diff --git a/doc/configuration.txt b/doc/configuration.txt index 8aaf91249..649ded2a3 100644 --- a/doc/configuration.txt +++ b/doc/configuration.txt @@ -9824,6 +9824,8 @@ tcp-check connect [params*] send-proxy send a PROXY protocol string + via-socks4 enables outgoing health checks using upstream socks4 proxy. + ssl opens a ciphered connection sni specifies the SNI to use to do health checks over SSL. diff --git a/include/types/checks.h b/include/types/checks.h index 14513c93e..0edc726d9 100644 --- a/include/types/checks.h +++ b/include/types/checks.h @@ -217,6 +217,7 @@ struct analyze_status { #define TCPCHK_OPT_SSL 0x0002 /* SSL connection */ #define TCPCHK_OPT_LINGER 0x0004 /* Do not RST connection, let it linger */ #define TCPCHK_OPT_DEFAULT_CONNECT 0x0008 /* Do a connect using server params */ +#define TCPCHK_OPT_SOCKS4 0x0010 /* check the connection via socks4 proxy */ struct tcpcheck_connect { uint16_t port; /* port to connect to */ diff --git a/src/checks.c b/src/checks.c index b2322b2e3..97f68f1a8 100644 --- a/src/checks.c +++ b/src/checks.c @@ -2922,7 +2922,10 @@ static enum tcpcheck_eval_ret tcpcheck_eval_connect(struct check *check, struct ssl_sock_set_servername(conn, connect->sni); } #endif - /* TODO: add support for sock4 option */ + if ((connect->options & TCPCHK_OPT_SOCKS4) && (s->flags & SRV_F_SOCKS4_PROXY)) { + conn->send_proxy_ofs = 1; + conn->flags |= CO_FL_SOCKS4; + } if (connect->options & TCPCHK_OPT_SEND_PROXY) { conn->send_proxy_ofs = 1; conn->flags |= CO_FL_SEND_PROXY; @@ -4118,6 +4121,8 @@ static struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, st } else if (strcmp(args[cur_arg], "send-proxy") == 0) conn_opts |= TCPCHK_OPT_SEND_PROXY; + else if (strcmp(args[cur_arg], "via-socks4") == 0) + conn_opts |= TCPCHK_OPT_SOCKS4; else if (strcmp(args[cur_arg], "linger") == 0) conn_opts |= TCPCHK_OPT_LINGER; #ifdef USE_OPENSSL @@ -4145,7 +4150,7 @@ static struct tcpcheck_rule *parse_tcpcheck_connect(char **args, int cur_arg, st #ifdef USE_OPENSSL ", 'ssl', 'sni'" #endif /* USE_OPENSSL */ - " or 'linger' but got '%s' as argument.", + " or 'via-socks4', 'linger' but got '%s' as argument.", args[cur_arg]); goto error; }