Re: [PATCH] [MINOR] Capture & display more data from health checks
On Mon, Oct 05, 2009 at 12:51:07AM +0200, Krzysztof Oledzki wrote:
> >>Non ascii or HTML control characters are masked.
> >
> >I don't see the reason for masking HTML characters, since the output
> >is sent over syslog. I'm OK for masking non-ascii characters however.
>
> Because the output is presented on html page - it is added to a popup
> generated by "td title". But you are right - we should also add it to
> syslog.
I'd prefer that we correctly encode at the destination, which means
to do this in the html stats functions. If necessary I can write an
HTML encoder which would take two chunks for instance.
> >>Feature can be disabled by defining HCHK_DESC_LEN to 0.
> >
> >What could be the reason for disabling this feature ? After
> >all, if people enable log-health-checks, it means they want
> >more verbose info.
>
> To save HCHK_DESC_LEN==128 bytes for each server. If you found it
> unnecessary I'm more than happy to remove this check.
I don't care much about a proxy or a server size. I don't like to
waste, but overall it does not change much the memory usage. Even
large configs with 1000 servers will still only be hit by 128 kB.
You can bet that those running 1000 servers are not counting their
RAM in kilobytes ;-)
What I care about however, is that most of the "hot" struct members
are grouped so that they remain hot in the CPU caches. The other
important thing is to avoid increasing the session size.
> >Here we should also check for '\n' alone, let's add this function
> >to standard.h to find and replace CR/LFs with a zero. It's small
> >and efficient enough to be reused for generic uses :
> >
> >static inline char *cut_crlf(char *s)
> >{
> > do {
> > if (*s == '\n' || *s == '\r')
> > *s = 0;
> > } while (*s++);
> > return s;
> >}
> >
> >Then :
> > desc = trash;
> > cut_crlf(desc);
>
> Sure. How about adding a "break" after a first match?
Hmm my bad, this is one I use to cut and skip cr+lf. In fact for this
usage it does not change anything but it's handy when the cursor remains
on the zero once it has been reached. This one is more versatile :
/* return either pointer to zero of to char following CR/LF and
* replace them with zero.
*/
static inline char *cut_crlf(char *s)
{
while (*s != '\n' && *s != '\r') {
char *p = s++;
if (!*p)
return p;
}
*s++ = 0;
return s;
}
I think the more we'll implement "applets", the more we'll need to
implement small and easy to use primitives like this do basic string
processing.
> >I think that if the outputs are small enough, we'll be able to
> >make them appear as automatic "popups" in the HTML stats page
> >when the check column is highlighted.
>
> Yep, this is exactly the place where you can find them currently. ;)
Oh, maybe it's time for bed for me then :-/
Regards,
Willy
Re: [PATCH] [MINOR] Capture & display more data from health checks
On Mon, 5 Oct 2009, Willy Tarreau wrote:
On Sun, Oct 04, 2009 at 09:35:33PM +0200, Krzysztof Piotr Oledzki wrote:
From 1299a2fe5768c502786ef28cd78dae83a31f0c83 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki
Date: Sun, 4 Oct 2009 21:28:53 +0200
Subject: [MINOR] Capture & display more data from health checks
Capture & display more data from health checks, like
strerror(errno) for L4 failed checks or a first line
from a response for L7 successes/failed checks.
I have a few questions about this one.
Sure :)
Non ascii or HTML control characters are masked.
I don't see the reason for masking HTML characters, since the output
is sent over syslog. I'm OK for masking non-ascii characters however.
Because the output is presented on html page - it is added to a popup
generated by "td title". But you are right - we should also add it to
syslog.
Feature can be disabled by defining HCHK_DESC_LEN to 0.
What could be the reason for disabling this feature ? After
all, if people enable log-health-checks, it means they want
more verbose info.
To save HCHK_DESC_LEN==128 bytes for each server. If you found it
unnecessary I'm more than happy to remove this check.
@@ -656,50 +679,78 @@ static int event_srv_chk_r(int fd)
(memcmp(trash, "HTTP/1.", 7) != 0 ||
(trash[12] != ' ' && trash[12] != '\r')) ||
!isdigit(trash[9]) || !isdigit(trash[10]) ||
!isdigit(trash[11])) {
- set_server_check_status(s, HCHK_STATUS_L7RSP);
+
+ desc = trash;
+ p = strchr(desc, '\r');
+ if (p)
+ *p = '\0';
Here we should also check for '\n' alone, let's add this function
to standard.h to find and replace CR/LFs with a zero. It's small
and efficient enough to be reused for generic uses :
static inline char *cut_crlf(char *s)
{
do {
if (*s == '\n' || *s == '\r')
*s = 0;
} while (*s++);
return s;
}
Then :
desc = trash;
cut_crlf(desc);
Sure. How about adding a "break" after a first match?
I think that if the outputs are small enough, we'll be able to
make them appear as automatic "popups" in the HTML stats page
when the check column is highlighted.
Yep, this is exactly the place where you can find them currently. ;)
Best regards,
Krzysztof Olędzki
[PATCH] [MINOR] acl: don't report valid acls as potential mistakes
>From c9ae0019236257ca57b062dd4cca0732cf98600c Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki
Date: Mon, 5 Oct 2009 00:23:35 +0200
Subject: [MINOR] acl: don't report valid acls as potential mistakes
Commit 404e8ab4615d564a74f92a0d3822b0292dd6224f introduced
smart checking for stupid acl typos. However, now haproxy shows
the warning even for valid acls, like this one:
acl Cookie-X-NoAccelhdr_reg(cookie) (^|\ |;)X-NoAccel=1(;|$)
---
src/acl.c |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/src/acl.c b/src/acl.c
index 77ca627..0ded6bf 100644
--- a/src/acl.c
+++ b/src/acl.c
@@ -766,7 +766,7 @@ struct acl *parse_acl(const char **args, struct list
*known_acl)
* subject, as this is almost certainly a typo. Right now we can only
* emit a warning, so let's do so.
