git.ipfire.org Git - thirdparty/haproxy.git/commit

author	Christopher Faulet <cfaulet@haproxy.com>
	Wed, 13 Oct 2021 13:40:15 +0000 (15:40 +0200)
committer	Christopher Faulet <cfaulet@haproxy.com>
	Fri, 15 Oct 2021 12:12:19 +0000 (14:12 +0200)
commit	ee08d6cc74daef511ce2f8d7e3f766fb6c9ae385
tree	a87ff5430a68cb11fd3295b9ebefc1129cf0f2b5	tree \| snapshot
parent	6ff7de5d6438679c2376611077b5cd58c664f8ea	commit \| diff

MEDIUM: rules/acl: Parse TCP/HTTP rules and acls defined in defaults sections

TCP and HTTP rules can now be defined in defaults sections, but only those
with a name. Because these rules may use conditions based on ACLs, ACLs can
also be defined in defaults sections.

However there are some limitations:

  * A defaults section defining TCP/HTTP rules cannot be used by a defaults
    section
  * A defaults section defining TCP/HTTP rules cannot be used bu a listen
    section
  * A defaults sections defining TCP/HTTP rules cannot be used by frontends
    and backends at the same time
  * A defaults sections defining 'tcp-request connection' or 'tcp-request
    session' rules cannot be used by backends
  * A defaults sections defining 'tcp-response content' rules cannot be used
    by frontends

The TCP request/response inspect-delay of a proxy is now inherited from the
defaults section it uses. For now, these rules are only parsed. No evaluation is
performed.

src/cfgparse-listen.c		diff \| blob \| blame \| history
src/cfgparse.c		diff \| blob \| blame \| history
src/proxy.c		diff \| blob \| blame \| history
src/tcp_rules.c		diff \| blob \| blame \| history