http-request { allow | deny | tarpit | auth [realm <realm>] | redirect <rule> |
add-header <name> <fmt> | set-header <name> <fmt> |
- set-nice <nice> }
+ set-nice <nice> | set-log-level <level> }
[ { if | unless } <condition> ]
Access control for Layer 7 requests
some requests, or lower the priority of non-important requests. Using
this setting without prior experimentation can cause some major slowdown.
+ - "set-log-level" is used to change the log level of the current request
+ when a certain condition is met. Valid levels are the 8 syslog levels
+ (see the "log" keyword) plus the special level "silent" which disables
+ logging for this request. This rule is not final so the last matching
+ rule wins. This rule can be useful to disable health checks coming from
+ another equipment.
+
There is no limit to the number of http-request statements per instance.
It is important to know that http-request rules are processed very early in
about ACL usage.
http-response { allow | deny | add-header <name> <fmt> | set-nice <nice> |
- set-header <name> <fmt> } [ { if | unless } <condition> ]
+ set-header <name> <fmt> | set-log-level <level> }
+ [ { if | unless } <condition> ]
Access control for Layer 7 responses
May be used in sections: defaults | frontend | listen | backend
some requests, or lower the priority of non-important requests. Using
this setting without prior experimentation can cause some major slowdown.
+ - "set-log-level" is used to change the log level of the current request
+ when a certain condition is met. Valid levels are the 8 syslog levels
+ (see the "log" keyword) plus the special level "silent" which disables
+ logging for this request. This rule is not final so the last matching
+ rule wins. This rule can be useful to disable health checks coming from
+ another equipment.
+
There is no limit to the number of http-response statements per instance.
It is important to know that http-reqsponse rules are processed very early in
HTTP_REQ_ACT_SET_HDR,
HTTP_REQ_ACT_REDIR,
HTTP_REQ_ACT_SET_NICE,
+ HTTP_REQ_ACT_SET_LOGL,
HTTP_REQ_ACT_MAX /* must always be last */
};
HTTP_RES_ACT_ADD_HDR,
HTTP_RES_ACT_SET_HDR,
HTTP_RES_ACT_SET_NICE,
+ HTTP_RES_ACT_SET_LOGL,
HTTP_RES_ACT_MAX /* must always be last */
};
} hdr_add; /* args used by "add-header" and "set-header" */
struct redirect_rule *redir; /* redirect rule or "http-request redirect" */
int nice; /* nice value for HTTP_REQ_ACT_SET_NICE */
+ int loglevel; /* log-level value for HTTP_REQ_ACT_SET_LOGL */
} arg; /* arguments used by some actions */
};
struct list fmt; /* log-format compatible expression */
} hdr_add; /* args used by "add-header" and "set-header" */
int nice; /* nice value for HTTP_RES_ACT_SET_NICE */
+ int loglevel; /* log-level value for HTTP_RES_ACT_SET_LOGL */
} arg; /* arguments used by some actions */
};
s->task->nice = rule->arg.nice;
break;
+ case HTTP_REQ_ACT_SET_LOGL:
+ s->logs.level = rule->arg.loglevel;
+ break;
+
case HTTP_REQ_ACT_SET_HDR:
ctx.idx = 0;
/* remove all occurrences of the header */
s->task->nice = rule->arg.nice;
break;
+ case HTTP_RES_ACT_SET_LOGL:
+ s->logs.level = rule->arg.loglevel;
+ break;
+
case HTTP_RES_ACT_SET_HDR:
ctx.idx = 0;
/* remove all occurrences of the header */
else if (rule->arg.nice > 1024)
rule->arg.nice = 1024;
cur_arg++;
+ } else if (!strcmp(args[0], "set-log-level")) {
+ rule->action = HTTP_REQ_ACT_SET_LOGL;
+ cur_arg = 1;
+
+ if (!*args[cur_arg] ||
+ (*args[cur_arg + 1] && strcmp(args[cur_arg + 1], "if") != 0 && strcmp(args[cur_arg + 1], "unless") != 0)) {
+ bad_log_level:
+ Alert("parsing [%s:%d]: 'http-request %s' expects exactly 1 argument (log level name or 'silent').\n",
+ file, linenum, args[0]);
+ goto out_err;
+ }
+ if (strcmp(args[cur_arg], "silent") == 0)
+ rule->arg.loglevel = -1;
+ else if ((rule->arg.loglevel = get_log_level(args[cur_arg]) + 1) == 0)
+ goto bad_log_level;
+ cur_arg++;
} else if (strcmp(args[0], "add-header") == 0 || strcmp(args[0], "set-header") == 0) {
rule->action = *args[0] == 'a' ? HTTP_REQ_ACT_ADD_HDR : HTTP_REQ_ACT_SET_HDR;
cur_arg = 1;
cur_arg = 2;
return rule;
} else {
- Alert("parsing [%s:%d]: 'http-request' expects 'allow', 'deny', 'auth', 'redirect', 'tarpit', 'add-header', 'set-header', 'set-nice', but got '%s'%s.\n",
+ Alert("parsing [%s:%d]: 'http-request' expects 'allow', 'deny', 'auth', 'redirect', 'tarpit', 'add-header', 'set-header', 'set-nice', 'set-log-level', but got '%s'%s.\n",
file, linenum, args[0], *args[0] ? "" : " (missing argument)");
goto out_err;
}
else if (rule->arg.nice > 1024)
rule->arg.nice = 1024;
cur_arg++;
+ } else if (!strcmp(args[0], "set-log-level")) {
+ rule->action = HTTP_RES_ACT_SET_LOGL;
+ cur_arg = 1;
+
+ if (!*args[cur_arg] ||
+ (*args[cur_arg + 1] && strcmp(args[cur_arg + 1], "if") != 0 && strcmp(args[cur_arg + 1], "unless") != 0)) {
+ bad_log_level:
+ Alert("parsing [%s:%d]: 'http-response %s' expects exactly 1 argument (log level name or 'silent').\n",
+ file, linenum, args[0]);
+ goto out_err;
+ }
+ if (strcmp(args[cur_arg], "silent") == 0)
+ rule->arg.loglevel = -1;
+ else if ((rule->arg.loglevel = get_log_level(args[cur_arg] + 1)) == 0)
+ goto bad_log_level;
+ cur_arg++;
} else if (strcmp(args[0], "add-header") == 0 || strcmp(args[0], "set-header") == 0) {
rule->action = *args[0] == 'a' ? HTTP_RES_ACT_ADD_HDR : HTTP_RES_ACT_SET_HDR;
cur_arg = 1;
(proxy->cap & PR_CAP_BE) ? SMP_VAL_BE_HRS_HDR : SMP_VAL_FE_HRS_HDR);
cur_arg += 2;
} else {
- Alert("parsing [%s:%d]: 'http-response' expects 'allow', 'deny', 'redirect', 'add-header', 'set-header', 'set-nice', but got '%s'%s.\n",
+ Alert("parsing [%s:%d]: 'http-response' expects 'allow', 'deny', 'redirect', 'add-header', 'set-header', 'set-nice', 'set-log-level', but got '%s'%s.\n",
file, linenum, args[0], *args[0] ? "" : " (missing argument)");
goto out_err;
}
projects / thirdparty / haproxy.git / commitdiff