*/
- if (*args[2] == '(')
+ if (!strchr(args[1], '(') && *args[2] == '(')
Warning("parsing acl '%s' :\n"
" matching '%s' for pattern '%s' is likely a mistake
and probably\n"
" not what you want. Maybe you need to remove the
extraneous space before '('.\n"
--
1.6.4.2
Re: [PATCH] [MINOR] Capture & display more data from health checks
On Sun, Oct 04, 2009 at 09:35:33PM +0200, Krzysztof Piotr Oledzki wrote:
> >From 1299a2fe5768c502786ef28cd78dae83a31f0c83 Mon Sep 17 00:00:00 2001
> From: Krzysztof Piotr Oledzki
> Date: Sun, 4 Oct 2009 21:28:53 +0200
> Subject: [MINOR] Capture & display more data from health checks
>
> Capture & display more data from health checks, like
> strerror(errno) for L4 failed checks or a first line
> from a response for L7 successes/failed checks.
I have a few questions about this one.
> Non ascii or HTML control characters are masked.
I don't see the reason for masking HTML characters, since the output
is sent over syslog. I'm OK for masking non-ascii characters however.
> Feature can be disabled by defining HCHK_DESC_LEN to 0.
What could be the reason for disabling this feature ? After
all, if people enable log-health-checks, it means they want
more verbose info.
> @@ -656,50 +679,78 @@ static int event_srv_chk_r(int fd)
> (memcmp(trash, "HTTP/1.", 7) != 0 ||
> (trash[12] != ' ' && trash[12] != '\r')) ||
> !isdigit(trash[9]) || !isdigit(trash[10]) ||
> !isdigit(trash[11])) {
> - set_server_check_status(s, HCHK_STATUS_L7RSP);
> +
> + desc = trash;
> + p = strchr(desc, '\r');
> + if (p)
> + *p = '\0';
Here we should also check for '\n' alone, let's add this function
to standard.h to find and replace CR/LFs with a zero. It's small
and efficient enough to be reused for generic uses :
static inline char *cut_crlf(char *s)
{
do {
if (*s == '\n' || *s == '\r')
*s = 0;
} while (*s++);
return s;
}
Then :
desc = trash;
cut_crlf(desc);
> +
> + set_server_check_status(s, HCHK_STATUS_L7RSP, desc);
> +
> goto out_wakeup;
> }
>
> s->check_code = str2uic(&trash[9]);
>
> + desc = &trash[12];
> + p = strchr(desc, '\r');
> + if (p)
> + *p = '\0';
same above
> + while(*desc == ' ')
> + desc++;
> +
(...)
> else if (s->proxy->options & PR_O_SMTP_CHK) {
> /* Check if the server speaks SMTP */
> if ((len < strlen("000\r")) ||
> (trash[3] != ' ' && trash[3] != '\r') ||
> !isdigit(trash[0]) || !isdigit(trash[1]) ||
> !isdigit(trash[2])) {
> - set_server_check_status(s, HCHK_STATUS_L7RSP);
> +
> + desc = trash;
> + p = strchr(desc, '\r');
> + if (p)
> + *p = '\0';
and here.
> +
> + set_server_check_status(s, HCHK_STATUS_L7RSP, desc);
> +
> goto out_wakeup;
> }
>
> s->check_code = str2uic(&trash[0]);
>
> + desc = &trash[3];
> + p = strchr(desc, '\r');
> + if (p)
> + *p = '\0';
and here.
I think that if the outputs are small enough, we'll be able to
make them appear as automatic "popups" in the HTML stats page
when the check column is highlighted.
Regards,
Willy
Re: [PATCH] [BUG] Fix NULL pointer dereference in stats_check_uri_auth(), v2
On Sun, Oct 04, 2009 at 11:42:20PM +0200, Krzysztof Piotr Oledzki wrote: > >From c09c436aca5fd0d2363e27b62c61a86c04c0aa71 Mon Sep 17 00:00:00 2001 > From: Krzysztof Piotr Oledzki > Date: Sun, 4 Oct 2009 23:34:15 +0200 > Subject: [BUG] Fix NULL pointer dereference in stats_check_uri_auth(), v2 > > Recent "struct chunk rework" introduced a NULL pointer dereference > and now haproxy segfaults if auth is required for stats but not found. > > The reason is that size_t cannot store negative values, but current > code assumes that "len < 0" == uninitialized. > > This patch fixes it. OK merged, thanks. Also, I think it would make sense to check if we still need that <0 feature. Now that we have the size of the chunk, we might as well use that and not set len < 0. Willy
[PATCH] [BUG] Fix NULL pointer dereference in stats_check_uri_auth(), v2
>From c09c436aca5fd0d2363e27b62c61a86c04c0aa71 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki
Date: Sun, 4 Oct 2009 23:34:15 +0200
Subject: [BUG] Fix NULL pointer dereference in stats_check_uri_auth(), v2
Recent "struct chunk rework" introduced a NULL pointer dereference
and now haproxy segfaults if auth is required for stats but not found.
The reason is that size_t cannot store negative values, but current
code assumes that "len < 0" == uninitialized.
This patch fixes it.
---
include/proto/buffers.h |4 ++--
include/types/buffers.h |2 +-
src/proto_http.c|3 +--
3 files changed, 4 insertions(+), 5 deletions(-)
diff --git a/include/proto/buffers.h b/include/proto/buffers.h
index cec7b02..e061b2c 100644
--- a/include/proto/buffers.h
+++ b/include/proto/buffers.h
@@ -439,9 +439,9 @@ static inline void chunk_init(struct chunk *chk, char *str,
size_t size) {
}
/* report 0 in case of error, 1 if OK. */
-static inline int chunk_initlen(struct chunk *chk, char *str, size_t size,
size_t len) {
+static inline int chunk_initlen(struct chunk *chk, char *str, size_t size, int
len) {
- if (len > size)
+ if (size && len > size)
return 0;
chk->str = str;
diff --git a/include/types/buffers.h b/include/types/buffers.h
index 133285f..fc070bd 100644
--- a/include/types/buffers.h
+++ b/include/types/buffers.h
@@ -149,7 +149,7 @@
struct chunk {
char *str; /* beginning of the string itself. Might not be
0-terminated */
size_t size;/* total size of the buffer, 0 if the *str is read-only
*/
- size_t len; /* current size of the string from first to last char.
<0 = uninit. */
+ int len;/* current size of the string from first to last char.
<0 = uninit. */
};
/* needed for a declaration below */
diff --git a/src/proto_http.c b/src/proto_http.c
index 6cd0b40..1e596a1 100644
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -4630,8 +4630,7 @@ int stats_check_uri_auth(struct session *t, struct proxy
*backend)
int len = txn->hdr_idx.v[cur_idx].len;
if (len > 14 &&
!strncasecmp("Authorization:", h, 14)) {
- txn->auth_hdr.str = h;
- txn->auth_hdr.len = len;
+ chunk_initlen(&txn->auth_hdr, h, 0, len);
break;
}
h += len + txn->hdr_idx.v[cur_idx].cr + 1;
--
1.6.4.2
Re: session rate limiting per client ip
Hi, On Sun, Oct 04, 2009 at 10:07:32PM +0200, Corin Langosch wrote: > Hi all, > > does haproxy already support session rate limiting per client ip? no, not yet. > If not, what's the best way to implement it currently? if you can direct some client to an IP (or port) and other ones to another IP (or port), you can arrange to have distinct frontends with different limitations. While this works well to discriminate between internal/external users, it's still not enough to prevent people from sucking all your site. Regards, Willy
Re: [PATCH] [DOC] Add information about http://haproxy1wt.eu/contrib.html
On Sun, Oct 04, 2009 at 10:36:52PM +0200, Krzysztof Oledzki wrote: > >Concerning the stats socket, I think we'll soon have to add some levels > >of access control and/or write protection, because there will surely be > >some environments where we'll want to prevent the "clear counters" from > >happening. > > True. We may think about adding an option to disable write/clear commands > and only provide a read functionality. In the short term, that will be the easiest to do. Also, it will provide a means for changing a server's weight live, as many people are requesting. (...) > >I'd recommend you to rebase your tree upon latest -git, since I've > >finished converting the stats sockets to the new applets. > > OK. I've just uploaded it with latest changes. I found a few counters that we should add to the struct (some max values). Also, I have finally implemented the automatic ID allocator so that we are not limited to values > 1000 for custom IDs anymore. The allocator automatically picks the lowest unused value and skips assigned ones. Regards, Willy
Re: [PATCH] [BUG] Fix NULL pointer dereference in stats_check_uri_auth()
On Sun, 4 Oct 2009, Krzysztof Oledzki wrote:
On Sun, 4 Oct 2009, Krzysztof Piotr Oledzki wrote:
From fc217df5d282cfbc275f3eff286885aae0a0e117 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki
Date: Sun, 4 Oct 2009 23:00:16 +0200
Subject: [BUG] Fix NULL pointer dereference in stats_check_uri_auth()
Recent "struct chunk rework" exposed a NULL pointer dereference:
txn->auth_hdr is used even if it was not initialized and now
haproxy segfaults if auth is required for stats but not found.
This patch fixes it.
---
src/proto_http.c |5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/proto_http.c b/src/proto_http.c
index 6cd0b40..a73a580 100644
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -4563,7 +4563,7 @@ int stats_check_uri_auth(struct session *t, struct
proxy *backend)
struct http_txn *txn = &t->txn;
struct uri_auth *uri_auth = backend->uri_auth;
struct user_auth *user;
- int authenticated, cur_idx;
+ int authenticated, cur_idx, found = 0;
char *h;
memset(&t->data_ctx.stats, 0, sizeof(t->data_ctx.stats));
@@ -4632,12 +4632,13 @@ int stats_check_uri_auth(struct session *t, struct
proxy *backend)
!strncasecmp("Authorization:", h, 14)) {
txn->auth_hdr.str = h;
txn->auth_hdr.len = len;
+ found++;
break;
}
h += len + txn->hdr_idx.v[cur_idx].cr + 1;
}
- if (txn->auth_hdr.len < 21 ||
+ if (!found || txn->auth_hdr.len < 21 ||
memcmp(txn->auth_hdr.str + 14, " Basic ", 7))
user = NULL;
Please hold, "txn->auth_hdr.len < 21" should handle it - the bug is probably
in a different place.
OK, found it. Changing "int len" into "size_t len" is definitely wrong
idea if we assume <0 as uninitialized - part of 78abe618a87df1f63f7a6b439c72173f4bee5b85:
struct chunk {
char *str; /* beginning of the string itself. Might not be
0-terminated */
- int len;/* size of the string from first to last char. <0 =
uninit. */
+ size_t size;/* total size of the buffer, 0 if the *str is read-only
*/
+ size_t len; /* current size of the string from first to last char.
<0 = uninit. */
};
I'm going to revert this "int len;" -> "size_t len;" change.
Best regards,
Krzysztof Olędzki
Re: [PATCH] [BUG] Fix NULL pointer dereference in stats_check_uri_auth()
On Sun, 4 Oct 2009, Krzysztof Piotr Oledzki wrote:
From fc217df5d282cfbc275f3eff286885aae0a0e117 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki
Date: Sun, 4 Oct 2009 23:00:16 +0200
Subject: [BUG] Fix NULL pointer dereference in stats_check_uri_auth()
Recent "struct chunk rework" exposed a NULL pointer dereference:
txn->auth_hdr is used even if it was not initialized and now
haproxy segfaults if auth is required for stats but not found.
This patch fixes it.
---
src/proto_http.c |5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/proto_http.c b/src/proto_http.c
index 6cd0b40..a73a580 100644
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -4563,7 +4563,7 @@ int stats_check_uri_auth(struct session *t, struct proxy
*backend)
struct http_txn *txn = &t->txn;
struct uri_auth *uri_auth = backend->uri_auth;
struct user_auth *user;
- int authenticated, cur_idx;
+ int authenticated, cur_idx, found = 0;
char *h;
memset(&t->data_ctx.stats, 0, sizeof(t->data_ctx.stats));
@@ -4632,12 +4632,13 @@ int stats_check_uri_auth(struct session *t, struct
proxy *backend)
!strncasecmp("Authorization:", h, 14)) {
txn->auth_hdr.str = h;
txn->auth_hdr.len = len;
+ found++;
break;
}
h += len + txn->hdr_idx.v[cur_idx].cr + 1;
}
- if (txn->auth_hdr.len < 21 ||
+ if (!found || txn->auth_hdr.len < 21 ||
memcmp(txn->auth_hdr.str + 14, " Basic ", 7))
user = NULL;
Please hold, "txn->auth_hdr.len < 21" should handle it - the bug is
probably in a different place.
Best regards,
Krzysztof Olędzki
[PATCH] [BUG] Fix NULL pointer dereference in stats_check_uri_auth()
>From fc217df5d282cfbc275f3eff286885aae0a0e117 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki
Date: Sun, 4 Oct 2009 23:00:16 +0200
Subject: [BUG] Fix NULL pointer dereference in stats_check_uri_auth()
Recent "struct chunk rework" exposed a NULL pointer dereference:
txn->auth_hdr is used even if it was not initialized and now
haproxy segfaults if auth is required for stats but not found.
This patch fixes it.
---
src/proto_http.c |5 +++--
1 files changed, 3 insertions(+), 2 deletions(-)
diff --git a/src/proto_http.c b/src/proto_http.c
index 6cd0b40..a73a580 100644
--- a/src/proto_http.c
+++ b/src/proto_http.c
@@ -4563,7 +4563,7 @@ int stats_check_uri_auth(struct session *t, struct proxy
*backend)
struct http_txn *txn = &t->txn;
struct uri_auth *uri_auth = backend->uri_auth;
struct user_auth *user;
- int authenticated, cur_idx;
+ int authenticated, cur_idx, found = 0;
char *h;
memset(&t->data_ctx.stats, 0, sizeof(t->data_ctx.stats));
@@ -4632,12 +4632,13 @@ int stats_check_uri_auth(struct session *t, struct
proxy *backend)
!strncasecmp("Authorization:", h, 14)) {
txn->auth_hdr.str = h;
txn->auth_hdr.len = len;
+ found++;
break;
}
h += len + txn->hdr_idx.v[cur_idx].cr + 1;
}
- if (txn->auth_hdr.len < 21 ||
+ if (!found || txn->auth_hdr.len < 21 ||
memcmp(txn->auth_hdr.str + 14, " Basic ", 7))
user = NULL;
--
1.6.4.2
Re: [PATCH] [DOC] Add information about http://haproxy1wt.eu/contrib.html
On Sun, 4 Oct 2009, Willy Tarreau wrote: Hi Krzysztof, Hi Willy, I have merged your 5 patches. I have also added minor fixes to the doc and added the "clear counters" line to the stats usage text. Thanks. Concerning the stats socket, I think we'll soon have to add some levels of access control and/or write protection, because there will surely be some environments where we'll want to prevent the "clear counters" from happening. True. We may think about adding an option to disable write/clear commands and only provide a read functionality. I'm also planning on adding the ability to connect to the stats socket from a backend, possibly conditionned by an ACL. This would allow more monitoring systems to connect via TCP and/or remotely monitor the stats. So, implementing a write control is going to be more important. Also, at first I was not sure about the use of your socket stats. But I must admit that after having used them, I find them nice and useful. For instance, when there is a "bind" line per physical interface, it will permit per-interface monitoring. Also, it allows monitoring of upstream servers with very little requirement (only a few more IPs or ports). Exactly. I have been using this functionality for nearly a year now so I can count how much of the traffic goes to remote clients by expensive uplinks or by cheap peerings or to local clients. That's all good work, thanks ! Thank you. I'd recommend you to rebase your tree upon latest -git, since I've finished converting the stats sockets to the new applets. OK. Krzysztof Olędzki
[PATCH] [MINOR] Capture & display more data from health checks
>From 1299a2fe5768c502786ef28cd78dae83a31f0c83 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki
Date: Sun, 4 Oct 2009 21:28:53 +0200
Subject: [MINOR] Capture & display more data from health checks
Capture & display more data from health checks, like
strerror(errno) for L4 failed checks or a first line
from a response for L7 successes/failed checks.
Non ascii or HTML control characters are masked.
Feature can be disabled by defining HCHK_DESC_LEN to 0.
---
include/common/defaults.h |5 ++
include/types/server.h|3 +
src/checks.c | 101 ++---
src/dumpstats.c |8 +++-
4 files changed, 91 insertions(+), 26 deletions(-)
diff --git a/include/common/defaults.h b/include/common/defaults.h
index c09f5a4..b0aee86 100644
--- a/include/common/defaults.h
+++ b/include/common/defaults.h
@@ -174,4 +174,9 @@
#define MAX_HOSTNAME_LEN 32
#endif
+/* Maximum health check description length */
+#ifndef HCHK_DESC_LEN
+#define HCHK_DESC_LEN 128
+#endif
+
#endif /* _COMMON_DEFAULTS_H */
diff --git a/include/types/server.h b/include/types/server.h
index ddf5a46..3bc089f 100644
--- a/include/types/server.h
+++ b/include/types/server.h
@@ -125,6 +125,9 @@ struct server {
struct timeval check_start; /* last health check start time
*/
unsigned long check_duration; /* time in ms took to finish
last health check */
short check_status, check_code; /* check result, check code */
+#if HCHK_DESC_LEN
+ char check_desc[HCHK_DESC_LEN]; /* healt check descritpion */
+#endif
struct freq_ctr sess_per_sec; /* sessions per second on this
server */
unsigned int sps_max; /* maximum of new sessions per
second seen on this server */
diff --git a/src/checks.c b/src/checks.c
index a21386f..d016690 100644
--- a/src/checks.c
+++ b/src/checks.c
@@ -151,12 +151,16 @@ static void server_status_printf(struct chunk *msg,
struct server *s, unsigned o
* Show information in logs about failed health check if server is UP
* or succeeded health checks if server is DOWN.
*/
-static void set_server_check_status(struct server *s, short status) {
+static void set_server_check_status(struct server *s, short status, char
*desc) {
struct chunk msg;
+ char *p;
if (status == HCHK_STATUS_START) {
s->result = SRV_CHK_UNKNOWN;/* no result yet */
+#if HCHK_DESC_LEN
+ s->check_desc[0] = '\0';
+#endif
s->check_start = now;
return;
}
@@ -164,6 +168,19 @@ static void set_server_check_status(struct server *s,
short status) {
if (!s->check_status)
return;
+#if HCHK_DESC_LEN
+ if (desc && *desc) {
+ strncpy(s->check_desc, desc, HCHK_DESC_LEN-1);
+ s->check_desc[HCHK_DESC_LEN-1] = '\0';
+
+ /* mask non-ascii or HTML control characters */
+ for (p = s->check_desc; *p; p++)
+ if (!isascii(*p) || *p=='<' || *p=='>' || *p=='&')
+ *p = '.';
+ } else
+ s->check_desc[0] = '\0';
+#endif
+
s->check_status = status;
if (check_statuses[status].result)
s->result |= check_statuses[status].result;
@@ -503,7 +520,7 @@ static int event_srv_chk_w(int fd)
//fprintf(stderr, "event_srv_chk_w, state=%ld\n",
unlikely(fdtab[fd].state));
if (unlikely(fdtab[fd].state == FD_STERROR || (fdtab[fd].ev &
FD_POLL_ERR))) {
- set_server_check_status(s, HCHK_STATUS_L4CON);
+ set_server_check_status(s, HCHK_STATUS_L4CON, strerror(errno));
goto out_error;
}
@@ -539,11 +556,11 @@ static int event_srv_chk_w(int fd)
switch (errno) {
case ECONNREFUSED:
case ENETUNREACH:
- set_server_check_status(s,
HCHK_STATUS_L4CON);
+ set_server_check_status(s,
HCHK_STATUS_L4CON, strerror(errno));
break;
default:
- set_server_check_status(s,
HCHK_STATUS_SOCKERR);
+ set_server_check_status(s,
HCHK_STATUS_SOCKERR, strerror(errno));
}
goto out_error;
@@ -572,12 +589,12 @@ static int event_srv_chk_w(int fd)
goto out_poll;
if (errno && errno != EISCONN) {
- set_server_check_status(s, HCHK_STATUS_L4CON);
+ set_server_check_status(s, HCHK_STATUS_L4CON,
strerror(errno));
Re: [PATCH] [DOC] Add information about http://haproxy1wt.eu/contrib.html
Hi Krzysztof, I have merged your 5 patches. I have also added minor fixes to the doc and added the "clear counters" line to the stats usage text. Concerning the stats socket, I think we'll soon have to add some levels of access control and/or write protection, because there will surely be some environments where we'll want to prevent the "clear counters" from happening. I'm also planning on adding the ability to connect to the stats socket from a backend, possibly conditionned by an ACL. This would allow more monitoring systems to connect via TCP and/or remotely monitor the stats. Also, at first I was not sure about the use of your socket stats. But I must admit that after having used them, I find them nice and useful. For instance, when there is a "bind" line per physical interface, it will permit per-interface monitoring. Also, it allows monitoring of upstream servers with very little requirement (only a few more IPs or ports). That's all good work, thanks ! I'd recommend you to rebase your tree upon latest -git, since I've finished converting the stats sockets to the new applets. Cheers, Willy
Re: [ANNOUNCE] haproxy-1.4-dev3
On Son 04.10.2009 16:11, Willy Tarreau wrote: On Sun, Oct 04, 2009 at 03:59:07PM +0200, Aleksandar Lazic wrote: If you're interested, I've just pushed the final cleanup of the stats socket handler. It is much cleaner now and should be readable enough to be used as a starting point for other protocols. You can also take a look at the http stats (read stats_uri_auth()), and you will see it's not much hard. Thanks but I yust want to take a look into the protocols and then into the app. I want to undersatand fcgi as good as http before I start to play with your code ;-) I will try to make a fcgi app out of haproxy to get more familiar with the protocol. After that I will try to add a 'applet' so that I don't mixe 2 new issuess, learn fcgi & learn haproxy applet ;-). Be careful, the term "applet" here was chosen to designate a piece of code running inside one function and doing its own I/O itself, but it's far from being enough to run an application (it would be too hard to write and too risky). Things like advanced health-checks should be easy though. Ok. So the 'insert' and 'indirect' cookie mode ist used mostly, right? In this case the browser gives you with the cookie the right backend. yes, that's it. I will take a look into the fcgi & lsapi[1] and come back ;-) [1] http://www.litespeedtech.com/php-litespeed-sapi.html http://www.litespeedtech.com/products/lsapi/overview/ did not know about those. I'm not surprized they claim higher performance than fcgi, as there is a lot of rewriting in fcgi, and everything which can be avoided should be. I have started. The reason is that php 5.3.1 have this a further sapi and its looks nice. BR Aleks
Re: [ANNOUNCE] haproxy-1.4-dev3
On Sun, Oct 04, 2009 at 03:59:07PM +0200, Aleksandar Lazic wrote: (...) > On Fre 02.10.2009 22:54, Willy Tarreau wrote: > >On Fri, Oct 02, 2009 at 10:19:47PM +0200, Aleksandar Lazic wrote: > >>Hm so if I want to add ajp,fcgi, ... protocol I think I will need a > >>buffer for the 'header' and for the content. > > > >Yes, the principle is to chain two series of buffers like this : > > [snip] If you're interested, I've just pushed the final cleanup of the stats socket handler. It is much cleaner now and should be readable enough to be used as a starting point for other protocols. You can also take a look at the http stats (read stats_uri_auth()), and you will see it's not much hard. (...) > >To be quite honnest, it is a bit early but it is also what helps the > >design evolve towards the right direction. If you start to implement > >something now, I'm absolutely certain that you will regularly block > >because of missing feature X or Y and that sometimes I won't even have > >any immediate response. This is sometimes very frustrating for > >everyone. But if you don't waste your time on it and just start it as a > >PoC, it should be an interesting experience which can serve both of us. > > I will try to make a fcgi app out of haproxy to get more familiar with > the protocol. After that I will try to add a 'applet' so that I don't > mixe 2 new issuess, learn fcgi & learn haproxy applet ;-). Be careful, the term "applet" here was chosen to designate a piece of code running inside one function and doing its own I/O itself, but it's far from being enough to run an application (it would be too hard to write and too risky). Things like advanced health-checks should be easy though. > >>So no stickyness on the loadbalancer, so the most application use the > >>cookies and shared storage for the sessions, right. > > > >Oh sorry if I was not clear in my response. Since you only asked about > >the LB method, I thought you were only interested in the algo. > >Stickiness based on cookie insertion is almost always used with HTTP, > >since it's the easiest one to deploy. > > So the 'insert' and 'indirect' cookie mode ist used mostly, right? > In this case the browser gives you with the cookie the right backend. yes, that's it. > I will take a look into the fcgi & lsapi[1] and come back ;-) > > [1] http://www.litespeedtech.com/php-litespeed-sapi.html > http://www.litespeedtech.com/products/lsapi/overview/ did not know about those. I'm not surprized they claim higher performance than fcgi, as there is a lot of rewriting in fcgi, and everything which can be avoided should be. Regards, Willy
