diff --git a/net/haproxy/Makefile b/net/haproxy/Makefile index 15a0d1ec64..bc5ac0c84e 100644 --- a/net/haproxy/Makefile +++ b/net/haproxy/Makefile @@ -1,8 +1,7 @@ PLUGIN_NAME= haproxy -PLUGIN_VERSION= 4.6 -PLUGIN_REVISION= 2 +PLUGIN_VERSION= 5.0 PLUGIN_COMMENT= Reliable, high performance TCP/HTTP load balancer -PLUGIN_DEPENDS= haproxy30 py${PLUGIN_PYTHON}-haproxy-cli +PLUGIN_DEPENDS= haproxy py${PLUGIN_PYTHON}-haproxy-cli PLUGIN_MAINTAINER= opnsense@moov.de .include "../../Mk/plugins.mk" diff --git a/net/haproxy/pkg-descr b/net/haproxy/pkg-descr index 13a4f948b6..c0396f6dc4 100644 --- a/net/haproxy/pkg-descr +++ b/net/haproxy/pkg-descr @@ -6,6 +6,43 @@ very high loads while needing persistence or Layer7 processing. Plugin Changelog ================ +5.0 + +WARNING: This is a new major release, which may result in +incompatible changes for some users. + +Added: +* add support for HTTP/3 over QUIC to frontends (#4341) +* add new rule: http-request silent-drop +* add new rule: http-after-response +* add new condition: HTTP method +* support custom HTTP status code in "http-request deny" rules +* add new backend option to control PROXY protocol for health checks (#2909) +* add support for new map file types: beg,end,int,ip,reg,str (#3641) +* add support for more sample fetches: quic_enabled, stopping, wait_end (#3702) +* add support for HTTP compression (#4867) +* add all action keywords for http-request/-response and tcp-request/-response rules +* add "enabled" field to rules +* add support for all stick-table data types +* add support for GPC/GPT/SC to conditions and rules (#1123, #5109) +* add support for SSL SNI expression to servers (#3756) +* add column "mode" to servers overview (#4632) +* add support for loading mapfiles in conditions + +Fixed: +* Maintenance tab "SSL Certificates" not working with only one cert + +Changed: +* upgrade to HAProxy 3.2 release series (#5147) +* refactor http/tcp rules to make extensions easier +* rename some labels in rules +* change LUA boolean conversion (see tune.lua.bool-sample-conversion) +* stick-table "size" and "expiration time" are no longer advanced options (now always visible) +* replace stick-table type "ip" with "ipv4" (#5147) +* show the actual HAProxy option name in conditions for clarity +* allow stick-table types "binary", "integer" and "string" in backends +* make mapfiles more useful in rules + 4.6 Changed: diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/Api/SettingsController.php b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/Api/SettingsController.php index 4231ca119b..b19a13df72 100644 --- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/Api/SettingsController.php +++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/Api/SettingsController.php @@ -1,7 +1,7 @@ searchBase('servers.server', array('enabled', 'name', 'type', 'address', 'port', 'description'), 'name'); + return $this->searchBase('servers.server', array('enabled', 'name', 'type', 'mode', 'address', 'port', 'description'), 'name'); } public function getHealthcheckAction($uuid = null) @@ -206,9 +206,14 @@ public function delActionAction($uuid) return $this->delBase('actions.action', $uuid); } + public function toggleActionAction($uuid, $enabled = null) + { + return $this->toggleBase('actions.action', $uuid); + } + public function searchActionsAction() { - return $this->searchBase('actions.action', array('name', 'description'), 'name'); + return $this->searchBase('actions.action', array('enabled', 'name', 'description'), 'name'); } public function getLuaAction($uuid = null) diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAcl.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAcl.xml index 895bd6e4b2..39716d8adf 100644 --- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAcl.xml +++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAcl.xml @@ -19,7 +19,7 @@ acl.expression dropdown - Select condition type. + layer 4 or layer 7. The syntax check will show errors when using an incompatible sample fetch method.]]