Hi,
I would like to propose the following patch which adds the ability to
filter by http status code to relayd(8).
best regards,
Fabian
Index: parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
retrieving revision 1.244
diff -u -p -u -p -r1.244 parse.y
--- parse.y 12 Feb 2020 21:15:44 -0000 1.244
+++ parse.y 28 Mar 2020 21:57:47 -0000
@@ -1475,6 +1475,13 @@ ruleopts : METHOD STRING
{
rule->rule_method = id;
free($2);
}
+ | CODE NUMBER {
+ if ($2 < 100 || $2 > 599) {
+ yyerror("invalid HTTP code: %lld", $2);
+ YYERROR;
+ }
+ rule->rule_status = $2;
+ }
| COOKIE key_option STRING value {
keytype = KEY_TYPE_COOKIE;
rule->rule_kv[keytype].kv_key = strdup($3);
Index: relay_http.c
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/relay_http.c,v
retrieving revision 1.78
diff -u -p -u -p -r1.78 relay_http.c
--- relay_http.c 13 Jul 2019 06:53:00 -0000 1.78
+++ relay_http.c 28 Mar 2020 21:57:47 -0000
@@ -1816,6 +1816,8 @@ relay_test(struct protocol *proto, struc
(desc->http_method == HTTP_METHOD_RESPONSE ||
desc->http_method != r->rule_method))
RELAY_GET_SKIP_STEP(RULE_SKIP_METHOD);
+ else if (r->rule_status && desc->http_status != r->rule_status)
+ RELAY_GET_SKIP_STEP(RULE_SKIP_STATUS);
else if (r->rule_tagged && con->se_tag != r->rule_tagged)
RELAY_GET_NEXT_STEP;
else if (relay_httpheader_test(cre, r, &matches) != 0)
@@ -1917,6 +1919,8 @@ relay_calc_skip_steps(struct relay_rules
RELAY_SET_SKIP_STEPS(RULE_SKIP_DST);
else if (cur->rule_method != prev->rule_method)
RELAY_SET_SKIP_STEPS(RULE_SKIP_METHOD);
+ else if (cur->rule_status != prev->rule_status)
+ RELAY_SET_SKIP_STEPS(RULE_SKIP_STATUS);
prev = cur;
cur = TAILQ_NEXT(cur, rule_entry);
Index: relayd.conf.5
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/relayd.conf.5,v
retrieving revision 1.194
diff -u -p -u -p -r1.194 relayd.conf.5
--- relayd.conf.5 10 Feb 2020 13:18:21 -0000 1.194
+++ relayd.conf.5 28 Mar 2020 21:57:47 -0000
@@ -1205,6 +1205,10 @@ and can be either
or
.Ic VERSION-CONTROL .
.It Xo
+.It Ic code Ar number
+Match the HTTP return code
+.Ar number .
+.It Xo
.Ar type Ar option
.Oo Oo Ic digest Oc
.Pq Ar key Ns | Ns Ic file Ar path
Index: relayd.h
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/relayd.h,v
retrieving revision 1.260
diff -u -p -u -p -r1.260 relayd.h
--- relayd.h 15 Sep 2019 19:23:29 -0000 1.260
+++ relayd.h 28 Mar 2020 21:57:47 -0000
@@ -647,7 +647,8 @@ struct relay_rule {
#define RULE_SKIP_SRC 3
#define RULE_SKIP_DST 4
#define RULE_SKIP_METHOD 5
-#define RULE_SKIP_COUNT 6
+#define RULE_SKIP_STATUS 6
+#define RULE_SKIP_COUNT 7
struct relay_rule *rule_skip[RULE_SKIP_COUNT];
#define RULE_FLAG_QUICK 0x01
@@ -664,6 +665,7 @@ struct relay_rule {
struct relay_table *rule_table;
u_int rule_method;
+ u_int rule_status;
char rule_labelname[LABEL_NAME_SIZE];
char rule_tablename[TABLE_NAME_SIZE];
char rule_taggedname[TAG_NAME_SIZE];