Re: [ANNOUNCE] haproxy-1.4-dev3
On Fre 02.10.2009 22:54, Willy Tarreau wrote: On Fri, Oct 02, 2009 at 10:19:47PM +0200, Aleksandar Lazic wrote: Hm so if I want to add ajp,fcgi, ... protocol I think I will need a buffer for the 'header' and for the content. Yes, the principle is to chain two series of buffers like this : [snip] A colleague of mine already tried to implement FCGI last year around 1.3.15 and almost succeeded, but he agreed this was awful due to the lack of infrastructure help from haproxy's lower layers. But it was very useful as a proof-of-concept to find out what was wrong with that architecture and what needed to evolve. Now it should be a lot easier, but since the same colleague also intends to work on SSL again, I'll not hurry him too much :-) ;-) Do you think it is the right time to add it to haproxy or should I wait until the 'interface' is more ready? both :-) To be quite honnest, it is a bit early but it is also what helps the design evolve towards the right direction. If you start to implement something now, I'm absolutely certain that you will regularly block because of missing feature X or Y and that sometimes I won't even have any immediate response. This is sometimes very frustrating for everyone. But if you don't waste your time on it and just start it as a PoC, it should be an interesting experience which can serve both of us. I will try to make a fcgi app out of haproxy to get more familiar with the protocol. After that I will try to add a 'applet' so that I don't mixe 2 new issuess, learn fcgi & learn haproxy applet ;-). So no stickyness on the loadbalancer, so the most application use the cookies and shared storage for the sessions, right. Oh sorry if I was not clear in my response. Since you only asked about the LB method, I thought you were only interested in the algo. Stickiness based on cookie insertion is almost always used with HTTP, since it's the easiest one to deploy. So the 'insert' and 'indirect' cookie mode ist used mostly, right? In this case the browser gives you with the cookie the right backend. This was my first 'session based methode' to make it HA ;-). If so less user use it I'am not sure if it is worth until the 'global' handling is designed. The new global handling should cover it as well (we discussed it BTW, explaining why we need multiple matches, cookies+url for instance). Then once the new design is ready, we can convert the appsession code to rely on it and all the ongoing work for shared sessions will be usable for appsessions too. Hm, long time ago. I will take a look into the fcgi & lsapi[1] and come back ;-) BR Aleks [1] http://www.litespeedtech.com/php-litespeed-sapi.html http://www.litespeedtech.com/products/lsapi/overview/
[PATCH] [DOC] Add information about http://haproxy1wt.eu/contrib.html
>From f939959c296f9762afe4cfc9a54d273f164c3204 Mon Sep 17 00:00:00 2001 From: Krzysztof Piotr Oledzki Date: Sun, 27 Sep 2009 14:20:28 +0200 Subject: [DOC] Add information about http://haproxy.1wt.eu/contrib.html Add information about http://haproxy.1wt.eu/contrib.html in the CONTRIB file and remove one useless comment. --- CONTRIB |7 ++- 1 files changed, 6 insertions(+), 1 deletions(-) diff --git a/CONTRIB b/CONTRIB index b3cb79e..47521ec 100644 --- a/CONTRIB +++ b/CONTRIB @@ -8,13 +8,18 @@ Special thanks to the following people for their useful contributions : - Bryan Germann : option to exempt some sources from x-forwarded-for. - Fabrice Dulaunoy : health-checks on different addresses +This list is quite incomplete and very outdated. For more up-to-date +information please look at http://haproxy.1wt.eu/contrib.html, it lists +not only significant code contributions (features, fixes), but also time or +money donations. + Note to contributors: it's very handy when patches comes with a properly formated subject. Try to put one of the following words between brackets to indicate the importance of the patch followed by a short description: [MINOR]minor fix, very low risk of impact [MEDIUM] medium risk, may cause unexpected regressions of low importance or - which may quickly be discovered (just like this patch) + which may quickly be discovered [MAJOR]major risk of hidden regression. This happens when I rearrange large parts of code, when I play with timeouts, with variable initializations, etc... -- 1.6.4.2
[PATCH 4/4] [MEDIUM] Collect & provide separate statistics for sockets, v2
>From 862c22a128e9f63b97e2fd4b6d1024bb16d8f6fc Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki
Date: Sun, 4 Oct 2009 15:43:17 +0200
Subject: [MEDIUM] Collect & provide separate statistics for sockets, v2
This patch allows to collect & provide separate statistics for each socket.
It can be very useful if you would like to distinguish between traffic
generate by local and remote users or between different types of remote
clients (peerings, domestic, foreign).
Currently no "Session rate" is supported, but adding it should be possible
if we found it useful.
---
doc/configuration.txt | 19 +
include/proto/dumpstats.h |1 +
include/proto/proxy.h |3 +
include/types/proto_http.h |1 +
include/types/protocols.h |2 +
include/types/proxy.h |1 +
include/types/session.h|1 +
src/cfgparse.c | 96 ++-
src/client.c |5 ++
src/dumpstats.c| 95 +++
src/proto_http.c | 48 ++
src/proto_tcp.c|4 ++
src/session.c | 10 +
13 files changed, 274 insertions(+), 12 deletions(-)
diff --git a/doc/configuration.txt b/doc/configuration.txt
index cd3d17b..221815e 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -758,6 +758,7 @@ option httplog X X X X
option originalto X X X X
[no] option persist X - X X
[no] option redispatch X - X X
+[no] option socket-statsX X X -
option smtpchk X - X X
[no] option splice-auto X X X X
[no] option splice-request X X X X
@@ -1104,6 +1105,8 @@ bind []: [, ...]
bind []: [, ...] interface
bind []: [, ...] mss
bind []: [, ...] transparent
+bind []: [, ...] id
+bind []: [, ...] name
Define one or several listening addresses and/or ports in a frontend.
May be used in sections : defaults | frontend | listen | backend
no |yes | yes | no
@@ -1137,6 +1140,13 @@ bind []: [, ...] transparent
work on other operating systems. The commonly advertised
value on Ethernet networks is 1460 = 1500(MTU) - 40(IP+TCP).
+ is a persistent value for socket ID. Must be unique and
+ larger than 1000, as smaller values are reserved for
+ auto-assigned ids. Can only be used when defining only
+ a single socket.
+
+is an optional name provided for stats
+
transparent is an optional keyword which is supported only on certain
Linux kernels. It indicates that the addresses will be bound
even if they do not belong to the local machine. Any packet
@@ -2729,6 +2739,15 @@ no option redispatch
See also : "redispatch", "retries"
+option socket-stats
+no option socket-stats
+
+ Enable or disable collecting & providing separate statistics for each socket.
