BUG/MINOR: bwlim: Fix parameters check for set-bandwidth-limit actions

First, the inspect-delay is now tested if the action is used on a
tcp-response content rule. Then, when an expressions scope is checked, we
now take care to detect the right scope depending on the ruleset used
(tcp-request, tcp-response, http-request or http-response).

This patch could be backported to 2.7.

diff --git a/src/flt_bwlim.c b/src/flt_bwlim.c
index ff39d660d52b6f709ec7341b69145064da13915b..136be5c2d67b15e1241f9f108d541835094b220d 100644 (file)
--- a/src/flt_bwlim.c
+++ b/src/flt_bwlim.c
@@ -450,10 +450,26 @@ int check_bwlim_action(struct act_rule *rule, struct proxy *px, char **err)
        }
 
        where = 0;
-       if (px->cap & PR_CAP_FE)
-               where |= (rule->from == ACT_F_HTTP_REQ ? SMP_VAL_FE_HRQ_HDR : SMP_VAL_FE_HRS_HDR);
-       if (px->cap & PR_CAP_BE)
-               where |= (rule->from == ACT_F_HTTP_REQ ? SMP_VAL_BE_HRQ_HDR : SMP_VAL_BE_HRS_HDR);
+       if (px->cap & PR_CAP_FE) {
+               if (rule->from == ACT_F_TCP_REQ_CNT)
+                       where |= SMP_VAL_FE_REQ_CNT;
+               else if (rule->from == ACT_F_HTTP_REQ)
+                       where |= SMP_VAL_FE_HRQ_HDR;
+               else if (rule->from == ACT_F_TCP_RES_CNT)
+                       where |= SMP_VAL_FE_RES_CNT;
+               else if (rule->from == ACT_F_HTTP_RES)
+                       where |= SMP_VAL_FE_HRS_HDR;
+       }
+       if (px->cap & PR_CAP_BE) {
+               if (rule->from == ACT_F_TCP_REQ_CNT)
+                       where |= SMP_VAL_BE_REQ_CNT;
+               else if (rule->from == ACT_F_HTTP_REQ)
+                       where |= SMP_VAL_BE_HRQ_HDR;
+               else if (rule->from == ACT_F_TCP_RES_CNT)
+                       where |= SMP_VAL_BE_RES_CNT;
+               else if (rule->from == ACT_F_HTTP_RES)
+                       where |= SMP_VAL_BE_HRS_HDR;
+       }
 
        if ((rule->action & BWLIM_ACT_LIMIT_EXPR) && rule->arg.act.p[1]) {
                struct sample_expr *expr = rule->arg.act.p[1];
@@ -473,6 +489,15 @@ int check_bwlim_action(struct act_rule *rule, struct proxy *px, char **err)
                                           proxy_type_str(px), px->id);
                        }
                }
+               if (rule->from == ACT_F_TCP_RES_CNT && (px->cap & PR_CAP_BE)) {
+                       if (!px->tcp_rep.inspect_delay && !(expr->fetch->val & SMP_VAL_BE_SRV_CON)) {
+                               ha_warning("%s '%s' : a 'tcp-response content set-bandwidth-limit*' rule explicitly depending on response"
+                                          " contents without any 'tcp-response inspect-delay' setting."
+                                          " This means that this rule will randomly find its contents. This can be fixed by"
+                                          " setting the tcp-response inspect-delay.\n",
+                                          proxy_type_str(px), px->id);
+                       }
+               }
        }
 
        if ((rule->action & BWLIM_ACT_PERIOD_EXPR) && rule->arg.act.p[2]) {
@@ -491,6 +516,15 @@ int check_bwlim_action(struct act_rule *rule, struct proxy *px, char **err)
                                           " This means that this rule will randomly find its contents. This can be fixed by"
                                           " setting the tcp-request inspect-delay.\n",
                                           proxy_type_str(px), px->id);
+                       }
+               }
+               if (rule->from == ACT_F_TCP_RES_CNT && (px->cap & PR_CAP_BE)) {
+                       if (!px->tcp_rep.inspect_delay && !(expr->fetch->val & SMP_VAL_BE_SRV_CON)) {
+                               ha_warning("%s '%s' : a 'tcp-response content set-bandwidth-limit*' rule explicitly depending on response"
+                                          " contents without any 'tcp-response inspect-delay' setting."
+                                          " This means that this rule will randomly find its contents. This can be fixed by"
+                                          " setting the tcp-response inspect-delay.\n",
+                                          proxy_type_str(px), px->id);
                        }
                }
        }
@@ -511,6 +545,15 @@ int check_bwlim_action(struct act_rule *rule, struct proxy *px, char **err)
                                           proxy_type_str(px), px->id);
                        }
                }
+               if (rule->from == ACT_F_TCP_RES_CNT && (px->cap & PR_CAP_BE)) {
+                       if (!px->tcp_rep.inspect_delay && !(conf->expr->fetch->val & SMP_VAL_BE_SRV_CON)) {
+                               ha_warning("%s '%s' : a 'tcp-response content set-bandwidth-limit*' rule explicitly depending on response"
+                                          " contents without any 'tcp-response inspect-delay' setting."
+                                          " This means that this rule will randomly find its contents. This can be fixed by"
+                                          " setting the tcp-response inspect-delay.\n",
+                                          proxy_type_str(px), px->id);
+                       }
+               }
        }
 
   end: