changing a server's weight on the fly will have no effect,
but this can be changed using "hash-type".
+ See also the rdp_cookie pattern fetch function.
+
<arguments> is an optional list of arguments which may be needed by some
algorithms. Right now, only "url_param" and "uri" support an
optional argument.
server srv1 1.1.1.1:3389
server srv2 1.1.1.2:3389
- See also : "balance rdp-cookie", "tcp-request" and the "req_rdp_cookie" ACL.
+ See also : "balance rdp-cookie", "tcp-request", the "req_rdp_cookie" ACL and
+ the rdp_cookie pattern fetch function.
rate-limit sessions <rate>
http://example.com/foo?JESSIONID=some_id with
url_param(JSESSIONID)), for cases where cookies cannot be used.
+ rdp_cookie(name)
+ This extracts the value of the rdp cookie <name> as a string
+ and uses this value to match. This enables implementation of
+ persistence based on the mstshash cookie. This is typically
+ done if there is no msts cookie present.
+
+ This differs from "balance rdp-cookie" in that any balancing
+ algorithm may be used and thus the distribution of clients
+ to backend servers is not linked to a hash of the RDP
+ cookie. It is envisaged that using a balancing algorithm
+ such as "balance roundrobin" or "balance leastconnect" will
+ lead to a more even distribution of clients to backend
+ servers than the hash used by "balance rdp-cookie".
+
+ Example :
+ listen tse-farm
+ bind 0.0.0.0:3389
+ # wait up to 5s for an RDP cookie in the request
+ tcp-request inspect-delay 5s
+ tcp-request content accept if RDP_COOKIE
+ # apply RDP cookie persistence
+ persist rdp-cookie
+ # Persist based on the mstshash cookie
+ # This is only useful makes sense if
+ # balance rdp-cookie is not used
+ stick-table type string size 204800
+ stick on rdp_cookie(mstshash)
+ server srv1 1.1.1.1:3389
+ server srv1 1.1.1.2:3389
+
+ See also : "balance rdp-cookie", "persist rdp-cookie",
+ "tcp-request" and the "req_rdp_cookie" ACL.
+
+
The currently available list of transformations include :
lower Convert a string pattern to lower case. This can only be placed
return 1;
}
+static int
+pattern_fetch_rdp_cookie(struct proxy *px, struct session *l4, void *l7, int dir,
+ const struct pattern_arg *arg_p, int arg_i, union pattern_data *data)
+{
+ int ret;
+ struct acl_expr expr;
+ struct acl_test test;
+
+ if (!l4)
+ return 0;
+
+ memset(&expr, 0, sizeof(expr));
+ memset(&test, 0, sizeof(test));
+
+ expr.arg.str = arg_p[0].data.str.str;
+ expr.arg_len = arg_p[0].data.str.len;
+
+ ret = acl_fetch_rdp_cookie(px, l4, NULL, ACL_DIR_REQ, &expr, &test);
+ if (ret == 0 || (test.flags & ACL_TEST_F_MAY_CHANGE) || test.len == 0)
+ return 0;
+
+ /* init chunk as read only */
+ chunk_initlen(&data->str, test.ptr, 0, test.len);
+ return 1;
+}
+
static struct cfg_kw_list cfg_kws = {{ },{
{ CFG_LISTEN, "tcp-request", tcp_parse_tcp_req },
{ CFG_LISTEN, "tcp-response", tcp_parse_tcp_rep },
{ "dst_port", pattern_fetch_dport, NULL, PATTERN_TYPE_INTEGER, PATTERN_FETCH_REQ },
{ "payload", pattern_fetch_payload, pattern_arg_fetch_payload, PATTERN_TYPE_CONSTDATA, PATTERN_FETCH_REQ|PATTERN_FETCH_RTR },
{ "payload_lv", pattern_fetch_payloadlv, pattern_arg_fetch_payloadlv, PATTERN_TYPE_CONSTDATA, PATTERN_FETCH_REQ|PATTERN_FETCH_RTR },
+ { "rdp_cookie", pattern_fetch_rdp_cookie, pattern_arg_str, PATTERN_TYPE_CONSTSTRING, PATTERN_FETCH_REQ },
{ NULL, NULL, NULL, 0, 0 },
}};
projects / thirdparty / haproxy.git / commitdiff