> acl.negate @@ -88,6 +88,16 @@ text + + + header + + + + acl.http_method + + select_multiple + header @@ -619,4 +629,1163 @@ textbox + + + header + + + + acl.sc_bytes_in_rate_comparison + + dropdown + + + acl.sc_bytes_in_rate + + text + + + + header + + + + acl.sc_bytes_out_rate_comparison + + dropdown + + + acl.sc_bytes_out_rate + + text + + + + header + + + + acl.sc_clr_gpc_comparison + + dropdown + + + acl.sc_clr_gpc + + text + + + + header + + + + acl.sc_conn_cnt_comparison + + dropdown + + + acl.sc_conn_cnt + + text + + + + header + + + + acl.sc_conn_cur_comparison + + dropdown + + + acl.sc_conn_cur + + text + + + + header + + + + acl.sc_conn_rate_comparison + + dropdown + + + acl.sc_conn_rate + + text + + + + header + + + + acl.sc_get_gpc_comparison + + dropdown + + + acl.sc_get_gpc + + text + + + + header + + + + acl.sc_get_gpt_comparison + + dropdown + + + acl.sc_get_gpt + + text + + + + header + + + + acl.sc_glitch_cnt_comparison + + dropdown + + + acl.sc_glitch_cnt + + text + + + + header + + + + acl.sc_glitch_rate_comparison + + dropdown + + + acl.sc_glitch_rate + + text + + + + header + + + + acl.sc_gpc_rate_comparison + + dropdown + + + acl.sc_gpc_rate + + text + + + + header + + + + acl.sc_http_err_cnt_comparison + + dropdown + + + acl.sc_http_err_cnt + + text + + + + header + + + + acl.sc_http_err_rate_comparison + + dropdown + + + acl.sc_http_err_rate + + text + + + + header + + + + acl.sc_http_fail_cnt_comparison + + dropdown + + + acl.sc_http_fail_cnt + + text + + + + header + + + + acl.sc_http_fail_rate_comparison + + dropdown + + + acl.sc_http_fail_rate + + text + + + + header + + + + acl.sc_http_req_cnt_comparison + + dropdown + + + acl.sc_http_req_cnt + + text + + + + header + + + + acl.sc_http_req_rate_comparison + + dropdown + + + acl.sc_http_req_rate + + text + + + + header + + + + acl.sc_inc_gpc_comparison + + dropdown + + + acl.sc_inc_gpc + + text + + + + header + + + + acl.sc_sess_cnt_comparison + + dropdown + + + acl.sc_sess_cnt + + text + + + + header + + + + acl.sc_sess_rate_comparison + + dropdown + + + acl.sc_sess_rate + + text + + + + header + + + + acl.src_get_gpc_comparison + + dropdown + + + acl.src_get_gpc + + text + + + + header + + + + acl.src_get_gpt_comparison + + dropdown + + + acl.src_get_gpt + + text + + + + header + + + + acl.src_glitch_cnt_comparison + + dropdown + + + acl.src_glitch_cnt + + text + + + + header + + + + acl.src_glitch_rate_comparison + + dropdown + + + acl.src_glitch_rate + + text + + + + header + + + + acl.src_gpc_rate_comparison + + dropdown + + + acl.src_gpc_rate + + text + + + + header + + + + acl.src_http_fail_cnt_comparison + + dropdown + + + acl.src_http_fail_cnt + + text + + + + header + + + + acl.src_http_fail_rate_comparison + + dropdown + + + acl.src_http_fail_rate + + text + + + + header + + + + acl.src_inc_gpc_comparison + + dropdown + + + acl.src_inc_gpc + + text + + + + header + + + + acl.sc_clr_gpc0_comparison + + dropdown + + + acl.sc_clr_gpc0 + + text + + + + header + + + + acl.sc_clr_gpc1_comparison + + dropdown + + + acl.sc_clr_gpc1 + + text + + + + header + + + + acl.sc0_clr_gpc0_comparison + + dropdown + + + acl.sc0_clr_gpc0 + + text + + + + header + + + + acl.sc0_clr_gpc1_comparison + + dropdown + + + acl.sc0_clr_gpc1 + + text + + + + header + + + + acl.sc1_clr_gpc_comparison + + dropdown + + + acl.sc1_clr_gpc + + text + + + + header + + + + acl.sc1_clr_gpc0_comparison + + dropdown + + + acl.sc1_clr_gpc0 + + text + + + + header + + + + acl.sc1_clr_gpc1_comparison + + dropdown + + + acl.sc1_clr_gpc1 + + text + + + + header + + + + acl.sc2_clr_gpc_comparison + + dropdown + + + acl.sc2_clr_gpc + + text + + + + header + + + + acl.sc2_clr_gpc0_comparison + + dropdown + + + acl.sc2_clr_gpc0 + + text + + + + header + + + + acl.sc2_clr_gpc1_comparison + + dropdown + + + acl.sc2_clr_gpc1 + + text + + + + header + + + + acl.sc_get_gpc0_comparison + + dropdown + + + acl.sc_get_gpc0 + + text + + + + header + + + + acl.sc_get_gpc1_comparison + + dropdown + + + acl.sc_get_gpc1 + + text + + + + header + + + + acl.sc0_get_gpc0_comparison + + dropdown + + + acl.sc0_get_gpc0 + + text + + + + header + + + + acl.sc0_get_gpc1_comparison + + dropdown + + + acl.sc0_get_gpc1 + + text + + + + header + + + + acl.sc1_get_gpc0_comparison + + dropdown + + + acl.sc1_get_gpc0 + + text + + + + header + + + + acl.sc1_get_gpc1_comparison + + dropdown + + + acl.sc1_get_gpc1 + + text + + + + header + + + + acl.sc2_get_gpc0_comparison + + dropdown + + + acl.sc2_get_gpc0 + + text + + + + header + + + + acl.sc2_get_gpc1_comparison + + dropdown + + + acl.sc2_get_gpc1 + + text + + + + header + + + + acl.sc_get_gpt_comparison + + dropdown + + + acl.sc_get_gpt + + text + + + + header + + + + acl.sc_get_gpt0_comparison + + dropdown + + + acl.sc_get_gpt0 + + text + + + + header + + + + acl.sc0_get_gpt0_comparison + + dropdown + + + acl.sc0_get_gpt0 + + text + + + + header + + + + acl.sc1_get_gpt0_comparison + + dropdown + + + acl.sc1_get_gpt0 + + text + + + + header + + + + acl.sc2_get_gpt0_comparison + + dropdown + + + acl.sc2_get_gpt0 + + text + + + + header + + + + acl.sc_gpc0_rate_comparison + + dropdown + + + acl.sc_gpc0_rate + + text + + + + header + + + + acl.sc_gpc1_rate_comparison + + dropdown + + + acl.sc_gpc1_rate + + text + + + + header + + + + acl.sc0_gpc0_rate_comparison + + dropdown + + + acl.sc0_gpc0_rate + + text + + + + header + + + + acl.sc0_gpc1_rate_comparison + + dropdown + + + acl.sc0_gpc1_rate + + text + + + + header + + + + acl.sc1_gpc0_rate_comparison + + dropdown + + + acl.sc1_gpc0_rate + + text + + + + header + + + + acl.sc1_gpc1_rate_comparison + + dropdown + + + acl.sc1_gpc1_rate + + text + + + + header + + + + acl.sc2_gpc0_rate_comparison + + dropdown + + + acl.sc2_gpc0_rate + + text + + + + header + + + + acl.sc2_gpc1_rate_comparison + + dropdown + + + acl.sc2_gpc1_rate + + text + + + + header + + + + acl.sc_inc_gpc0_comparison + + dropdown + + + acl.sc_inc_gpc0 + + text + + + + header + + + + acl.sc_inc_gpc1_comparison + + dropdown + + + acl.sc_inc_gpc1 + + text + + + + header + + + + acl.sc0_inc_gpc0_comparison + + dropdown + + + acl.sc0_inc_gpc0 + + text + + + + header + + + + acl.sc0_inc_gpc1_comparison + + dropdown + + + acl.sc0_inc_gpc1 + + text + + + + header + + + + acl.sc1_inc_gpc0_comparison + + dropdown + + + acl.sc1_inc_gpc0 + + text + + + + header + + + + acl.sc1_inc_gpc1_comparison + + dropdown + + + acl.sc1_inc_gpc1 + + text + + + + header + + + + acl.sc2_inc_gpc0_comparison + + dropdown + + + acl.sc2_inc_gpc0 + + text + + + + header + + + + acl.sc2_inc_gpc1_comparison + + dropdown + + + acl.sc2_inc_gpc1 + + text + + + + header + + + + acl.src_clr_gpc0_comparison + + dropdown + + + acl.src_clr_gpc0 + + text + + + + header + + + + acl.src_clr_gpc1_comparison + + dropdown + + + acl.src_clr_gpc1 + + text + + + + header + + + + acl.src_get_gpc0_comparison + + dropdown + + + acl.src_get_gpc0 + + text + + + + header + + + + acl.src_get_gpc1_comparison + + dropdown + + + acl.src_get_gpc1 + + text + + + + header + + + + acl.src_gpc0_rate_comparison + + dropdown + + + acl.src_gpc0_rate + + text + + + + header + + + + acl.src_gpc1_rate_comparison + + dropdown + + + acl.src_gpc1_rate + + text + + + + header + + + + acl.src_inc_gpc0_comparison + + dropdown + + + acl.src_inc_gpc0 + + text + + + + header + + + + acl.src_inc_gpc1_comparison + + dropdown + + + acl.src_inc_gpc1 + + text + + + + header + + + acl.gpc_number + + text + + + + acl.gpt_number + + text + + + + acl.sc_number + + text + + + + acl.table_name + + text + + + + acl.mapfile + + dropdown + + diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAction.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAction.xml index 0386b9f1ae..0222a2f4b0 100644 --- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAction.xml +++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogAction.xml @@ -1,4 +1,10 @@
