ACL_PAT_F_TREE = 1 << 3, /* some patterns are arranged in a tree */
};
-/* what capabilities an ACL uses. These flags are set during parsing, which
- * allows for flexible ACLs typed by their contents.
- */
-enum {
- ACL_USE_NOTHING = 0, /* no need for anything beyond internal information */
- ACL_USE_TCP4_PERMANENT = 1 << 0, /* unchanged TCPv4 data (eg: source IP) */
- ACL_USE_TCP4_CACHEABLE = 1 << 1, /* cacheable TCPv4 data (eg: src conns) */
- ACL_USE_TCP4_VOLATILE = 1 << 2, /* volatile TCPv4 data (eg: RTT) */
- ACL_USE_TCP4_ANY = (ACL_USE_TCP4_PERMANENT | ACL_USE_TCP4_CACHEABLE | ACL_USE_TCP4_VOLATILE),
-
- ACL_USE_TCP6_PERMANENT = 1 << 3, /* unchanged TCPv6 data (eg: source IP) */
- ACL_USE_TCP6_CACHEABLE = 1 << 4, /* cacheable TCPv6 data (eg: src conns) */
- ACL_USE_TCP6_VOLATILE = 1 << 5, /* volatile TCPv6 data (eg: RTT) */
- ACL_USE_TCP6_ANY = (ACL_USE_TCP6_PERMANENT | ACL_USE_TCP6_CACHEABLE | ACL_USE_TCP6_VOLATILE),
-
- ACL_USE_TCP_PERMANENT = 1 << 6, /* unchanged TCPv4/v6 data (eg: source IP) */
- ACL_USE_TCP_CACHEABLE = 1 << 7, /* cacheable TCPv4/v6 data (eg: src conns) */
- ACL_USE_TCP_VOLATILE = 1 << 8, /* volatile TCPv4/v6 data (eg: RTT) */
- ACL_USE_TCP_ANY = (ACL_USE_TCP_PERMANENT | ACL_USE_TCP_CACHEABLE | ACL_USE_TCP_VOLATILE),
-
- ACL_USE_L6REQ_PERMANENT = 1 << 9, /* unchanged layer6 request data */
- ACL_USE_L6REQ_CACHEABLE = 1 << 10, /* cacheable layer6 request data (eg: length) */
- ACL_USE_L6REQ_VOLATILE = 1 << 11, /* volatile layer6 request data (eg: contents) */
- ACL_USE_L6REQ_ANY = (ACL_USE_L6REQ_PERMANENT | ACL_USE_L6REQ_CACHEABLE | ACL_USE_L6REQ_VOLATILE),
-
- ACL_USE_L6RTR_PERMANENT = 1 << 12, /* unchanged layer6 response data */
- ACL_USE_L6RTR_CACHEABLE = 1 << 13, /* cacheable layer6 response data (eg: length) */
- ACL_USE_L6RTR_VOLATILE = 1 << 14, /* volatile layer6 response data (eg: contents) */
- ACL_USE_L6RTR_ANY = (ACL_USE_L6RTR_PERMANENT | ACL_USE_L6RTR_CACHEABLE | ACL_USE_L6RTR_VOLATILE),
-
- ACL_USE_L7REQ_PERMANENT = 1 << 15, /* unchanged layer7 request data (eg: method) */
- ACL_USE_L7REQ_CACHEABLE = 1 << 16, /* cacheable layer7 request data (eg: content-length) */
- ACL_USE_L7REQ_VOLATILE = 1 << 17, /* volatile layer7 request data (eg: cookie) */
- ACL_USE_L7REQ_ANY = (ACL_USE_L7REQ_PERMANENT | ACL_USE_L7REQ_CACHEABLE | ACL_USE_L7REQ_VOLATILE),
-
- ACL_USE_L7RTR_PERMANENT = 1 << 18, /* unchanged layer7 response data (eg: status) */
- ACL_USE_L7RTR_CACHEABLE = 1 << 19, /* cacheable layer7 response data (eg: content-length) */
- ACL_USE_L7RTR_VOLATILE = 1 << 20, /* volatile layer7 response data (eg: cookie) */
- ACL_USE_L7RTR_ANY = (ACL_USE_L7RTR_PERMANENT | ACL_USE_L7RTR_CACHEABLE | ACL_USE_L7RTR_VOLATILE),
-
- /* those ones are used for ambiguous "hdr_xxx" verbs */
- ACL_USE_HDR_CACHEABLE = 1 << 21, /* cacheable request or response header (eg: content-length) */
- ACL_USE_HDR_VOLATILE = 1 << 22, /* volatile request or response header (eg: cookie) */
- ACL_USE_HDR_ANY = (ACL_USE_HDR_CACHEABLE | ACL_USE_HDR_VOLATILE),
-
- /* This one indicates that we need an internal parameter known in the response only */
- ACL_USE_RTR_INTERNAL = 1 << 23, /* volatile response information */
-
- /* information which remains during response */
- ACL_USE_REQ_PERMANENT = (ACL_USE_TCP4_PERMANENT | ACL_USE_TCP6_PERMANENT | ACL_USE_TCP_PERMANENT |
- ACL_USE_L6REQ_PERMANENT | ACL_USE_L7REQ_PERMANENT),
- ACL_USE_REQ_CACHEABLE = (ACL_USE_TCP4_CACHEABLE | ACL_USE_TCP6_CACHEABLE | ACL_USE_TCP_CACHEABLE |
- ACL_USE_L6REQ_CACHEABLE | ACL_USE_L7REQ_CACHEABLE | ACL_USE_HDR_CACHEABLE),
