Hi, I would like to propose the following patch which adds the ability to filter by http status code to relayd(8).
best regards, Fabian Index: parse.y =================================================================== RCS file: /cvs/src/usr.sbin/relayd/parse.y,v retrieving revision 1.244 diff -u -p -u -p -r1.244 parse.y --- parse.y 12 Feb 2020 21:15:44 -0000 1.244 +++ parse.y 28 Mar 2020 21:57:47 -0000 @@ -1475,6 +1475,13 @@ ruleopts : METHOD STRING { rule->rule_method = id; free($2); } + | CODE NUMBER { + if ($2 < 100 || $2 > 599) { + yyerror("invalid HTTP code: %lld", $2); + YYERROR; + } + rule->rule_status = $2; + } | COOKIE key_option STRING value { keytype = KEY_TYPE_COOKIE; rule->rule_kv[keytype].kv_key = strdup($3); Index: relay_http.c =================================================================== RCS file: /cvs/src/usr.sbin/relayd/relay_http.c,v retrieving revision 1.78 diff -u -p -u -p -r1.78 relay_http.c --- relay_http.c 13 Jul 2019 06:53:00 -0000 1.78 +++ relay_http.c 28 Mar 2020 21:57:47 -0000 @@ -1816,6 +1816,8 @@ relay_test(struct protocol *proto, struc (desc->http_method == HTTP_METHOD_RESPONSE || desc->http_method != r->rule_method)) RELAY_GET_SKIP_STEP(RULE_SKIP_METHOD); + else if (r->rule_status && desc->http_status != r->rule_status) + RELAY_GET_SKIP_STEP(RULE_SKIP_STATUS); else if (r->rule_tagged && con->se_tag != r->rule_tagged) RELAY_GET_NEXT_STEP; else if (relay_httpheader_test(cre, r, &matches) != 0) @@ -1917,6 +1919,8 @@ relay_calc_skip_steps(struct relay_rules RELAY_SET_SKIP_STEPS(RULE_SKIP_DST); else if (cur->rule_method != prev->rule_method) RELAY_SET_SKIP_STEPS(RULE_SKIP_METHOD); + else if (cur->rule_status != prev->rule_status) + RELAY_SET_SKIP_STEPS(RULE_SKIP_STATUS); prev = cur; cur = TAILQ_NEXT(cur, rule_entry); Index: relayd.conf.5 =================================================================== RCS file: /cvs/src/usr.sbin/relayd/relayd.conf.5,v retrieving revision 1.194 diff -u -p -u -p -r1.194 relayd.conf.5 --- relayd.conf.5 10 Feb 2020 13:18:21 -0000 1.194 +++ relayd.conf.5 28 Mar 2020 21:57:47 -0000 @@ -1205,6 +1205,10 @@ and can be either or .Ic VERSION-CONTROL . .It Xo +.It Ic code Ar number +Match the HTTP return code +.Ar number . +.It Xo .Ar type Ar option .Oo Oo Ic digest Oc .Pq Ar key Ns | Ns Ic file Ar path Index: relayd.h =================================================================== RCS file: /cvs/src/usr.sbin/relayd/relayd.h,v retrieving revision 1.260 diff -u -p -u -p -r1.260 relayd.h --- relayd.h 15 Sep 2019 19:23:29 -0000 1.260 +++ relayd.h 28 Mar 2020 21:57:47 -0000 @@ -647,7 +647,8 @@ struct relay_rule { #define RULE_SKIP_SRC 3 #define RULE_SKIP_DST 4 #define RULE_SKIP_METHOD 5 -#define RULE_SKIP_COUNT 6 +#define RULE_SKIP_STATUS 6 +#define RULE_SKIP_COUNT 7 struct relay_rule *rule_skip[RULE_SKIP_COUNT]; #define RULE_FLAG_QUICK 0x01 @@ -664,6 +665,7 @@ struct relay_rule { struct relay_table *rule_table; u_int rule_method; + u_int rule_status; char rule_labelname[LABEL_NAME_SIZE]; char rule_tablename[TABLE_NAME_SIZE]; char rule_taggedname[TAG_NAME_SIZE];