diff options
Diffstat (limited to 'reg-tests/startup')
-rw-r--r-- | reg-tests/startup/automatic_maxconn.vtc | 104 | ||||
-rw-r--r-- | reg-tests/startup/check_condition.vtc | 32 | ||||
-rw-r--r-- | reg-tests/startup/common.pem | 117 | ||||
-rw-r--r-- | reg-tests/startup/default_rules.vtc | 185 |
4 files changed, 438 insertions, 0 deletions
diff --git a/reg-tests/startup/automatic_maxconn.vtc b/reg-tests/startup/automatic_maxconn.vtc new file mode 100644 index 0000000..0173916 --- /dev/null +++ b/reg-tests/startup/automatic_maxconn.vtc @@ -0,0 +1,104 @@ +varnishtest "Automatic maxconn computation" +feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.5-dev0)'" +feature cmd "$HAPROXY_PROGRAM -cc '!feature(OBSOLETE_LINKER)'" +feature cmd "$HAPROXY_PROGRAM -cc 'feature(OPENSSL)'" +feature ignore_unknown_macro +#REGTEST_TYPE=broken + + +# Check the maxconn computation with the -m parameter +# Broken because it can't work with ASAN. + + +feature ignore_unknown_macro + +server s1 { + rxreq + txresp +} -start + + +haproxy h1 -arg "-m 1024" -conf { +} -start + +haproxy h1 -cli { + send "show info" + expect ~ ".*Maxconn: (29000|28000)\n.*" +} + +haproxy h2 -arg "-m 384" -conf { +} -start + +haproxy h2 -cli { + send "show info" + expect ~ ".*Maxconn: (11000|10000)\n.*" +} + +haproxy h3 -arg "-m 256" -conf { +} -start + +haproxy h3 -cli { + send "show info" + expect ~ ".*Maxconn: (7300|7000)\n.*" +} + +# 1 SSL front but no back + +haproxy h4 -arg "-m 256" -conf { + defaults + mode http + timeout connect 1s + timeout client 1s + timeout server 1s + + frontend fe1 + bind "fd@${fe1}" ssl crt ${testdir}/common.pem + +} -start + +haproxy h4 -cli { + send "show info" + expect ~ ".*Maxconn: 1900\n.*" +} + +# 1 SSL back but not front + +haproxy h5 -arg "-m 256" -conf { + defaults + mode http + timeout connect 1s + timeout client 1s + timeout server 1s + + listen li2 + bind "fd@${li2}" + server ssl "${s1_addr}:${s1_port}" ssl verify none + +} -start + +haproxy h5 -cli { + send "show info" + expect ~ ".*Maxconn: 1900\n.*" +} + + +# 1 SSL front and 1 back + +haproxy h6 -arg "-m 256" -conf { + defaults + mode http + timeout connect 1s + timeout client 1s + timeout server 1s + + listen li3 + bind "fd@${li3}" ssl crt ${testdir}/common.pem + server ssl "${s1_addr}:${s1_port}" ssl verify none + +} -start + +haproxy h6 -cli { + send "show info" + expect ~ ".