diff --git a/src/session.c b/src/session.c index 5fd0f994f..55a8066c6 100644 --- a/src/session.c +++ b/src/session.c @@ -2071,14 +2071,40 @@ void default_srv_error(struct session *s, struct stream_interface *si) /* All supported ACL keywords must be declared here. */ /************************************************************************/ -/* set test->i to the number of connections from the session's source address - * in the table pointed to by expr. +/* set test->i to the cumulated number of connections in the stksess entry */ +static int +acl_fetch_conn_cnt(struct stktable *table, struct acl_test *test, struct stksess *ts) +{ + test->flags = ACL_TEST_F_VOL_TEST; + test->i = 0; + if (ts != NULL) { + void *ptr = stktable_data_ptr(table, ts, STKTABLE_DT_CONN_CNT); + if (!ptr) + return 0; /* parameter not stored */ + test->i = stktable_data_cast(ptr, conn_cnt); + } + + return 1; +} + +/* set test->i to the cumulated number of connections from the session's tracked counters */ +static int +acl_fetch_trk_conn_cnt(struct proxy *px, struct session *l4, void *l7, int dir, + struct acl_expr *expr, struct acl_test *test) +{ + if (!l4->tracked_counters) + return 0; + + return acl_fetch_conn_cnt(l4->tracked_table, test, l4->tracked_counters); +} + +/* set test->i to the cumulated number of connections from the session's source + * address in the table pointed to by expr. */ static int acl_fetch_src_conn_cnt(struct proxy *px, struct session *l4, void *l7, int dir, struct acl_expr *expr, struct acl_test *test) { - struct stksess *ts; struct stktable_key *key; key = tcpv4_src_to_stktable_key(l4); @@ -2091,16 +2117,7 @@ acl_fetch_src_conn_cnt(struct proxy *px, struct session *l4, void *l7, int dir, if (!px) return 0; /* table not found */ - test->flags = ACL_TEST_F_VOL_TEST; - test->i = 0; - if ((ts = stktable_lookup_key(&px->table, key)) != NULL) { - void *ptr = stktable_data_ptr(&px->table, ts, STKTABLE_DT_CONN_CNT); - if (!ptr) - return 0; /* parameter not stored */ - test->i = stktable_data_cast(ptr, conn_cnt); - } - - return 1; + return acl_fetch_conn_cnt(&px->table, test, stktable_lookup_key(&px->table, key)); } /* set test->i to the number of connections from the session's source address @@ -2245,6 +2262,7 @@ acl_fetch_src_kbytes_out(struct proxy *px, struct session *l4, void *l7, int dir /* Note: must not be declared as its list will be overwritten */ static struct acl_kw_list acl_kws = {{ },{ + { "trk_conn_cnt", acl_parse_int, acl_fetch_trk_conn_cnt, acl_match_int, ACL_USE_NOTHING }, { "src_conn_cnt", acl_parse_int, acl_fetch_src_conn_cnt, acl_match_int, ACL_USE_TCP4_VOLATILE }, { "src_updt_conn_cnt", acl_parse_int, acl_fetch_src_updt_conn_cnt, acl_match_int, ACL_USE_TCP4_VOLATILE }, { "src_conn_cur", acl_parse_int, acl_fetch_src_conn_cur, acl_match_int, ACL_USE_TCP4_VOLATILE },