From: Christopher Faulet <cfaulet@haproxy.com>
Date: Tue, 6 Jul 2021 09:25:36 +0000 (+0200)
Subject: Revert "MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules"
X-Git-Tag: v2.5-dev2~40
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=23048875a4eacf5d7d4450d677cb077e67778b95;p=thirdparty%2Fhaproxy.git

Revert "MINOR: tcp-act: Add set-src/set-src-port for "tcp-request content" rules"

This reverts commit 19bbbe05629ea947dd60d5b96d96f0066b047b97.

For now, set-src/set-src-port actions are directly performed on the client
connection. Using these actions at the stream level is really a problem with
HTTP connection (See #90) because all requests are affected by this change
and not only the current request. And it is worse with the H2, because
several requests can set their source address into the same connection at
the same time.

It is already an issue when these actions are called from "http-request"
rules. It is safer to wait a bit before adding the support to "tcp-request
content" rules. The solution is to be able to set src/dst address on the
stream and not on the connection when the action if performed from the L7
level..

Reverting the above commit means the issue #1303 is no longer fixed.

This patch must be backported in all branches containing the above commit
(as far as 2.0 for now).
---

diff --git a/doc/configuration.txt b/doc/configuration.txt
index 0075c58829..0d60f8e8e8 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -12208,8 +12208,6 @@ tcp-request content <action> [{if | unless} <condition>]
     - set-log-level <level>
     - set-mark <mark>
     - set-nice <nice>
-    - set-src <expr>
-    - set-src-port <expr>
     - set-tos <tos>
     - set-var(<var-name>) <expr>
     - switch-mode http [ proto <name> ]
@@ -12270,9 +12268,6 @@ tcp-request content <action> [{if | unless} <condition>]
   The "set-nice" is used to set the "nice" factor of the current session. More
   information on how to use it at "http-request set-nice".
 
-  The "set-src" and "set-src-port" are used to set respectively the source IP
-  and port. More information on how to use it at "http-request set-src".
-
   The "set-tos" is used to set the TOS or DSCP field value of packets sent to
   the client. More information on how to use it at "http-request set-tos".
 
diff --git a/src/tcp_act.c b/src/tcp_act.c
index 3596d31254..8223aaa818 100644
--- a/src/tcp_act.c
+++ b/src/tcp_act.c
@@ -413,8 +413,6 @@ static struct action_kw_list tcp_req_cont_actions = {ILH, {
 	{ "set-dst"     , tcp_parse_set_src_dst },
 	{ "set-dst-port", tcp_parse_set_src_dst },
 	{ "set-mark",     tcp_parse_set_mark    },
-	{ "set-src",      tcp_parse_set_src_dst },
-	{ "set-src-port", tcp_parse_set_src_dst },
 	{ "set-tos",      tcp_parse_set_tos     },
 	{ "silent-drop",  tcp_parse_silent_drop },
 	{ /* END */ }