+ + action.enabled + + checkbox + Enable this rule. + action.name @@ -15,33 +21,33 @@ header - - action.testType - - dropdown - - action.linkedAcls select_multiple + + action.testType + + dropdown + + action.operator - + dropdown - + - + header action.type - + dropdown - + @@ -72,402 +78,251 @@ header - - - - action.http_request_auth - - text - - - - - header - - - - action.http_request_redirect - - text - HAProxy's documentation for further details and examples.]]> - - - - header - - - - action.http_request_lua - - text - - - - - header - + - action.http_request_use_service - + action.monitor_fail_uri + text - + header - - - - action.http_request_add_header_name - - text - + - action.http_request_add_header_content - - text - HAProxy's documentation for further details and examples.]]> + action.custom + + textbox + header - + - action.http_request_set_header_name - - text - + action.map_use_backend_file + + dropdown + - action.http_request_set_header_content - - text - HAProxy's documentation for further details and examples.]]> + action.map_use_backend_default + + dropdown + header - - - - action.http_request_del_header_name - - text - + - - header - + action.map_data_use_backend_file + + dropdown + - action.http_request_replace_header_name - - text - + action.map_data_use_backend_input + + textbox + - action.http_request_replace_header_regex - - text - + action.map_data_use_backend_default + + dropdown + header - - - - action.http_request_replace_value_name - - text - + - action.http_request_replace_value_regex - + action.fcgi_pass_header + text - + header - + - action.http_request_set_path - + action.fcgi_set_param + text - + Custom Log format rules. With this directive, it is possible to overwrite the value of default FastCGI parameters.]]> header - + - action.http_request_set_var_scope - + action.compression_direction + dropdown - - - - action.http_request_set_var_name - - text - - - action.http_request_set_var_expr - - text - - - - - header - - - - action.http_response_lua - - text - - - - - header - + - action.http_response_add_header_name - - text - - - - action.http_response_add_header_content - - text - HAProxy's documentation for further details and examples.]]> - - - - header - + action.compression_algo_res + + dropdown + - action.http_response_set_header_name - - text - + action.compression_algo_req + + dropdown + - action.http_response_set_header_content - - text - HAProxy's documentation for further details and examples.]]> + action.compression_mime_res + + select_multiple + + true + + Enter MIME types here. Finish with TAB. - - header - + action.compression_mime_req + + select_multiple + + true + + Enter MIME types here. Finish with TAB. - action.http_response_del_header_name - + action.compression_minsize_res + text - - - - - header - + - action.http_response_replace_header_name - + action.compression_minsize_req + text - + - action.http_response_replace_header_regex - - text - + action.compression_offloading + + checkbox + header - + - action.http_response_replace_value_name - - text - + action.http_after_response_action + + dropdown + HAProxy's documentation.]]> - action.http_response_replace_value_regex - + action.http_after_response_option + text - + HAProxy's documentation.]]> header - + - action.http_response_set_status_code - - text - + action.http_request_action + + dropdown + HAProxy's documentation.]]> - action.http_response_set_status_reason - + action.http_request_option + text - + HAProxy's documentation.]]> header - + - action.http_response_set_var_scope - + action.http_response_action + dropdown - - - - action.http_response_set_var_name - - text - - - action.http_response_set_var_expr - - text - - - - - header - + HAProxy's documentation.]]> - action.monitor_fail_uri - + action.http_response_option + text - + HAProxy's documentation.]]> header - - - - action.tcp_request_content_lua - - text - + - - header - + action.tcp_request_action + + dropdown + HAProxy's documentation.]]> - action.tcp_request_content_use_service - + action.tcp_request_option + text - + HAProxy's documentation.]]> header - - - - action.tcp_request_inspect_delay - - text - + - - header - + action.tcp_response_action + + dropdown + HAProxy's documentation.]]> - action.tcp_response_content_lua - + action.tcp_response_option + text - + HAProxy's documentation.]]