*Maxconn: 1700\n.*" +} + diff --git a/reg-tests/startup/check_condition.vtc b/reg-tests/startup/check_condition.vtc new file mode 100644 index 0000000..3ab6ae4 --- /dev/null +++ b/reg-tests/startup/check_condition.vtc @@ -0,0 +1,32 @@ +varnishtest "Tests the -cc argument" + +feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.5-dev0)'" + +shell { + set -e + $HAPROXY_PROGRAM -cc "version_atleast(2.4)" + ! $HAPROXY_PROGRAM -cc "version_atleast(1024)" + + $HAPROXY_PROGRAM -cc "streq(foo,'foo')" + $HAPROXY_PROGRAM -cc "streq(\"foo bar\",'foo bar')" + ! $HAPROXY_PROGRAM -cc "streq(foo,bar)" + + if $HAPROXY_PROGRAM -cc "version_atleast(2.5-dev2)"; then + export TESTVAR=1 + $HAPROXY_PROGRAM -cc 'defined(TESTVAR) && streq("$TESTVAR","1")' + $HAPROXY_PROGRAM -cc 'feature(OPENSSL) || !feature(OPENSSL)' + $HAPROXY_PROGRAM -cc '1&&!0&&!((streq(a,b)||!streq(a,a)&&1)||strneq(a,a))' + $HAPROXY_PROGRAM -cc '1 &&! 0&& !((streq(a,b)||!streq(a,a)&&1)||strneq(a,a))' + $HAPROXY_PROGRAM -cc '1 && !0 && !((streq(a,b) || !streq(a,a) && 1) || strneq(a,a))' + ! $HAPROXY_PROGRAM -cc '1 && !0 && !((streq(a,b) || !streq(a,a) && 1) || strneq(a,b))' + ! $HAPROXY_PROGRAM -cc '1 && !0 && !((streq(a,a) || !streq(a,a) && 1) || strneq(a,a))' + # empty string is always false + ! $HAPROXY_PROGRAM -cc '' + # non-zero is true + $HAPROXY_PROGRAM -cc '-1000 && 200' + # check for various parsing errors (extra/missing chars) + ! $HAPROXY_PROGRAM -cc '200rrr' + ! $HAPROXY_PROGRAM -cc '!(0))' + ! $HAPROXY_PROGRAM -cc 'streq(a,"a)' + fi +} -run diff --git a/reg-tests/startup/common.pem b/reg-tests/startup/common.pem new file mode 100644 index 0000000..206e417 --- /dev/null +++ b/reg-tests/startup/common.pem @@ -0,0 +1,117 @@ +-----BEGIN RSA PRIVATE KEY----- +MIIEpAIBAAKCAQEAnb0BDF7FsqzslakNg7u/n/JQkq6nheuKwvyTqECfpc9y7uSB +e/vrEFqBaDSLQagJxuZdL5geFeVtRbdAoB97N1/LZa6vecjjgGSP0Aag/gS/ocnM +RIyvlVWWT9MrD46OG3qZY1ORU1ltrVL0NKttJP8xME7j3bTwIDElx/hNI0n7L+yS +kAe2xb/7CbZRfoOhjTVAcGv4aSLVc/Hi8k6VkIzdOEtH6TcghXmuGcuqvLNH9Buo +syngKTcQ8zg6J+e64aVvC+e7vi94uil9Qu+JHm0pkDzAZ2WluNsuXlrJToPirWyj +6/YdN6xgSI1hbZkBmUPAebgYuxBt6huvfyQd3wIDAQABAoIBABojc8UE/2W4WgwC +04Z82ig7Ezb7Ui9S9M+S4zUCYHItijIkE4DkIfO3y7Hk4x6iJdyb191HK9UdC5p9 +32upS9XFPgM/izx3GZvxDhO+xXbSep7ovbyuQ3pPkHTx3TTavpm3GyvmcTKKoy4R +jP4dWhzDXPdQW1ol3ZS4EDau4rlyClY6oi1mq9aBEX3MqVjB/nO7s2AbdgclAgP2 +OZMhTzWYR1k5tYySHCXh3ggGMCikyvHU0+SsGyrstYzP1VYi/n3f0VgqW/5ZjG8x +6SHpe04unErPF3HuSun2ZMCFdBxaTFZ8FENb8evrSXe3nQOc9W21RQdRRrNNUbjl +JYI4veECgYEA0ATYKMS1VCUYRZoQ49b5GTg7avUYqfW4bEo4fSfBue8NrnKR3Wu8 +PPBiCTuIYq1vSF+60B7Vu+hW0A8OuQ2UuMxLpYcQ7lKfNad/+yAfoWWafIqCqNU9 +at0QMdbW6A69d6jZt7OrXtleBsphCnN58jTz4ch4PIa2Oyq46NUXCvUCgYEAwh8t +G6BOHOs3yRNI2s9Y9EEfwoil2uIKrZhqiL3AwdIpu5uNIMuPnbaEpXvRX6jv/qtL +321i8vZLc31aM7zfxQ6B4ReQFJfYC80FJsWvcLwT9hB9mTJpLS4sIu5tzQc87O6w +RtjFMom+5ns5hfPB4Eccy0EtbQWVY4nCzUeO6QMCgYBSvqqRRPXwG7VU8lznlHqP +upuABzChYrnScY+Y0TixUlL54l79Wb6N6vzEOWceAWkzu8iewrU4QspNhr/PgoR3 +IeSxWlG0yy7Dc/ZnmTabx8O06I/iwrfkizzG5nOj6UEamRLJjPGNEB/jyZriQl7u +pnugg1K4mMliLbNSAnlhBQKBgQCmYepbv260Qrex1KGhSg9Ia3k5V74weYYFfJnz +UhChD+1NK+ourcsOtp3C6PlwMHBjq5aAjlU9QfUxq8NgjQaO8/xGXdfUjsFSfAtq +TA4vZkUFpuTAJgEYBHc4CXx7OzTxLzRPxQRgaMgC7KNFOMR34vu/CsJQq3R7uFwL +bsYC2QKBgQCtEmg1uDZVdByX9zyUMuRxz5Tq/vDcp+A5lJj2mha1+bUMaKX2+lxQ +vPxY55Vaw/ukWkJirRrpGv6IytBn0dLAFSlKZworZGBaxsm8OGTFJ5Oe9+kZTjI9 +hvjpClOA1otbmj2F2uZAbuIjxQGDNUkLoifN5yDYCC8JPujHuHmULw== +-----END RSA PRIVATE KEY----- +-----BEGIN CERTIFICATE----- +MIIGeTCCBGGgAwIBAgIBAjANBgkqhkiG9w0BAQsFADB+MQswCQYDVQQGEwJGUjEW +MBQGA1UECBMNSWxlLWRlLUZyYW5jZTEOMAwGA1UEBxMFUGFyaXMxEDAOBgNVBAoT +B296b24uaW8xFTATBgNVBAMTDE96b24gVGVzdCBDQTEeMBwGCSqGSIb3DQEJARYP +c3VwcG9ydEBvem9uLmlvMB4XDTE2MDExNzIzMDIzOFoXDTE4MDExNjIzMDIzOFow +gb4xCzAJBgNVBAYTAkZSMRYwFAYDVQQIEw1JbGUtZGUtRnJhbmNlMRowGAYDVQQH +ExFOZXVpbGx5LXN1ci1TZWluZTEYMBYGA1UEChMPVE9BRCBDb25zdWx0aW5nMRcw +FQYDVQQLEw5lUGFyYXBoZXIgVGVhbTEWMBQGA1UEAxMNd3d3LnRlc3QxLmNvbTEw +MC4GCSqGSIb3DQEJARYhYXJuYXVsdC5taWNoZWxAdG9hZC1jb25zdWx0aW5nLmZy +MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnb0BDF7FsqzslakNg7u/ +n/JQkq6nheuKwvyTqECfpc9y7uSBe/vrEFqBaDSLQagJxuZdL5geFeVtRbdAoB97 +N1/LZa6vecjjgGSP0Aag/gS/ocnMRIyvlVWWT9MrD46OG3qZY1ORU1ltrVL0NKtt +JP8xME7j3bTwIDElx/hNI0n7L+ySkAe2xb/7CbZRfoOhjTVAcGv4aSLVc/Hi8k6V +kIzdOEtH6TcghXmuGcuqvLNH9BuosyngKTcQ8zg6J+e64aVvC+e7vi94uil9Qu+J +Hm0pkDzAZ2WluNsuXlrJToPirWyj6/YdN6xgSI1hbZkBmUPAebgYuxBt6huvfyQd +3wIDAQABo4IBvzCCAbswCwYDVR0PBAQDAgOoMBMGA1UdJQQMMAoGCCsGAQUFBwMB +MB0GA1UdDgQWBBTIihFNVNgOseQnsWEcAQxAbIKE4TCBsgYDVR0jBIGqMIGngBRv +G9At9gzk2MW5Z7JVey1LtPIZ8KGBg6SBgDB+MQswCQYDVQQGEwJGUjEWMBQGA1UE +CBMNSWxlLWRlLUZyYW5jZTEOMAwGA1UEBxMFUGFyaXMxEDAOBgNVBAoTB296b24u +aW8xFTATBgNVBAMTDE96b24gVGVzdCBDQTEeMBwGCSqGSIb3DQEJARYPc3VwcG9y +dEBvem9uLmlvggkA15FtIaGcrk8wDAYDVR0TAQH/BAIwADAaBgNVHREEEzARgg9j +b21tb25OYW1lOmNvcHkwCQYDVR0SBAIwADBIBgNVHR8EQTA/MD2gO6A5hjdodHRw +Oi8vb3BlbnNzbGNhLnRvYWQtY29uc3VsdGluZy5jb20vb3BlbnZwbi9MYXRlc3Qu +Y3JsMBEGCWCGSAGG+EIBAQQEAwIGQDAxBglghkgBhvhCAQ0EJBYiVE9BRC1Db25z +dWx0aW5nIHNlcnZlciBjZXJ0aWZpY2F0ZTANBgkqhkiG9w0BAQsFAAOCAgEAewDa +9BukGNJMex8gsXmmdaczTr8yh9Uvw4NJcZS38I+26o//2g+d6i7wxcQg8hIm62Hj +0TblGU3+RsJo4uzcWxxA5YUYlVszbHNBRpQengEE5pjwHvoXVMNES6Bt8xP04+Vj +0qVnA8gUaDMk9lN5anK7tF/mbHOIJwHJZYCa2t3y95dIOVEXFwOIzzbSbaprjkLN +w0BgR5paJz7NZWNqo4sZHUUz94uH2bPEd01SqHO0dJwEVxadgxuPnD05I9gqGpGX +Zf3Rn7EQylvUtX9mpPaulQPXc3emefewLUSSAdnZrVikZK2J/B4lSi9FpUwl4iQH +pZoE0QLQHtB1SBKacnOAddGSTLSdFvpzjErjjWSpMukF0vutmrP86GG3xtshWVhI +u+yLfDJVm/pXfaeDtWMXpxIT/U1i0avpk5MZtFMRC0MTaxEWBTnnJm+/yiaAXQYg +E1ZIP0mkZkiUojIawTR7JTjHGhIraP9UVPNceVy0DLfETHEou3vhwBn7PFOz7piJ +wjp3A47DStJD4fapaX6B1fqM+n34CMD9ZAiJFgQEIQfObAWC9hyr4m+pqkp1Qfuw +vsAP/ZoS1CBirJfm3i+Gshh+VeH+TAmO/NBBYCfzBdgkNz4tJCkOc7CUT/NQTR/L +N2OskR/Fkge149RJi7hHvE3gk/mtGtNmHJPuQ+s= +-----END CERTIFICATE----- +-----BEGIN CERTIFICATE----- +MIIJazCCBVOgAwIBAgIUWHoc5e2FUECgyCvyVf8wCtt8gTYwDQYJKoZIhvcNAQEL +BQAwRTELMAkGA1UEBhMCRlIxEzARBgNVBAgMClNvbWUtU3RhdGUxITAfBgNVBAoM +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDAeFw0yMDA4MDQxODU4MTZaFw0yMDA5 +MDMxODU4MTZaMEUxCzAJBgNVBAYTAkZSMRMwEQYDVQQIDApTb21lLVN0YXRlMSEw +HwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0eSBMdGQwggQiMA0GCSqGSIb3DQEB +AQUAA4IEDwAwggQKAoIEAQDARiuHkhrnf38Md1nxGDSneJfwv/QksdNNMNTJBdjg +OVmaRCIAyz43oefTWDQ/TebbSwB+Lg9pud1zadGWhlZRhCgBPP8JDMhIKH4eXIRk +5IIa8WD08EwvSlqJL0r4gsMtVsxy7BZHAkka/2Ket9pyGt4kG5n75RFdc6BI80/8 +RwJt/MDxPrcVBAT7LnCluxQpyya9mZCabj7l+9a2yU2hgWS6QqfZJ133krkP/MMh +AEQkSoA4mmBwWk9yPqXmUqiOi7v6iLkIUEh5SgYVPRk9BtU/kDaUdSwuqRrpCZo4 +SsWZWFLxBmLHkSh+G+BWjCVYMQr2ye7e+VMT/20+5xAfq4fj9n5BsPcx3QcVuTof +RAc/Oygnt4MYnIcUb7zRFvCAvgpUHL7BnEn6nhyXjHJGqGDchsg8m9t3v/Y3ohq+ +qmrSzdeuylE1n3W5aWJlbFmyXegNP45MJ0xicesVrXEWF7YD/ir9mGJ8bQYr4blf +77PrbF02komC6AzVPKOJa0jR+eW1wErzYlkYgez6ylBWCiHJd1dhEHlK3h2rXdYa +Gnb45ILCLpEDjNEUrHifLLNXwqJpgZQsJU6BgMgk7ZgBfAKrCfTeg0rkCqCAPeVb +8eSLf7FBF7YBRJ5P6u8qXc4RtgEu607GaWV0gIMfyVBY52oV+OaNsEdFetrJnp3c +friG8vJ+7jdq6zjUCGgnfUIHoViJPh3JuFfhA3jT0gQDKW5PeI7dxhrNvlqdYfHI +fxX7Y1/J6cTQkqJ1cai2f0bwJIJiTAThNbG+zrtjJ7fZ3wJ4udyU/IKrwShqtmTb +1Ofj0tJDdwOH8i84vIySLUvR9aAb7ClFlnsx6rzwOxG90W7C0LA2M0EHm4FezJm/ +FfujnZwEWr1T9Wki6qE0MHCbdN/TTDws//EKkkE44FC+amL96w0IQl70vpE37j2A +zlDWvFFID95SIxfmpkwWDvXDKv6gr1GMLeysCl2fgpY05Xidw5cEo9/tEkuWn/dG +x/D9hnLBGeroA0251ES12jemqDjI2U0tfaeHakjwSsoWElf94Qmuh2iPZ+1zIxQs +7o6nAWN8X9hfsmrDTTHlww0TEfrjlbzG5Yh+0ZRxmejgiUyOCXck+eh/ZXMXvfWh +y3CorIIuWgkRjm80PYkdaRDJdZuyP6R7tXfTXNVzAiSQf0Qx9ru2KB2Fs/XZPamH +KjItAU5Q6msIVvaRMS0muQgV+b6hqSEBzqXqJfAlpVLHXr5FqK+U7EB9y02B6piB +tAmxqXP8OOCoQql6/vgIcrDFUOo6KtGBW36ef74XE3KCUVaIzVJZSIt6i/Vi0bZj +bAjsJUQ3qDlHdorv9TRVOhnC1GUz7SuYnpEOyiXmyx3LAgMBAAGjUzBRMB0GA1Ud +DgQWBBQ62csZcH/meQcENHhNbqz9LMzwjjAfBgNVHSMEGDAWgBQ62csZcH/meQcE +NHhNbqz9LMzwjjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IEAQBA +wLsGf3R1+/I2zQE+lsj7RasZtA/Cos92iEGDAPvFbx9e+roG8Gg8KBsEJu/HN0JH +lMMiQ8dDRHSBMvRBENL5/57oOOhmqc+1u5sazLuANhzAYPZG17Klib7YpEwWoXar +FDDiJYtCyLW0oNLpCswYopWK9GC0RJNucB0NFvOxehJ2sP2/fxGBQMB09L6mjKjd +4KsOzyd3dNf0VYS6jB+/1pcKSHKQUo9HRHB5FK04PsYHoh4AtmEHvmYQKcWWidgU +v26ftlH00ERzuW2juqBbz9mghlNRqXi0IyZ9b4tSj29dxW+WWFzo7j2zEPaD6z2W +DEHq7zvON+g+q6qLgWeszqMgJzjvWjMj00E/t06PoHPiz/cAnDKEqp+ZzxCIFrxj +/qneChpogDWyLbawhyyzbZvbirx5znOSbWjPZgydqaNEFViqbxwinBx4Xxabo6XN +TU020FuMWmgfbIcvtgjKgyKqc97l7JMNNm7LQV9+9W0U5zdIqQKLZ9MMrd2w3xh4 +MAB8NKnwzHReK0TWwUU9HSgFAGdEX6HnyZ3bQ13ijg+sNBRMEi0gBHaqZKDdyoft +B2u2uasSwioV48dbSIcHl+rTBKxiMh5XQ7ENnaGOJkjsIqTVzizqnPHU8eMBnSbb +dsXlamROYII44+j3Ku6OGt51w86eGk4VxI3tmaECcJKqTkwUFD8AcNDrkjtmLuxK +12yjnoM+u1cclfqQ5NOtRc6MJZ27jCobfBBhVdKVDp4X1WNyqGlbsU5adDAzknuI +GT7MJO7lGjkZX2n54BNPSfrSknYMOVYcZqL0Dbcrhx5IyEmg+iOlOu1HO1tdnZop +ej4vT+1V2w9Sa4Wo3UCo84jcm5v/4z7jCYh4BRQ60CFb7GLxZoqXIslcGSPool3n +jl8JWoaLXrJUPfZGXo1iAlayJ5EiMyZl4eB/TBUf6TMm8vLvsPiUT+CEsjLppOdS +eYppZAZ6H1JrJGs5kKBdOJHGn6Pkp5QsHIswOBd1HqHrBbYbZmDaDLRHduILWLrM +e0/IfDdeXB/bKfmZoEpT8xRiauw15p0AHLumiK7KISAehfgBqUnxx+YmgGoZ7EWX +KnMYAfCuC6oJ1DL0gp4Z9yMK1eu+GV1sLxPq9ZruEHW1R+H+4sGyiA5Gso2tgB6/ +XW//wxKclNp5LZR7hqfs/kGuh5asrJrnEbMwWn2+tr/LqfYtYh1D6nHfIXpT0o1d +rNy/HrsKnRDMWxjm03r4hCViuNVD3Zb9anAF/NSPDVu8ATM5JbJNrCYX4eipz6ZE +aQBkwIBkTPgtgP4r8v2G+uMYDw8nq7xh72FK107aeTTwc6MgU5jfeFNMr2XJisJd +lSem1ngKYQSEzjVsTE4c +-----END CERTIFICATE----- diff --git a/reg-tests/startup/default_rules.vtc b/reg-tests/startup/default_rules.vtc new file mode 100644 index 0000000..cd86f74 --- /dev/null +++ b/reg-tests/startup/default_rules.vtc @@ -0,0 +1,185 @@ +varnishtest "Misuses of defaults section defining TCP/HTTP rules" + +feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.5-dev0)'" +feature ignore_unknown_macro + +# +# anonymous defaults section cannot define TCP/HTTP rules +# +haproxy h1 -conf-BAD {} { + defaults + http-request set-header X-Hdr 1 +} + +haproxy h2 -conf-BAD {} { + defaults + http-response set-header X-Hdr 1 +} + +haproxy h3 -conf-BAD {} { + defaults + http-after-request set-header X-Hdr 1 +} + +haproxy h4 -conf-BAD {} { + defaults + tcp-request connection accept +} + +haproxy h5 -conf-BAD {} { + defaults + tcp-request session accept +} + +haproxy h6 -conf-BAD {} { + defaults + tcp-request inspect-delay 5s + tcp-request content accept +} + +haproxy h7 -conf-BAD {} { + defaults + tcp-response inspect-delay 5s + tcp-response content accept +} + +# +# defaults section defining TCP/HTTP rules cannot be used to init another +# defaults section +# +haproxy h8 -conf-BAD {} { + defaults invalid + tcp-response inspect-delay 5s + tcp-response content accept + + defaults from invalid + mode tcp +} + +# +# defaults section defining TCP/HTTP rules cannot be used to init a listen +# section +# +haproxy h9 -conf-BAD {} { + defaults invalid + tcp-request inspect-delay 5s + tcp-request content accept + + listen li from invalid + mode tcp + bind "fd@${lih9}" + server www 127.0.0.1:80 +} + +# +# defaults section defining TCP/HTTP rules cannot be used to init frontend and +# backend sections at the same time +# +# +haproxy h10 -conf-BAD {} { + defaults invalid + tcp-request inspect-delay 5s + tcp-request