-
- /* information which does not remain during response */
- ACL_USE_REQ_VOLATILE = (ACL_USE_TCP4_VOLATILE | ACL_USE_TCP6_VOLATILE | ACL_USE_TCP_VOLATILE |
- ACL_USE_L6REQ_VOLATILE | ACL_USE_L7REQ_VOLATILE),
-
- /* any type of layer 6 contents information (random data available in a buffer) */
- ACL_USE_L6_ANY = (ACL_USE_L6REQ_ANY | ACL_USE_L6RTR_ANY),
-
- /* any type of layer 7 information */
- ACL_USE_L7_ANY = (ACL_USE_L7REQ_ANY | ACL_USE_L7RTR_ANY | ACL_USE_HDR_ANY),
-
- /* any type of response information */
- ACL_USE_RTR_ANY = (ACL_USE_L6RTR_ANY | ACL_USE_L7RTR_ANY | ACL_USE_RTR_INTERNAL),
-};
-
/* How to store a time range and the valid days in 29 bits */
struct acl_time {
int dow:7; /* 1 bit per day of week: 0-6 */
char *fetch_kw;
int (*parse)(const char **text, struct acl_pattern *pattern, int *opaque, char **err);
int (*match)(struct sample *smp, struct acl_pattern *pattern);
- unsigned int requires; /* bit mask of all ACL_USE_* required to evaluate this keyword */
/* must be after the config params */
struct sample_fetch *smp; /* the sample fetch we depend on */
int use_cnt;
* Please take care of keeping this list alphabetically sorted.
*/
static struct acl_kw_list acl_kws = {{ },{
- { "always_false", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_NOTHING },
- { "always_true", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_NOTHING },
+ { "always_false", NULL, acl_parse_nothing, acl_match_nothing },
+ { "always_true", NULL, acl_parse_nothing, acl_match_nothing },
{ /* END */ },
}};
* Please take care of keeping this list alphabetically sorted.
*/
static struct acl_kw_list acl_kws = {{ },{
- { "avg_queue", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "be_conn", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "be_id", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "be_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "connslots", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "nbsrv", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "queue", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "srv_conn", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "srv_id", NULL, acl_parse_int, acl_match_int, ACL_USE_RTR_INTERNAL },
- { "srv_is_up", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_NOTHING },
- { "srv_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
+ { "avg_queue", NULL, acl_parse_int, acl_match_int },
+ { "be_conn", NULL, acl_parse_int, acl_match_int },
+ { "be_id", NULL, acl_parse_int, acl_match_int },
+ { "be_sess_rate", NULL, acl_parse_int, acl_match_int },
+ { "connslots", NULL, acl_parse_int, acl_match_int },
+ { "nbsrv", NULL, acl_parse_int, acl_match_int },
+ { "queue", NULL, acl_parse_int, acl_match_int },
+ { "srv_conn", NULL, acl_parse_int, acl_match_int },
+ { "srv_id", NULL, acl_parse_int, acl_match_int },
+ { "srv_is_up", NULL, acl_parse_nothing, acl_match_nothing },
+ { "srv_sess_rate", NULL, acl_parse_int, acl_match_int },
{ /* END */ },
}};
* Please take care of keeping this list alphabetically sorted.
*/
static struct acl_kw_list acl_kws = {{ },{
- { "fe_conn", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "fe_id", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "fe_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
+ { "fe_conn", NULL, acl_parse_int, acl_match_int },
+ { "fe_id", NULL, acl_parse_int, acl_match_int },
+ { "fe_sess_rate", NULL, acl_parse_int, acl_match_int },
{ /* END */ },
}};
* Please take care of keeping this list alphabetically sorted.