> - + header - - action.tcp_response_inspect_delay - + action.gpc_number + text - - - - - header - - - - action.custom - - textbox - - - - - header - + - action.map_use_backend_file - - dropdown - - - - action.map_use_backend_default - - dropdown - - - - - header - - - - action.fcgi_pass_header - + action.gpt_number + text - + - - header - - - - action.fcgi_set_param - + action.sc_number + text - Custom Log format rules. With this directive, it is possible to overwrite the value of default FastCGI parameters.]]> + diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogBackend.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogBackend.xml index 014b959aeb..2f39423dff 100644 --- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogBackend.xml +++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogBackend.xml @@ -28,7 +28,7 @@ backend.algorithm dropdown - HAProxy documentation for a full description.]]> + HAProxy documentation for a full description.]]> Choose a load balancing algorithm.
@@ -42,7 +42,7 @@ backend.proxyProtocol dropdown - HAProxy documentation for a full description.]]> + HAProxy documentation for a full description.]]> true @@ -147,6 +147,13 @@ dropdown + + backend.healthCheckProxyProto + + dropdown + + true + header @@ -186,7 +193,7 @@ true true - HAProxy documentation for a full description.]]> + HAProxy documentation for a full description.]]> backend.forwardFor @@ -213,7 +220,7 @@ backend.persistence_cookiemode dropdown - HAProxy documentation for a full description.]]> + HAProxy documentation for a full description.]]> backend.persistence_cookiename @@ -228,34 +235,52 @@ - + header backend.stickiness_pattern dropdown - HAProxy documentation for a full description.
NOTE: Consider not using this feature in multi-process mode, it can result in random behaviours.
]]> - Choose a persistence type. + HAProxy documentation for further information.]]> backend.stickiness_dataTypes select_multiple - HAProxy documentation for a full description.]]> + HAProxy documentation for a full description.]]> backend.stickiness_expire text - true backend.stickiness_size - + text + + + backend.stickiness_length + + text + + true + + + backend.stickiness_bytesInRatePeriod + + text + + true + + + backend.stickiness_bytesOutRatePeriod + + text + true @@ -278,10 +303,31 @@ true - backend.stickiness_sessRatePeriod - + backend.stickiness_glitchRatePeriod + text - + + true + + + backend.stickiness_gpcElements + + text + + true + + + backend.stickiness_gpcRatePeriod + + text + + true + + + backend.stickiness_gptElements + + text + true @@ -299,17 +345,17 @@ true - backend.stickiness_bytesInRatePeriod - + backend.stickiness_httpFailRatePeriod + text - + true - backend.stickiness_bytesOutRatePeriod - + backend.stickiness_sessRatePeriod + text - + true diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFcgi.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFcgi.xml index 4ad9d1e94e..d8883e203c 100644 --- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFcgi.xml +++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFcgi.xml @@ -33,7 +33,7 @@ fcgi.path_info text - HAProxy's documentation for further details and examples.]]> + HAProxy's documentation for further details and examples.]]> fcgi.log_stderr diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFrontend.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFrontend.xml index ded45f08c2..6698a6464d 100644 --- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFrontend.xml +++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogFrontend.xml @@ -23,7 +23,7 @@ select_multiple true - + Enter address:port here. Finish with TAB. @@ -203,7 +203,7 @@ true true - + frontend.forwardFor @@ -343,35 +343,33 @@ true - + header frontend.stickiness_pattern dropdown - HAProxy documentation for further information.]]> + HAProxy documentation for further information.]]> Choose a stick-table type. frontend.stickiness_dataTypes select_multiple - HAProxy documentation for a full description.]]> + HAProxy documentation for a full description.]]> frontend.stickiness_expire text - true frontend.stickiness_size - + text - true frontend.stickiness_counter @@ -384,7 +382,7 @@ frontend.stickiness_counter_key text - HAProxy documentation for a full description.]]