diff options
Diffstat (limited to 'reg-tests/connection/cli_src_dst.vtc')
-rw-r--r-- | reg-tests/connection/cli_src_dst.vtc | 290 |
1 files changed, 290 insertions, 0 deletions
diff --git a/reg-tests/connection/cli_src_dst.vtc b/reg-tests/connection/cli_src_dst.vtc new file mode 100644 index 0000000..6809d39 --- /dev/null +++ b/reg-tests/connection/cli_src_dst.vtc @@ -0,0 +1,290 @@ +varnishtest "Test multi-level client source and destination addresses" + +feature cmd "$HAPROXY_PROGRAM -cc 'version_atleast(2.5-dev0)'" +feature ignore_unknown_macro + +haproxy h1 -conf { + defaults + mode http + timeout connect "${HAPROXY_TEST_TIMEOUT-5s}" + timeout client "${HAPROXY_TEST_TIMEOUT-5s}" + timeout server "${HAPROXY_TEST_TIMEOUT-5s}" + + frontend fe1 + bind "fd@${fe1}" + tcp-request connection set-src ipv4(10.0.0.1) + tcp-request connection set-dst ipv4(10.0.0.2) + + tcp-request session set-var(sess.sess_fc_src) fc_src + tcp-request session set-var(sess.sess_fc_dst) fc_dst + tcp-request session set-var(sess.sess_src) src + tcp-request session set-var(sess.sess_dst) dst + + tcp-request inspect-delay 100ms + tcp-request content set-var(txn.strm_fc_src) fc_src + tcp-request content set-var(txn.strm_fc_dst) fc_dst + tcp-request content set-var(txn.strm_src) src + tcp-request content set-var(txn.strm_dst) dst + + http-after-response set-header sess-fc-src %[var(sess.sess_fc_src)] + http-after-response set-header sess-src %[var(sess.sess_src)] + http-after-response set-header sess-fc-dst %[var(sess.sess_fc_dst)] + http-after-response set-header sess-dst %[var(sess.sess_dst)] + http-after-response set-header strm-fc-src %[var(txn.strm_fc_src)] + http-after-response set-header strm-src %[var(txn.strm_src)] + http-after-response set-header strm-fc-dst %[var(txn.strm_fc_dst)] + http-after-response set-header strm-dst %[var(txn.strm_dst)] + + default_backend be + + frontend fe2 + bind "fd@${fe2}" + tcp-request connection set-src ipv4(10.0.0.1) + tcp-request connection set-dst ipv4(10.0.0.2) + + tcp-request session set-src ipv4(10.1.0.1) + tcp-request session set-dst ipv4(10.1.0.2) + tcp-request session set-var(sess.sess_fc_src) fc_src + tcp-request session set-var(sess.sess_fc_dst) fc_dst + tcp-request session set-var(sess.sess_src) src + tcp-request session set-var(sess.sess_dst) dst + + tcp-request inspect-delay 100ms + tcp-request content set-var(txn.strm_fc_src) fc_src + tcp-request content set-var(txn.strm_fc_dst) fc_dst + tcp-request content set-var(txn.strm_src) src + tcp-request content set-var(txn.strm_dst) dst + + http-after-response set-header sess-fc-src %[var(sess.sess_fc_src)] + http-after-response set-header sess-src %[var(sess.sess_src)] + http-after-response set-header sess-fc-dst %[var(sess.sess_fc_dst)] + http-after-response set-header sess-dst %[var(sess.sess_dst)] + http-after-response set-header strm-fc-src %[var(txn.strm_fc_src)] + http-after-response set-header strm-src %[var(txn.strm_src)] + http-after-response set-header strm-fc-dst %[var(txn.strm_fc_dst)] + http-after-response set-header strm-dst %[var(txn.strm_dst)] + + default_backend be + + frontend fe3 + bind "fd@${fe3}" + tcp-request connection set-src ipv4(10.0.0.1) + tcp-request connection set-dst ipv4(10.0.0.2) + + tcp-request session set-src ipv4(10.1.0.1) + tcp-request session set-dst ipv4(10.1.0.2) + tcp-request session set-var(sess.sess_fc_src) fc_src + tcp-request session