*/
static struct acl_kw_list acl_kws = {{ },{
- { "dst_conn", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "so_id", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
+ { "dst_conn", NULL, acl_parse_int, acl_match_int },
+ { "so_id", NULL, acl_parse_int, acl_match_int },
{ /* END */ },
}};
* Please take care of keeping this list alphabetically sorted.
*/
static struct acl_kw_list acl_kws = {{ },{
- { "payload", "req.payload", acl_parse_str, acl_match_str, ACL_USE_L6REQ_VOLATILE },
- { "payload_lv", "req.payload_lv", acl_parse_str, acl_match_str, ACL_USE_L6REQ_VOLATILE },
- { "rep_ssl_hello_type", "res.ssl_hello_type", acl_parse_int, acl_match_int, ACL_USE_L6RTR_VOLATILE },
- { "req_len", "req.len", acl_parse_int, acl_match_int, ACL_USE_L6REQ_VOLATILE },
- { "req_rdp_cookie", "req.rdp_cookie", acl_parse_str, acl_match_str, ACL_USE_L6REQ_VOLATILE },
- { "req_rdp_cookie_cnt", "req.rdp_cookie_cnt", acl_parse_int, acl_match_int, ACL_USE_L6REQ_VOLATILE },
- { "req_ssl_hello_type", "req.ssl_hello_type", acl_parse_int, acl_match_int, ACL_USE_L6REQ_VOLATILE },
- { "req_ssl_sni", "req.ssl_sni", acl_parse_str, acl_match_str, ACL_USE_L6REQ_VOLATILE },
- { "req_ssl_ver", "req.ssl_ver", acl_parse_dotted_ver, acl_match_int, ACL_USE_L6REQ_VOLATILE },
- { "wait_end", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_NOTHING },
+ { "payload", "req.payload", acl_parse_str, acl_match_str },
+ { "payload_lv", "req.payload_lv", acl_parse_str, acl_match_str },
+ { "rep_ssl_hello_type", "res.ssl_hello_type", acl_parse_int, acl_match_int },
+ { "req_len", "req.len", acl_parse_int, acl_match_int },
+ { "req_rdp_cookie", "req.rdp_cookie", acl_parse_str, acl_match_str },
+ { "req_rdp_cookie_cnt", "req.rdp_cookie_cnt", acl_parse_int, acl_match_int },
+ { "req_ssl_hello_type", "req.ssl_hello_type", acl_parse_int, acl_match_int },
+ { "req_ssl_sni", "req.ssl_sni", acl_parse_str, acl_match_str },
+ { "req_ssl_ver", "req.ssl_ver", acl_parse_dotted_ver, acl_match_int },
+ { "wait_end", NULL, acl_parse_nothing, acl_match_nothing },
{ /* END */ },
}};
* Please take care of keeping this list alphabetically sorted.
*/
static struct acl_kw_list acl_kws = {{ },{
- { "base", "base", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE },
- { "base_beg", "base", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE },
- { "base_dir", "base", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE },
- { "base_dom", "base", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE },
- { "base_end", "base", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE },
- { "base_len", "base", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE },
- { "base_reg", "base", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE },
- { "base_sub", "base", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE },
-
- { "cook", "req.cook", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE },
- { "cook_beg", "req.cook", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE },
- { "cook_cnt", "req.cook_cnt", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE },
- { "cook_dir", "req.cook", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE },
- { "cook_dom", "req.cook", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE },
- { "cook_end", "req.cook", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE },
- { "cook_len", "req.cook", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE },
- { "cook_reg", "req.cook", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE },
- { "cook_sub", "req.cook", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE },
- { "cook_val", "req.cook_val", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE },
-
- { "hdr", "req.hdr", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE },
- { "hdr_beg", "req.hdr", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE },
- { "hdr_cnt", "req.hdr_cnt", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE },
- { "hdr_dir", "req.hdr", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE },
- { "hdr_dom", "req.hdr", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE },
- { "hdr_end", "req.hdr", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE },
- { "hdr_ip", "req.hdr_ip", acl_parse_ip, acl_match_ip, ACL_USE_L7REQ_VOLATILE },
- { "hdr_len", "req.hdr", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE },
- { "hdr_reg", "req.hdr", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE },
- { "hdr_sub", "req.hdr", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE },
- { "hdr_val", "req.hdr_val", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE },
-
- { "http_auth", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L7REQ_VOLATILE },
- { "http_auth_group", NULL, acl_parse_strcat, acl_match_auth, ACL_USE_L7REQ_VOLATILE },
-
- { "http_first_req", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L7REQ_PERMANENT },
-
- { "method", NULL, acl_parse_meth, acl_match_meth, ACL_USE_L7REQ_PERMANENT },
-
- { "path", "path", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE },
- { "path_beg", "path", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE },
- { "path_dir", "path", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE },
- { "path_dom", "path", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE },
- { "path_end", "path", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE },
- { "path_len", "path", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE },
- { "path_reg", "path", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE },
- { "path_sub", "path", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE },
-
- { "req_proto_http", "req.proto_http",acl_parse_nothing, acl_match_nothing, ACL_USE_L7REQ_PERMANENT },
- { "req_ver", "req.ver", acl_parse_ver, acl_match_str, ACL_USE_L7REQ_VOLATILE },
- { "resp_ver", "res.ver", acl_parse_ver, acl_match_str, ACL_USE_L7RTR_VOLATILE },
-
- { "scook", "res.cook", acl_parse_str, acl_match_str, ACL_USE_L7RTR_VOLATILE },
- { "scook_beg", "res.cook", acl_parse_str, acl_match_beg, ACL_USE_L7RTR_VOLATILE },
- { "scook_cnt", "res.cook_cnt", acl_parse_int, acl_match_int, ACL_USE_L7RTR_VOLATILE },
- { "scook_dir", "res.cook", acl_parse_str, acl_match_dir, ACL_USE_L7RTR_VOLATILE },
- { "scook_dom", "res.cook", acl_parse_str, acl_match_dom, ACL_USE_L7RTR_VOLATILE },
- { "scook_end", "res.cook", acl_parse_str, acl_match_end, ACL_USE_L7RTR_VOLATILE },
- { "scook_len", "res.cook", acl_parse_int, acl_match_len, ACL_USE_L7RTR_VOLATILE },
- { "scook_reg", "res.cook", acl_parse_reg, acl_match_reg, ACL_USE_L7RTR_VOLATILE },
- { "scook_sub", "res.cook", acl_parse_str, acl_match_sub, ACL_USE_L7RTR_VOLATILE },
- { "scook_val", "res.cook_val", acl_parse_int, acl_match_int, ACL_USE_L7RTR_VOLATILE },
-
- { "shdr", "res.hdr", acl_parse_str, acl_match_str, ACL_USE_L7RTR_VOLATILE },
- { "shdr_beg", "res.hdr", acl_parse_str, acl_match_beg, ACL_USE_L7RTR_VOLATILE },
- { "shdr_cnt", "res.hdr_cnt", acl_parse_int, acl_match_int, ACL_USE_L7RTR_VOLATILE },
- { "shdr_dir", "res.hdr", acl_parse_str, acl_match_dir, ACL_USE_L7RTR_VOLATILE },
- { "shdr_dom", "res.hdr", acl_parse_str, acl_match_dom, ACL_USE_L7RTR_VOLATILE },
- { "shdr_end", "res.hdr", acl_parse_str, acl_match_end, ACL_USE_L7RTR_VOLATILE },
- { "shdr_ip", "res.hdr_ip", acl_parse_ip, acl_match_ip, ACL_USE_L7RTR_VOLATILE },
- { "shdr_len", "res.hdr", acl_parse_int, acl_match_len, ACL_USE_L7RTR_VOLATILE },
- { "shdr_reg", "res.hdr", acl_parse_reg, acl_match_reg, ACL_USE_L7RTR_VOLATILE },
- { "shdr_sub", "res.hdr", acl_parse_str, acl_match_sub, ACL_USE_L7RTR_VOLATILE },
