- 1: the received TTL value is appended to the fingerprint (1 byte)
- 2: the list of TCP option kinds, as returned by "tcp.options_list",
made of 0 to 40 extra bytes, is appended to the fingerprint
+ - 4: the source IP address is appended to the fingerprint, which adds
+ 4 bytes for IPv4 and 16 for IPv6.
- Example:
+ Example: make a 12..24 bytes fingerprint using the base FP, the TTL and the
+ source address (1+4=5):
frontend test
mode http
bind :4445 tcp-ss 1
tcp-request connection set-var(sess.syn) fc_saved_syn
http-request return status 200 content-type text/plain lf-string \
- "src=%[var(sess.syn),ip.src] fp=%[var(sess.syn),ip.fp,hex]\n"
+ "src=%[var(sess.syn),ip.src] fp=%[var(sess.syn),ip.fp(5),hex]\n"
See also "fc_saved_syn", "tcp-ss", "eth.data", "ip.df", "ip.ttl", "tcp.win",
"tcp.options.mss", and "tcp.options_list".
static int sample_conv_ip_fp(const struct arg *arg_p, struct sample *smp, void *private)
{
struct buffer *trash = get_trash_chunk();
+ char *ipsrc;
uchar ipver;
uchar iptos;
uchar ipttl;
pktlen = read_n16(smp->data.u.str.area + 2);
ipdf = !!(smp->data.u.str.area[6] & 0x40);
ipttl = smp->data.u.str.area[8];
+ ipsrc = smp->data.u.str.area + 12;
}
else if (ipver == 6) {
/* check fields for IPv6 */
iptos = read_n16(smp->data.u.str.area) >> 4;
ipdf = 1; // no fragments by default in IPv6
ipttl = smp->data.u.str.area[7];
+ ipsrc = smp->data.u.str.area + 8;
}
else
return 0;
write_n16(trash->area + 3, tcpwin);
write_n16(trash->area + 5, tcpmss);
+ /* mode 4: append source IP address */
+ if (mode & 4) {
+ iplen = (ipver == 4) ? 4 : 16;
+ memcpy(trash->area + trash->data, ipsrc, iplen);
+ trash->data += iplen;
+ }
+
/* option kinds if any are stored starting at offset 7 */
smp->data.u.str = *trash;
smp->flags &= ~SMP_F_CONST;
projects / thirdparty / haproxy.git / commitdiff