+ May be used in sections:defaults | frontend | listen
+
+ Arguments : none
+
+
option smtpchk
option smtpchk
Use SMTP health checks for server testing
diff --git a/include/proto/dumpstats.h b/include/proto/dumpstats.h
index 7a92c98..f3681b9 100644
--- a/include/proto/dumpstats.h
+++ b/include/proto/dumpstats.h
@@ -38,6 +38,7 @@
#define STATS_TYPE_FE 0
#define STATS_TYPE_BE 1
#define STATS_TYPE_SV 2
+#define STATS_TYPE_SO 3
#define STATS_ST_INIT 0
#define STATS_ST_REQ 1
diff --git a/include/proto/proxy.h b/include/proto/proxy.h
index f293b1b..c0ce2a3 100644
--- a/include/proto/proxy.h
+++ b/include/proto/proxy.h
@@ -69,6 +69,9 @@ static inline void proxy_reset_timeouts(struct proxy *proxy)
static void inline proxy_inc_fe_ctr(struct listener *l, struct proxy *fe)
{
fe->counters.cum_feconn++;
+ if (l->counters)
+ l->counters->cum_conn++;
+
update_freq_ctr(&fe->fe_sess_per_sec, 1);
if (fe->fe_sess_per_sec.curr_ctr > fe->fe_sps_max)
fe->fe_sps_max = fe->fe_sess_per_sec.curr_ctr;
diff --git a/include/types/proto_http.h b/include/types/proto_http.h
index c0350d2..a9acfdd 100644
--- a/include/types/proto_http.h
+++ b/include/types/proto_http.h
@@ -159,6 +159,7 @@ enum {
DATA_ST_PX_INIT = 0,
DATA_ST_PX_TH,
DATA_ST_PX_FE,
+ DATA_ST_PX_LI,
DATA_ST_PX_SV,
DATA_ST_PX_BE,
DATA_ST_PX_END,
diff --git a/include/types/protocols.h b/include/types/protocols.h
index 14aee79..c89deb3 100644
--- a/include/types/protocols.h
+++ b/include/types/protocols.h
@@ -30,6 +30,7 @@
#include
#include
+#include
#include
/* max length of a protcol name, including trailing zero */
@@ -80,6 +81,7 @@ struct listener {
[PATCH 3/4] [MINOR] Add "clear counters" to clear statistics counters
>From caec2314421cb985237d9aa5a6bbb62e2f730910 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki
Date: Sun, 4 Oct 2009 15:02:46 +0200
Subject: [MINOR] Add "clear counters" to clear statistics counters
Now, when statistics counters are moved to separate
structures, adding "clear counters" is extremely easy.
---
doc/configuration.txt |4
src/dumpstats.c | 22 --
2 files changed, 24 insertions(+), 2 deletions(-)
diff --git a/doc/configuration.txt b/doc/configuration.txt
index 254382b..cd3d17b 100644
--- a/doc/configuration.txt
+++ b/doc/configuration.txt
@@ -6724,6 +6724,10 @@ show stat [ ]
A similar empty line appears at the end of the second block (stats) so that
the reader knows the output has not been trucated.
+clear counters
+ Clear statistics counters in each proxy (frontend & backend) and in each
+ server.
+
/*
* Local variables:
* fill-column: 79
diff --git a/src/dumpstats.c b/src/dumpstats.c
index 024448a..2b704af 100644
--- a/src/dumpstats.c
+++ b/src/dumpstats.c
@@ -305,11 +305,29 @@ int stats_sock_parse_request(struct stream_interface *si,
char *line)
s->ana_state = STATS_ST_REP;
si->st0 = 5; // stats_dump_errors_to_buffer
}
- else { /* neither "stat" nor "info" nor "sess" */
+ else { /* neither "stat" nor "info" nor "sess" nor "errors"*/
return 0;
}
}
- else { /* not "show" */
+ else if (strcmp(args[0], "clear") == 0) {
+ if (strcmp(args[1], "counters") == 0) {
+ struct proxy *px;
+ struct server *sv;
+
+ for (px = proxy; px; px = px->next) {
+ memset(&px->counters, 0, sizeof(px->counters));
+
+ for (sv = px->srv; sv; sv = sv->next)
+ memset(&sv->counters, 0,
sizeof(sv->counters));
+ }
+
+ return 1;
+ }
+ else {
+ return 0;
+ }
+ }
+ else { /* not "show" nor "clear"*/
return 0;
}
return 1;
--
1.6.4.2
[PATCH 2/4] [CLEANUP] Move counters to dedicated structures
>From 09072edaddcb066c7b2b318e0e137ef67e62e867 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki
Date: Sun, 4 Oct 2009 14:52:57 +0200
Subject: [CLEANUP] Move counters to dedicated structures
Move counters from "struct proxy" and "struct server"
to "struct pxcounters" and "struct svcounters".
This patch should make no functional change.