content accept + + frontend fe from invalid + mode tcp + bind "fd@${feh10}" + default_backend be1 + + backend be from invalid + mode tcp + server www 127.0.0.1:80 +} + +# +# defaults section defining 'tcp-request connection' or 'tcp-request session' +# rules cannot be used to init backend sections +# +haproxy h11 -conf-BAD {} { + defaults invalid + tcp-request connection accept + + backend be from invalid + mode tcp + server www 127.0.0.1:80 +} + +haproxy h12 -conf-BAD {} { + defaults invalid + tcp-request session accept + + backend be from invalid + mode tcp + server www 127.0.0.1:80 +} + +# +# defaults section defining 'tcp-response content' rules cannot be used to init +# a frontend section +# +haproxy h13 -conf-BAD {} { + defaults invalid + tcp-response inspect-delay 5s + tcp-response content accept + + frontend fe from invalid + mode tcp + bind "fd@${feh10}" +} + +haproxy h14 -conf-OK { + defaults tcp + tcp-response inspect-delay 5s + tcp-response content accept + + backend be from tcp + mode tcp + server www 127.0.0.1:80 +} + +# +# Check arguments resolutions in rules. FE/BE arguments must be resolved, but +# SRV/TAB arguments without an explicit proxy name are not allowed. +# + +haproxy h15 -conf-BAD {} { + defaults invalid + mode http + http-request set-header x-test "%[srv_conn(www)]" + + backend be from invalid + server www 127.0.0.1:80 +} + +haproxy h16 -conf-BAD {} { + defaults invalid + mode http + http-request track-sc0 src + http-request deny deny_status 429 if { sc_http_req_rate(0) gt 20 } + + backend be + stick-table type ip size 100k expire 30s store http_req_rate(10s) + server www 127.0.0.1:80 +} + +haproxy h17 -conf-OK { + defaults common + mode http + + defaults def_front from common + http-request set-header x-test1 "%[fe_conn]" + + defaults def_back from common + http-request track-sc0 src table be + http-request deny deny_status 429 if { sc_http_req_rate(0,be) gt 20 } + http-request set-header x-test2 "%[be_conn]" + http-request set-header x-test3 "%[srv_conn(be/www)]" + + frontend fe from def_front + bind "fd@${feh15}" + default_backend be + + backend be from def_back + stick-table type ip size 100k expire 30s store http_req_rate(10s) + server www 127.0.0.1:80 +} |