- { "shdr_val", "res.hdr_val", acl_parse_int, acl_match_int, ACL_USE_L7RTR_VOLATILE },
-
- { "status", NULL, acl_parse_int, acl_match_int, ACL_USE_L7RTR_PERMANENT },
-
- { "url", "url", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE },
- { "url_beg", "url", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE },
- { "url_dir", "url", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE },
- { "url_dom", "url", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE },
- { "url_end", "url", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE },
- { "url_ip", "url_ip", acl_parse_ip, acl_match_ip, ACL_USE_L7REQ_VOLATILE },
- { "url_len", "url", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE },
- { "url_port", "url_port", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE },
- { "url_reg", "url", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE },
- { "url_sub", "url", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE },
-
- { "urlp", "urlp", acl_parse_str, acl_match_str, ACL_USE_L7REQ_VOLATILE },
- { "urlp_beg", "urlp", acl_parse_str, acl_match_beg, ACL_USE_L7REQ_VOLATILE },
- { "urlp_dir", "urlp", acl_parse_str, acl_match_dir, ACL_USE_L7REQ_VOLATILE },
- { "urlp_dom", "urlp", acl_parse_str, acl_match_dom, ACL_USE_L7REQ_VOLATILE },
- { "urlp_end", "urlp", acl_parse_str, acl_match_end, ACL_USE_L7REQ_VOLATILE },
- { "urlp_ip", "urlp", acl_parse_ip, acl_match_ip, ACL_USE_L7REQ_VOLATILE },
- { "urlp_len", "urlp", acl_parse_int, acl_match_len, ACL_USE_L7REQ_VOLATILE },
- { "urlp_reg", "urlp", acl_parse_reg, acl_match_reg, ACL_USE_L7REQ_VOLATILE },
- { "urlp_sub", "urlp", acl_parse_str, acl_match_sub, ACL_USE_L7REQ_VOLATILE },
- { "urlp_val", "urlp_val", acl_parse_int, acl_match_int, ACL_USE_L7REQ_VOLATILE },
+ { "base", "base", acl_parse_str, acl_match_str },
+ { "base_beg", "base", acl_parse_str, acl_match_beg },
+ { "base_dir", "base", acl_parse_str, acl_match_dir },
+ { "base_dom", "base", acl_parse_str, acl_match_dom },
+ { "base_end", "base", acl_parse_str, acl_match_end },
+ { "base_len", "base", acl_parse_int, acl_match_len },
+ { "base_reg", "base", acl_parse_reg, acl_match_reg },
+ { "base_sub", "base", acl_parse_str, acl_match_sub },
+
+ { "cook", "req.cook", acl_parse_str, acl_match_str },
+ { "cook_beg", "req.cook", acl_parse_str, acl_match_beg },
+ { "cook_cnt", "req.cook_cnt", acl_parse_int, acl_match_int },
+ { "cook_dir", "req.cook", acl_parse_str, acl_match_dir },
+ { "cook_dom", "req.cook", acl_parse_str, acl_match_dom },
+ { "cook_end", "req.cook", acl_parse_str, acl_match_end },
+ { "cook_len", "req.cook", acl_parse_int, acl_match_len },
+ { "cook_reg", "req.cook", acl_parse_reg, acl_match_reg },
+ { "cook_sub", "req.cook", acl_parse_str, acl_match_sub },
+ { "cook_val", "req.cook_val", acl_parse_int, acl_match_int },
+
+ { "hdr", "req.hdr", acl_parse_str, acl_match_str },
+ { "hdr_beg", "req.hdr", acl_parse_str, acl_match_beg },
+ { "hdr_cnt", "req.hdr_cnt", acl_parse_int, acl_match_int },
+ { "hdr_dir", "req.hdr", acl_parse_str, acl_match_dir },
+ { "hdr_dom", "req.hdr", acl_parse_str, acl_match_dom },
+ { "hdr_end", "req.hdr", acl_parse_str, acl_match_end },
+ { "hdr_ip", "req.hdr_ip", acl_parse_ip, acl_match_ip },
+ { "hdr_len", "req.hdr", acl_parse_int, acl_match_len },
+ { "hdr_reg", "req.hdr", acl_parse_reg, acl_match_reg },
+ { "hdr_sub", "req.hdr", acl_parse_str, acl_match_sub },
+ { "hdr_val", "req.hdr_val", acl_parse_int, acl_match_int },
+
+ { "http_auth", NULL, acl_parse_nothing, acl_match_nothing },
+ { "http_auth_group", NULL, acl_parse_strcat, acl_match_auth },
+
+ { "http_first_req", NULL, acl_parse_nothing, acl_match_nothing },
+
+ { "method", NULL, acl_parse_meth, acl_match_meth },
+
+ { "path", "path", acl_parse_str, acl_match_str },
