 8
* End:
*/