Re: src_get_gpc0 seems not to work after commit f71f6f6
Hi,
On Wed, Mar 23, 2016 at 04:40:24PM +0900, Sehoon Kim wrote:
> Hi,
>
> As below, I use stick-table for temporary acl.
> After commit f71f6f6, src_get_gpc0 seems not to work.
>
> So, I revert commit f71f6f6, and it works!!
(...)
> tcp-request connection accept if { src_get_gpc0(whitelist) eq 1 }
Aie, you're definitely right, I broke it with this fix :-(
So I'll have to modify it to move some of the controls elsewhere.
I was fooled by the code being located in stream.c and still being
able to be called with no valid stream :-/ It seems it will be time
to move some parts again.
I'll work on a fix, thanks for reporting this and sorry for the mess :-(
Willy
RE: src_get_gpc0 seems not to work after commit f71f6f6
Hi, >> As below, I use stick-table for temporary acl. >> After commit f71f6f6, src_get_gpc0 seems not to work. >> >> So, I revert commit f71f6f6, and it works!! > > That's not a valid commit in the official haproxy repo, can you please > check the hash again? Its a valid hash in the haproxy-1.6 repro, this would be be508f158 in 1.7-dev (BUG/MAJOR: samples: check smp->strm before using it). cheers, Lukas
Re: src_get_gpc0 seems not to work after commit f71f6f6
Hi Seri,
On 2016-03-23 08:40, Sehoon Kim wrote:
Hi,
As below, I use stick-table for temporary acl.
After commit f71f6f6, src_get_gpc0 seems not to work.
So, I revert commit f71f6f6, and it works!!
That's not a valid commit in the official haproxy repo, can you please
check the hash again?
frontend SSL-Offload
bind :443 ssl crt ssl.pem ecdhe prime256v1
tcp-request connection accept if { src_get_gpc0(whitelist) eq 1 }
tcp-request connection reject
backend whitelist
stick-table type ip size 1m expire 1h nopurge store gpc0
Thanks
Seri
--
Regards,
Christian Ruppert
src_get_gpc0 seems not to work after commit f71f6f6
Hi,
As below, I use stick-table for temporary acl.
After commit f71f6f6, src_get_gpc0 seems not to work.
So, I revert commit f71f6f6, and it works!!
frontend SSL-Offload
bind :443 ssl crt ssl.pem ecdhe prime256v1
tcp-request connection accept if { src_get_gpc0(whitelist) eq 1 }
tcp-request connection reject
backend whitelist
stick-table type ip size 1m expire 1h nopurge store gpc0
Thanks
Seri