+ { "path_beg", "path", acl_parse_str, acl_match_beg },
+ { "path_dir", "path", acl_parse_str, acl_match_dir },
+ { "path_dom", "path", acl_parse_str, acl_match_dom },
+ { "path_end", "path", acl_parse_str, acl_match_end },
+ { "path_len", "path", acl_parse_int, acl_match_len },
+ { "path_reg", "path", acl_parse_reg, acl_match_reg },
+ { "path_sub", "path", acl_parse_str, acl_match_sub },
+
+ { "req_proto_http", "req.proto_http",acl_parse_nothing, acl_match_nothing },
+ { "req_ver", "req.ver", acl_parse_ver, acl_match_str },
+ { "resp_ver", "res.ver", acl_parse_ver, acl_match_str },
+
+ { "scook", "res.cook", acl_parse_str, acl_match_str },
+ { "scook_beg", "res.cook", acl_parse_str, acl_match_beg },
+ { "scook_cnt", "res.cook_cnt", acl_parse_int, acl_match_int },
+ { "scook_dir", "res.cook", acl_parse_str, acl_match_dir },
+ { "scook_dom", "res.cook", acl_parse_str, acl_match_dom },
+ { "scook_end", "res.cook", acl_parse_str, acl_match_end },
+ { "scook_len", "res.cook", acl_parse_int, acl_match_len },
+ { "scook_reg", "res.cook", acl_parse_reg, acl_match_reg },
+ { "scook_sub", "res.cook", acl_parse_str, acl_match_sub },
+ { "scook_val", "res.cook_val", acl_parse_int, acl_match_int },
+
+ { "shdr", "res.hdr", acl_parse_str, acl_match_str },
+ { "shdr_beg", "res.hdr", acl_parse_str, acl_match_beg },
+ { "shdr_cnt", "res.hdr_cnt", acl_parse_int, acl_match_int },
+ { "shdr_dir", "res.hdr", acl_parse_str, acl_match_dir },
+ { "shdr_dom", "res.hdr", acl_parse_str, acl_match_dom },
+ { "shdr_end", "res.hdr", acl_parse_str, acl_match_end },
+ { "shdr_ip", "res.hdr_ip", acl_parse_ip, acl_match_ip },
+ { "shdr_len", "res.hdr", acl_parse_int, acl_match_len },
+ { "shdr_reg", "res.hdr", acl_parse_reg, acl_match_reg },
+ { "shdr_sub", "res.hdr", acl_parse_str, acl_match_sub },
+ { "shdr_val", "res.hdr_val", acl_parse_int, acl_match_int },
+
+ { "status", NULL, acl_parse_int, acl_match_int },
+
+ { "url", "url", acl_parse_str, acl_match_str },
+ { "url_beg", "url", acl_parse_str, acl_match_beg },
+ { "url_dir", "url", acl_parse_str, acl_match_dir },
+ { "url_dom", "url", acl_parse_str, acl_match_dom },
+ { "url_end", "url", acl_parse_str, acl_match_end },
+ { "url_ip", "url_ip", acl_parse_ip, acl_match_ip },
+ { "url_len", "url", acl_parse_int, acl_match_len },
+ { "url_port", "url_port", acl_parse_int, acl_match_int },
+ { "url_reg", "url", acl_parse_reg, acl_match_reg },
+ { "url_sub", "url", acl_parse_str, acl_match_sub },
+
+ { "urlp", "urlp", acl_parse_str, acl_match_str },
+ { "urlp_beg", "urlp", acl_parse_str, acl_match_beg },
+ { "urlp_dir", "urlp", acl_parse_str, acl_match_dir },
+ { "urlp_dom", "urlp", acl_parse_str, acl_match_dom },
+ { "urlp_end", "urlp", acl_parse_str, acl_match_end },
+ { "urlp_ip", "urlp", acl_parse_ip, acl_match_ip },
+ { "urlp_len", "urlp", acl_parse_int, acl_match_len },
+ { "urlp_reg", "urlp", acl_parse_reg, acl_match_reg },
+ { "urlp_sub", "urlp", acl_parse_str, acl_match_sub },
+ { "urlp_val", "urlp_val", acl_parse_int, acl_match_int },
{ /* END */ },
}};
* Please take care of keeping this list alphabetically sorted.
*/
static struct acl_kw_list acl_kws = {{ },{
- { "dst", NULL, acl_parse_ip, acl_match_ip, ACL_USE_TCP4_PERMANENT },
- { "dst_port", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP_PERMANENT },
- { "src", NULL, acl_parse_ip, acl_match_ip, ACL_USE_TCP4_PERMANENT },
- { "src_port", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP_PERMANENT },
+ { "dst", NULL, acl_parse_ip, acl_match_ip },
+ { "dst_port", NULL, acl_parse_int, acl_match_int },
+ { "src", NULL, acl_parse_ip, acl_match_ip },
+ { "src_port", NULL, acl_parse_int, acl_match_int },
{ /* END */ },
}};
* Please take care of keeping this list alphabetically sorted.
