Hi,

I'm trying to use a stick table with general purpose tags (gpt) to do longer 
term (beyond the window itself) maximum connection rate tracking:
- stick table with conn_rate and one gpt
- update/set gpt0 if the current conn_rate is greater than what is stored in 
the gpt.

But I have trouble setting the gpt even from a trivial sample expression, 
erroring during config parsing with `internal error, unexpected rule->from=0, 
please report this bug!`.

Config, output, and haproxy -vv below.

Should this work, or do I misunderstand what sc-set-gpt can achieve?

Best regards,
Johannes


config
```
global
        log stdout format raw local0
        stats socket /run/haproxy/admin.sock mode 660 level admin
        stats timeout 30s

        set-var proc.baz int(3)

defaults
        log     global
        mode    http
        timeout connect 5000
        timeout client  50000
        timeout server  50000

frontend foo
        bind :::8080 v4v6
        default_backend bar
        tcp-request connection track-sc0 src table stick1
        tcp-request connection sc-set-gpt(0,0) var(proc.baz)
        # tcp-request connection sc-set-gpt(0,0) int(1)
        http-response set-header conn-rate %[sc_get_gpt(0,0,stick1)]

        ## track max conn_rate
        #tcp-request connection set-var(sess.prev_conn_rate) 
sc_get_gpt(0,0,stick1)
        #tcp-request connection set-var(sess.cur_conn_rate) 
sc_conn_rate(0,stick1)
        #tcp-request connection sc-set-gpt(0,0) var(sess.cur_conn_rate) if { 
var(sess.cur_conn_rate),sub(sess.prev_conn_rate) -m int gt 0 }

backend bar
        server localhost 127.0.0.1:80

backend stick1
        stick-table type ipv6 size 1m expire 1h store conn_rate(10s),gpt(1)
```

error
```
# ./haproxy -f ~/haproxy.cfg
[NOTICE]   (139304) : haproxy version is 2.9-dev2-227317-63
[NOTICE]   (139304) : path to executable is ./haproxy
[ALERT]    (139304) : config : parsing [/root/haproxy.cfg:19] : internal error, 
unexpected rule->from=0, please report this bug!
[ALERT]    (139304) : config : Error(s) found in configuration file : 
/root/haproxy.cfg
[ALERT]    (139304) : config : Fatal errors found in configuration.
```

`haproxy -vv` (initally on 2.6, but it still occurs in recent git)
```
HAProxy version 2.9-dev2-227317-63 2023/08/09 - https://haproxy.org/
Status: development branch - not safe for use in production.
Known bugs: https://github.com/haproxy/haproxy/issues?q=is:issue+is:open
Running on: Linux 5.15.0-73-generic #80-Ubuntu SMP Mon May 15 15:18:26 UTC 2023 
x86_64
Build options :
  TARGET  = linux-glibc
  CPU     = generic
  CC      = cc
  CFLAGS  = -O2 -g -Wall -Wextra -Wundef -Wdeclaration-after-statement 
-Wfatal-errors -Wtype-limits -Wshift-negative-value -Wshift-overflow=2 
-Wduplicated-cond -Wnull-dereference -fwrapv -Wno-address-of-packed-member 
-Wno-unused-label -Wno-sign-compare -Wno-unused-parameter -Wno-clobbered 
-Wno-missing-field-initializers -Wno-cast-function-type -Wno-string-plus-int 
-Wno-atomic-alignment
  OPTIONS = USE_OPENSSL=1 USE_SYSTEMD=1 USE_PCRE=1
  DEBUG   = -DDEBUG_STRICT -DDEBUG_MEMORY_POOLS

Feature list : -51DEGREES +ACCEPT4 +BACKTRACE -CLOSEFROM +CPU_AFFINITY +CRYPT_H 
-DEVICEATLAS +DL -ENGINE +EPOLL -EVPORTS +GETADDRINFO -KQUEUE -LIBATOMIC 
+LIBCRYPT +LINUX_SPLICE +LINUX_TPROXY -LUA -MATH -MEMORY_PROFILING +NETFILTER 
+NS -OBSOLETE_LINKER +OPENSSL -OPENSSL_WOLFSSL -OT +PCRE -PCRE2 -PCRE2_JIT 
-PCRE_JIT +POLL +PRCTL -PROCCTL -PROMEX -PTHREAD_EMULATION -QUIC 
-QUIC_OPENSSL_COMPAT +RT +SHM_OPEN +SLZ +SSL -STATIC_PCRE -STATIC_PCRE2 
+SYSTEMD +TFO +THREAD +THREAD_DUMP +TPROXY -WURFL -ZLIB

Default settings :
  bufsize = 16384, maxrewrite = 1024, maxpollevents = 200

Built with multi-threading support (MAX_TGROUPS=16, MAX_THREADS=256, default=2).
Built with OpenSSL version : OpenSSL 3.0.2 15 Mar 2022
Running on OpenSSL version : OpenSSL 3.0.2 15 Mar 2022
OpenSSL library supports TLS extensions : yes
OpenSSL library supports SNI : yes
OpenSSL library supports : TLSv1.0 TLSv1.1 TLSv1.2 TLSv1.3
OpenSSL providers loaded : default
Built with network namespace support.
Built with libslz for stateless compression.
Compression algorithms supported : identity("identity"), deflate("deflate"), 
raw-deflate("deflate"), gzip("gzip")
Built with transparent proxy support using: IP_TRANSPARENT IPV6_TRANSPARENT 
IP_FREEBIND
Built with PCRE version : 8.39 2016-06-14
Running on PCRE version : 8.39 2016-06-14
PCRE library supports JIT : no (USE_PCRE_JIT not set)
Encrypted password support via crypt(3): yes
Built with gcc compiler version 11.4.0

Available polling systems :
      epoll : pref=300,  test result OK
       poll : pref=200,  test result OK
     select : pref=150,  test result OK
Total: 3 (3 usable), will use epoll.

Available multiplexer protocols :
(protocols marked as <default> cannot be specified using 'proto' keyword)
         h2 : mode=HTTP  side=FE|BE  mux=H2    flags=HTX|HOL_RISK|NO_UPG
       fcgi : mode=HTTP  side=BE     mux=FCGI  flags=HTX|HOL_RISK|NO_UPG
  <default> : mode=HTTP  side=FE|BE  mux=H1    flags=HTX
         h1 : mode=HTTP  side=FE|BE  mux=H1    flags=HTX|NO_UPG
  <default> : mode=TCP   side=FE|BE  mux=PASS  flags=
       none : mode=TCP   side=FE|BE  mux=PASS  flags=NO_UPG

Available services : none

Available filters :
        [BWLIM] bwlim-in
        [BWLIM] bwlim-out
        [CACHE] cache
        [COMP] compression
        [FCGI] fcgi-app
        [SPOE] spoe
        [TRACE] trace
```

Reply via email to