set-var(sess.sess_fc_dst) fc_dst + tcp-request session set-var(sess.sess_src) src + tcp-request session set-var(sess.sess_dst) dst + + tcp-request inspect-delay 100ms + tcp-request content set-src ipv4(10.2.0.1) + tcp-request content set-dst ipv4(10.2.0.2) + tcp-request content set-var(txn.strm_fc_src) fc_src + tcp-request content set-var(txn.strm_fc_dst) fc_dst + tcp-request content set-var(txn.strm_src) src + tcp-request content set-var(txn.strm_dst) dst + + http-after-response set-header sess-fc-src %[var(sess.sess_fc_src)] + http-after-response set-header sess-src %[var(sess.sess_src)] + http-after-response set-header sess-fc-dst %[var(sess.sess_fc_dst)] + http-after-response set-header sess-dst %[var(sess.sess_dst)] + http-after-response set-header strm-fc-src %[var(txn.strm_fc_src)] + http-after-response set-header strm-src %[var(txn.strm_src)] + http-after-response set-header strm-fc-dst %[var(txn.strm_fc_dst)] + http-after-response set-header strm-dst %[var(txn.strm_dst)] + + + frontend fe4 + bind "fd@${fe4}" + + tcp-request connection set-src ipv4(10.0.0.1) + tcp-request connection set-dst ipv4(10.0.0.2) + + tcp-request session set-var(sess.sess_fc_src) fc_src + tcp-request session set-var(sess.sess_fc_dst) fc_dst + tcp-request session set-var(sess.sess_src) src + tcp-request session set-var(sess.sess_dst) dst + + http-request set-src hdr(x-forwarded-for) + http-request set-dst hdr(x-original-to) + http-request set-var(txn.strm_fc_src) fc_src + http-request set-var(txn.strm_fc_dst) fc_dst + http-request set-var(txn.strm_src) src + http-request set-var(txn.strm_dst) dst + + http-after-response set-header sess-fc-src %[var(sess.sess_fc_src)] + http-after-response set-header sess-src %[var(sess.sess_src)] + http-after-response set-header sess-fc-dst %[var(sess.sess_fc_dst)] + http-after-response set-header sess-dst %[var(sess.sess_dst)] + http-after-response set-header strm-fc-src %[var(txn.strm_fc_src)] + http-after-response set-header strm-src %[var(txn.strm_src)] + http-after-response set-header strm-fc-dst %[var(txn.strm_fc_dst)] + http-after-response set-header strm-dst %[var(txn.strm_dst)] + + default_backend be + + backend be + http-request return status 200 + + listen li1 + bind "fd@${li1}" + + tcp-request connection set-src ipv4(10.0.0.1) + tcp-request connection set-dst ipv4(10.0.0.2) + + http-request set-src ipv4(192.168.0.1) + http-request set-dst ipv4(192.168.0.2) + + http-after-response set-header li1-fc-src %[fc_src] + http-after-response set-header li1-src %[src] + http-after-response set-header li1-fc-dst %[fc_dst] + http-after-response set-header li1-dst %[dst] + + + server srv ${h1_li3_addr}:${h1_li3_port} send-proxy + + listen li2 + bind "fd@${li2}" + + tcp-request connection set-src ipv4(10.0.0.1) + tcp-request connection set-dst ipv4(10.0.0.2) + + http-request set-src ipv4(192.168.0.1) + http-request set-dst ipv4(192.168.0.2) + + http-after-response set-header li2-fc-src %[fc_src] + http-after-response set-header li2-src %[src] + http-after-response set-header li2-fc-dst %[fc_dst] + http-after-response set-header li2-dst %[dst] + + server srv ${h1_li3_addr}:${h1_li3_port} send-proxy-v2 + + listen li3 + bind "fd@${li3}" accept-proxy + + tcp-request connection set-src ipv4(10.1.0.1) + tcp-request connection set-dst ipv4(10.1.0.2) + + http-after-response set-header li3-fc-src %[fc_src] + http-after-response set-header li3-src %[src] + http-after-response set-header li3-fc-dst %[fc_dst] + http-after-response set-header li3-dst %[dst] + + http-request return status 200 + +} -start + + +client c1 -connect ${h1_fe1_sock} { + txreq + rxresp + expect resp.http.sess-fc-src == 10.0.0.1 + expect resp.http.sess-src == 10.0.0.1 + expect resp.http.strm-fc-src == 10.0.0.1 + expect resp.http.strm-src == 10.0.0.1 + + expect resp.http.sess-fc-dst == 10.0.0.2 + expect resp.http.sess-dst == 10.0.0.2 + expect resp.http.strm-fc-dst == 10.0.0.2 + expect resp.http.strm-dst == 10.0.0.2 +} -run + +client c2 -connect ${h1_fe2_sock} { + txreq + rxresp + expect resp.http.sess-fc-src == 10.0.0.1 + expect resp.http.sess-src == 10.1.0.1 + expect resp.http.strm-fc-src == 10.0.0.1 + expect resp.http.strm-src == 10.1.0.1 + + expect resp.http.sess-fc-dst == 10.0.0.2 + expect resp.http.sess-dst == 10.1.0.2 + expect resp.http.strm-fc-dst == 10.0.0.2 + expect resp.http.strm-dst == 10.1.0.2 +} -run + +client c3 -connect ${h1_fe3_sock} { + txreq + rxresp + expect resp.http.sess-fc-src == 10.0.0.1 + expect resp.http.sess-src == 10.1.0.1 + expect resp.http.strm-fc-src == 10.0.0.1 + expect resp.http.strm-src == 10.2.0.1 + + expect resp.http.sess-fc-dst == 10.0.0.2 + expect resp.http.sess-dst == 10.1.0.2 + expect resp.http.strm-fc-dst == 10.0.0.2 + expect resp.http.strm-dst == 10.2.0.2 +} -run + +client c4 -connect ${h1_fe4_sock} { + txreq \ + -hdr "x-forwarded-for: 192.168.0.1" \ + -hdr "x-original-to: 192.168.0.2" + rxresp + expect resp.http.sess-fc-src == 10.0.0.1 + expect resp.http.sess-src == 10.0.0.1 + expect resp.http.strm-fc-src == 10.0.0.1 + expect resp.http.strm-src == 192.168.0.1 + + expect resp.http.sess-fc-dst == 10.0.0.2 + expect resp.http.sess-dst == 10.0.0.2 + expect resp.http.strm-fc-dst == 10.0.0.2 + expect resp.http.strm-dst == 192.168.0.2 + + txreq \ + -hdr "x-forwarded-for: 192.168.1.1" \ + -hdr "x-original-to: 192.168.1.2" + rxresp + expect resp.http.sess-fc-src == 10.0.0.1 + expect resp.http.sess-src == 10.0.0.1 + expect resp.http.strm-fc-src == 10.0.0.1 + expect resp.http.strm-src == 192.168.1.1 + + expect resp.http.sess-fc-dst == 10.0.0.2 + expect resp.http.sess-dst == 10.0.0.2 + expect resp.http.strm-fc-dst == 10.0.0.2 + expect resp.http.strm-dst == 192.168.1.2 + + txreq + rxresp + expect resp.http.sess-fc-src == 10.0.0.1 + expect resp.http.sess-src == 10.0.0.1 + expect resp.http.strm-fc-src == 10.0.0.1 + expect resp.http.strm-src == 10.0.0.1 + + expect resp.http.sess-fc-dst == 10.0.0.2 + expect resp.http.sess-dst == 10.0.0.2 + expect resp.http.strm-fc-dst == 10.0.0.2 + expect resp.http.strm-dst == 10.0.0.2 +} -run + +client c5 -connect ${h1_li1_sock} { + txreq + rxresp + expect resp.http.li1-fc-src == 10.0.0.1 + expect resp.http.li1-src == 192.168.0.1 + expect resp.http.li1-fc-dst == 10.0.0.2 + expect resp.http.li1-dst == 192.168.0.2 + + expect resp.http.li3-fc-src == 10.1.0.1 + expect resp.http.li3-src == 192.168.0.1 + expect resp.http.li3-fc-dst == 10.1.0.2 + expect resp.http.li3-dst == 192.168.0.2 +} -run + +client c6 -connect ${h1_li2_sock} { + txreq + rxresp + expect resp.http.li2-fc-src == 10.0.0.1 + expect resp.http.li2-src == 192.168.0.1 + expect resp.http.li2-fc-dst == 10.0.0.2 + expect resp.http.li2-dst == 192.168.0.2 + + expect resp.http.li3-fc-src == 10.1.0.1 + expect resp.http.li3-src == 192.168.0.1 + expect resp.http.li3-fc-dst == 10.1.0.2 + expect resp.http.li3-dst == 192.168.0.2 +} -run |