*/
static struct acl_kw_list acl_kws = {{ },{
- { "sc1_bytes_in_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_bytes_out_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_clr_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_conn_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_conn_cur", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_conn_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_get_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_http_err_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_http_err_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_http_req_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_http_req_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_inc_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_kbytes_in", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "sc1_kbytes_out", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "sc1_sess_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc1_trackers", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_bytes_in_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_bytes_out_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_clr_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_conn_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_conn_cur", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_conn_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_get_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_http_err_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_http_err_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_http_req_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_http_req_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_inc_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_kbytes_in", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "sc2_kbytes_out", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "sc2_sess_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "sc2_trackers", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "src_bytes_in_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_bytes_out_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_clr_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_conn_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_conn_cur", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_conn_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_get_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_http_err_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_http_err_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_http_req_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_http_req_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_inc_gpc0", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_kbytes_in", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_kbytes_out", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_sess_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_sess_rate", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "src_updt_conn_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_TCP4_VOLATILE },
- { "table_avl", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
- { "table_cnt", NULL, acl_parse_int, acl_match_int, ACL_USE_NOTHING },
+ { "sc1_bytes_in_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc1_bytes_out_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc1_clr_gpc0", NULL, acl_parse_int, acl_match_int },
+ { "sc1_conn_cnt", NULL, acl_parse_int, acl_match_int },
+ { "sc1_conn_cur", NULL, acl_parse_int, acl_match_int },
+ { "sc1_conn_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc1_get_gpc0", NULL, acl_parse_int, acl_match_int },
+ { "sc1_http_err_cnt", NULL, acl_parse_int, acl_match_int },
+ { "sc1_http_err_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc1_http_req_cnt", NULL, acl_parse_int, acl_match_int },
+ { "sc1_http_req_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc1_inc_gpc0", NULL, acl_parse_int, acl_match_int },
+ { "sc1_kbytes_in", NULL, acl_parse_int, acl_match_int },
+ { "sc1_kbytes_out", NULL, acl_parse_int, acl_match_int },
+ { "sc1_sess_cnt", NULL, acl_parse_int, acl_match_int },
+ { "sc1_sess_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc1_trackers", NULL, acl_parse_int, acl_match_int },
+ { "sc2_bytes_in_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc2_bytes_out_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc2_clr_gpc0", NULL, acl_parse_int, acl_match_int },
+ { "sc2_conn_cnt", NULL, acl_parse_int, acl_match_int },
+ { "sc2_conn_cur", NULL, acl_parse_int, acl_match_int },
+ { "sc2_conn_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc2_get_gpc0", NULL, acl_parse_int, acl_match_int },
+ { "sc2_http_err_cnt", NULL, acl_parse_int, acl_match_int },
+ { "sc2_http_err_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc2_http_req_cnt", NULL, acl_parse_int, acl_match_int },
+ { "sc2_http_req_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc2_inc_gpc0", NULL, acl_parse_int, acl_match_int },
+ { "sc2_kbytes_in", NULL, acl_parse_int, acl_match_int },
+ { "sc2_kbytes_out", NULL, acl_parse_int, acl_match_int },
+ { "sc2_sess_cnt", NULL, acl_parse_int, acl_match_int },
+ { "sc2_sess_rate", NULL, acl_parse_int, acl_match_int },
+ { "sc2_trackers", NULL, acl_parse_int, acl_match_int },
+ { "src_bytes_in_rate", NULL, acl_parse_int, acl_match_int },
+ { "src_bytes_out_rate", NULL, acl_parse_int, acl_match_int },
+ { "src_clr_gpc0", NULL, acl_parse_int, acl_match_int },
+ { "src_conn_cnt", NULL, acl_parse_int, acl_match_int },
+ { "src_conn_cur", NULL, acl_parse_int, acl_match_int },
+ { "src_conn_rate", NULL, acl_parse_int, acl_match_int },
+ { "src_get_gpc0", NULL, acl_parse_int, acl_match_int },
+ { "src_http_err_cnt", NULL, acl_parse_int, acl_match_int },
+ { "src_http_err_rate", NULL, acl_parse_int, acl_match_int },
+ { "src_http_req_cnt", NULL, acl_parse_int, acl_match_int },
+ { "src_http_req_rate", NULL, acl_parse_int, acl_match_int },
+ { "src_inc_gpc0", NULL, acl_parse_int, acl_match_int },
+ { "src_kbytes_in", NULL, acl_parse_int, acl_match_int },
+ { "src_kbytes_out", NULL, acl_parse_int, acl_match_int },
+ { "src_sess_cnt", NULL, acl_parse_int, acl_match_int },
+ { "src_sess_rate", NULL, acl_parse_int, acl_match_int },
+ { "src_updt_conn_cnt", NULL, acl_parse_int, acl_match_int },
+ { "table_avl", NULL, acl_parse_int, acl_match_int },
+ { "table_cnt", NULL, acl_parse_int, acl_match_int },
{ /* END */ },
}};
* Please take care of keeping this list alphabetically sorted.