---
include/proto/proxy.h |6 ++--
include/proto/server.h|2 +-
include/types/protocols.h |2 +
include/types/proxy.h | 16 +++---
include/types/server.h| 12 ++--
src/backend.c | 22 +++---
src/checks.c |6 ++--
src/client.c |6 ++--
src/dumpstats.c | 66 ++--
src/haproxy.c |8 +++---
src/proto_http.c | 54 +---
src/proto_tcp.c |2 +-
src/proxy.c |4 +-
src/session.c | 34 +++---
14 files changed, 114 insertions(+), 126 deletions(-)
diff --git a/include/proto/proxy.h b/include/proto/proxy.h
index 0ad1e7f..f293b1b 100644
--- a/include/proto/proxy.h
+++ b/include/proto/proxy.h
@@ -66,9 +66,9 @@ static inline void proxy_reset_timeouts(struct proxy *proxy)
}
/* increase the number of cumulated connections on the designated frontend */
-static void inline proxy_inc_fe_ctr(struct proxy *fe)
+static void inline proxy_inc_fe_ctr(struct listener *l, struct proxy *fe)
{
- fe->cum_feconn++;
+ fe->counters.cum_feconn++;
update_freq_ctr(&fe->fe_sess_per_sec, 1);
if (fe->fe_sess_per_sec.curr_ctr > fe->fe_sps_max)
fe->fe_sps_max = fe->fe_sess_per_sec.curr_ctr;
@@ -77,7 +77,7 @@ static void inline proxy_inc_fe_ctr(struct proxy *fe)
/* increase the number of cumulated connections on the designated backend */
static void inline proxy_inc_be_ctr(struct proxy *be)
{
- be->cum_beconn++;
+ be->counters.cum_beconn++;
update_freq_ctr(&be->be_sess_per_sec, 1);
if (be->be_sess_per_sec.curr_ctr > be->be_sps_max)
be->be_sps_max = be->be_sess_per_sec.curr_ctr;
diff --git a/include/proto/server.h b/include/proto/server.h
index 7479c2e..43d9216 100644
--- a/include/proto/server.h
+++ b/include/proto/server.h
@@ -38,7 +38,7 @@ int srv_getinter(struct server *s);
/* increase the number of cumulated connections on the designated server */
static void inline srv_inc_sess_ctr(struct server *s)
{
- s->cum_sess++;
+ s->counters.cum_sess++;
update_freq_ctr(&s->sess_per_sec, 1);
if (s->sess_per_sec.curr_ctr > s->sps_max)
s->sps_max = s->sess_per_sec.curr_ctr;
diff --git a/include/types/protocols.h b/include/types/protocols.h
index 9247ef1..14aee79 100644
--- a/include/types/protocols.h
+++ b/include/types/protocols.h
@@ -76,6 +76,8 @@
*/
struct listener {
int fd; /* the listen socket */
+ char *name; /* */
+ int luid; /* listener universally unique ID, used
for SNMP */
int state; /* state: NEW, INIT, ASSIGNED, LISTEN,
READY, FULL */
int options;/* socket options : LI_O_* */
struct sockaddr_storage addr; /* the address we listen to */
diff --git a/include/types/proxy.h b/include/types/proxy.h
index ed632a2..432111b 100644
--- a/include/types/proxy.h
+++ b/include/types/proxy.h
@@ -37,6 +37,7 @@
#include
#include
#include
+#include
#include
#include
#include
@@ -196,14 +197,11 @@ struct proxy {
struct list pendconns; /* pending connections with no
server assigned yet */
int nbpend, nbpend_max; /* number of pending
connections with no server assigned yet */
int totpend;/* total number of pending
connections on this instance (for stats) */
- unsigned int feconn, feconn_max;/* # of active frontend
sessions */
- unsigned int beconn, beconn_max;/* # of active backend sessions
*/
+ unsigned int feconn, beconn;/* # of active frontend and
backends sessions */
struct freq_ctr fe_sess_per_sec;/* sessions per second on the
frontend */
unsigned int fe_sps_max;/* maximum of new sessions per
second seen on the frontend */
struct freq_ctr be_sess_per_sec;/* sessions per second on the
backend */
unsigned int be_sps_max;/* maximum of new sessions per
second seen on the backend */
- long long cum_feconn, cum_beconn; /* cumulated number of
processed sessions */
- long long cum_lbconn; /* cumulated number of sessions
processed by load balancing */
unsigned int maxconn; /* max # of active sessions on
the frontend */
unsigned int fe_sps_lim;/* limit
[PATCH 1/4] [MINOR] Introduce include/types/countersh
>From 737361c7a3f7e5ddd407c150d29df63cef1ffbf8 Mon Sep 17 00:00:00 2001
From: Krzysztof Piotr Oledzki
Date: Sun, 4 Oct 2009 14:32:53 +0200
Subject: [MINOR] Introduce include/types/counters.h
This patch introduces include/types/counters.h that
will be used to split couters from other structures
and to create statistics for listeners.
---
include/types/counters.h | 74 ++
1 files changed, 74 insertions(+), 0 deletions(-)
create mode 100644 include/types/counters.h
diff --git a/include/types/counters.h b/include/types/counters.h
new file mode 100644
index 000..6bb95a0
--- /dev/null
+++ b/include/types/counters.h
@@ -0,0 +1,74 @@
+/*
+ include/types/counters.h
+ This file contains structure declarations for statistics counters.
+
+ Copyright 2008-2009 Krzysztof Piotr Oledzki
+
+ This library is free software; you can redistribute it and/or
+ modify it under the terms of the GNU Lesser General Public
+ License as published by the Free Software Foundation, version 2.1
+ exclusively.
+
+ This library is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+ Lesser General Public License for more details.
+
+ You should have received a copy of the GNU Lesser General Public
+ License along with this library; if not, write to the Free Software
+ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301
USA
+*/
+
+#ifndef _TYPES_COUNTERS_H
+#define _TYPES_COUNTERS_H
+
+struct pxcounters {
+ unsigned int feconn_max, beconn_max;/* max # of active frontend and
backend sessions */
+
+ long long cum_feconn, cum_beconn; /* cumulated number of
processed sessions */
+ long long cum_lbconn; /* cumulated number of sessions
processed by load balancing */
+
+ long long bytes_in; /* number of bytes transferred
from the client to the server */
+ long long bytes_out;/* number of bytes transferred
from the server to the client */
+
+ long long denied_req, denied_resp; /* blocked requests/responses
because of security concerns */
+ long long failed_req; /* failed requests (eg: invalid
or timeout) */
+
+ long long failed_conns, failed_resp;/* failed connect() and
responses */
+ long long retries, redispatches;/* retried and redispatched
connections */
+};
+
+struct licounters {
+ unsigned int conn_max; /* max # of active listener
sessions */
+
+ long long cum_conn; /* cumulated number of
processed sessions */
+
+ long long bytes_in; /* number of bytes transferred
from the client to the server */
+ long long bytes_out;/* number of bytes transferred
from the server to the client */
+
+ long long denied_req, denied_resp; /* blocked requests/responses
because of security concerns */
+ long long failed_req; /* failed requests (eg: invalid
or timeout) */
+};
+
+struct srvcounters {
+ long long cum_sess; /* cumulated number of sessions
really sent to this server */
+ long long cum_lbconn; /* cumulated number of sessions
directed by load balancing */
+
+ long long bytes_in; /* number of bytes transferred
from the client to the server */
+ long long bytes_out;/* number of bytes transferred
from the server to the client */
+
+ long long failed_conns, failed_resp;/* failed connect() and
responses */
+ long long retries, redispatches;/* retried and redispatched
connections */
+ long long failed_secu; /* blocked responses because of
security concerns */
+
+ long long failed_checks, down_trans;/* failed checks and up->down
transitions */
+};
+
+#endif /* _TYPES_COUNTERS_H */
+
+/*
+ * Local variables:
+ * c-indent-level: 8
+ * c-basic-offset: 8
+ * End:
+ */
--
1.6.4.2