*/
static struct acl_kw_list acl_kws = {{ },{
- { "ssl_c_ca_err", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_ca_err_depth", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_err", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_i_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_key_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_notafter", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_notbefore", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_sig_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_s_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_serial", NULL, acl_parse_bin, acl_match_bin, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_used", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_verify", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
- { "ssl_c_version", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
- { "ssl_f_i_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_f_key_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_f_notafter", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_f_notbefore", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_f_sig_alg", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_f_s_dn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_f_serial", NULL, acl_parse_bin, acl_match_bin, ACL_USE_L6REQ_PERMANENT },
- { "ssl_f_version", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
- { "ssl_fc", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT },
- { "ssl_fc_alg_keysize", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
- { "ssl_fc_cipher", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_fc_has_crt", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT },
- { "ssl_fc_has_sni", NULL, acl_parse_nothing, acl_match_nothing, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_c_ca_err", NULL, acl_parse_int, acl_match_int },
+ { "ssl_c_ca_err_depth", NULL, acl_parse_int, acl_match_int },
+ { "ssl_c_err", NULL, acl_parse_int, acl_match_int },
+ { "ssl_c_i_dn", NULL, acl_parse_str, acl_match_str },
+ { "ssl_c_key_alg", NULL, acl_parse_str, acl_match_str },
+ { "ssl_c_notafter", NULL, acl_parse_str, acl_match_str },
+ { "ssl_c_notbefore", NULL, acl_parse_str, acl_match_str },
+ { "ssl_c_sig_alg", NULL, acl_parse_str, acl_match_str },
+ { "ssl_c_s_dn", NULL, acl_parse_str, acl_match_str },
+ { "ssl_c_serial", NULL, acl_parse_bin, acl_match_bin },
+ { "ssl_c_used", NULL, acl_parse_nothing, acl_match_nothing },
+ { "ssl_c_verify", NULL, acl_parse_int, acl_match_int },
+ { "ssl_c_version", NULL, acl_parse_int, acl_match_int },
+ { "ssl_f_i_dn", NULL, acl_parse_str, acl_match_str },
+ { "ssl_f_key_alg", NULL, acl_parse_str, acl_match_str },
+ { "ssl_f_notafter", NULL, acl_parse_str, acl_match_str },
+ { "ssl_f_notbefore", NULL, acl_parse_str, acl_match_str },
+ { "ssl_f_sig_alg", NULL, acl_parse_str, acl_match_str },
+ { "ssl_f_s_dn", NULL, acl_parse_str, acl_match_str },
+ { "ssl_f_serial", NULL, acl_parse_bin, acl_match_bin },
+ { "ssl_f_version", NULL, acl_parse_int, acl_match_int },
+ { "ssl_fc", NULL, acl_parse_nothing, acl_match_nothing },
+ { "ssl_fc_alg_keysize", NULL, acl_parse_int, acl_match_int },
+ { "ssl_fc_cipher", NULL, acl_parse_str, acl_match_str },
+ { "ssl_fc_has_crt", NULL, acl_parse_nothing, acl_match_nothing },
+ { "ssl_fc_has_sni", NULL, acl_parse_nothing, acl_match_nothing },
#ifdef OPENSSL_NPN_NEGOTIATED
- { "ssl_fc_npn", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_fc_npn", NULL, acl_parse_str, acl_match_str },
#endif
- { "ssl_fc_protocol", NULL, acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_fc_use_keysize", NULL, acl_parse_int, acl_match_int, ACL_USE_L6REQ_PERMANENT },
- { "ssl_fc_sni", "ssl_fc_sni", acl_parse_str, acl_match_str, ACL_USE_L6REQ_PERMANENT },
- { "ssl_fc_sni_end", "ssl_fc_sni", acl_parse_str, acl_match_end, ACL_USE_L6REQ_PERMANENT },
- { "ssl_fc_sni_reg", "ssl_fc_sni", acl_parse_reg, acl_match_reg, ACL_USE_L6REQ_PERMANENT },
+ { "ssl_fc_protocol", NULL, acl_parse_str, acl_match_str },
+ { "ssl_fc_use_keysize", NULL, acl_parse_int, acl_match_int },
+ { "ssl_fc_sni", "ssl_fc_sni", acl_parse_str, acl_match_str },
+ { "ssl_fc_sni_end", "ssl_fc_sni", acl_parse_str, acl_match_end },
+ { "ssl_fc_sni_reg", "ssl_fc_sni", acl_parse_reg, acl_match_reg },
{ /* END */ },
}};
projects / thirdparty / haproxy.git / commitdiff