> + HAProxy documentation for a full description.]]> true @@ -394,6 +392,20 @@ true + + frontend.stickiness_bytesInRatePeriod + + text + + true + + + frontend.stickiness_bytesOutRatePeriod + + text + + true + frontend.stickiness_connRatePeriod @@ -402,10 +414,31 @@ true - frontend.stickiness_sessRatePeriod - + frontend.stickiness_glitchRatePeriod + text - + + true + + + frontend.stickiness_gpcElements + + text + + true + + + frontend.stickiness_gpcRatePeriod + + text + + true + + + frontend.stickiness_gptElements + + text + true @@ -423,17 +456,17 @@ true - frontend.stickiness_bytesInRatePeriod - + frontend.stickiness_httpFailRatePeriod + text - + true - frontend.stickiness_bytesOutRatePeriod - + frontend.stickiness_sessRatePeriod + text - + true diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogMapfile.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogMapfile.xml index 554246fa45..8c7d74b414 100644 --- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogMapfile.xml +++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogMapfile.xml @@ -11,10 +11,16 @@ text Description for this map file. + + mapfile.type + + dropdown + The type of the map data. + mapfile.content textbox - HAProxy documentation for a full description.]]> + HAProxy documentation for a full description.]]> diff --git a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogServer.xml b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogServer.xml index 99db8ffab0..4dea54e117 100644 --- a/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogServer.xml +++ b/net/haproxy/src/opnsense/mvc/app/controllers/OPNsense/HAProxy/forms/dialogServer.xml @@ -117,9 +117,15 @@ server.sslSNI - + text - + + + + server.sslSNIExpr + + text + SNI expression to specify the data that will be sent in the SNI TLS extension to the server, e.g. req.hdr(host). When a SNI name is present it will be used instead and this option will be ignored.]]> server.sslVerify diff --git a/net/haproxy/src/opnsense/mvc/app/models/OPNsense/HAProxy/HAProxy.xml b/net/haproxy/src/opnsense/mvc/app/models/OPNsense/HAProxy/HAProxy.xml index e1a40e1c57..a99d6d4693 100644 --- a/net/haproxy/src/opnsense/mvc/app/models/OPNsense/HAProxy/HAProxy.xml +++ b/net/haproxy/src/opnsense/mvc/app/models/OPNsense/HAProxy/HAProxy.xml @@ -1,6 +1,6 @@ //OPNsense/HAProxy - 4.1.0 + 5.0.0 the HAProxy load balancer @@ -515,9 +515,9 @@ Y Y - /^((([0-9a-zA-Z._\-\*:\[\]]+:+[0-9]+(-[0-9]+)?|unix@[0-9a-z_\-]+)([,]){0,1}))*/u + /^((([quic4@|quic6@]*[0-9a-zA-Z._\-\*:\[\]]+:+[0-9]+(-[0-9]+)?|unix@[0-9a-z_\-]+)([,]){0,1}))*/u lower - Please provide a valid listen address, i.e. 127.0.0.1:8080, [::1]:8080, www.example.com:443 or unix@socket-name. Port range as start-end, i.e. 127.0.0.1:1220-1240. + Please provide a valid listen address, i.e. 127.0.0.1:8080, [::1]:8080, www.example.com:443, quic4@www.example.com or unix@socket-name. Port range as start-end, i.e. 127.0.0.1:1220-1240. N @@ -747,30 +747,43 @@ N - only store IPv4 addresses [default] - only store IPv6 addresses - store 32bit integers - store substrings - store binary blocks + Binary + Integer + IPv4 [default] + IPv6 + String N Y - Connection count - Current connections - Connection rate - Session count - Session rate - HTTP request count - HTTP request rate - HTTP error count - HTTP error rate Bytes in count (client to server) Bytes in rate (client to server) Bytes out count (server to client) Bytes out rate (server to client) + Connection count (total) + Connection count (current) + Connection rate + Glitch count + Glitch rate + General Purpose Counters (array of elements) + General Purpose Counter rate + gpc0 + gpc0 rate + gpc1 + gpc1 rate + General Purpose Tags (array of elements) + gpt0 + HTTP error count + HTTP error rate + HTTP fail count + HTTP fail rate + HTTP request count + HTTP request rate + Server ID + Session count + Session rate @@ -839,6 +852,38 @@ Should be a number between 1 and 8 characters, optionally followed by either "d", "h", "m", "s", "ms" or "us". N + + 0 + 0 + 99 + Please specify a value between 0 and 99. + N + + + 1m + /^([0-9]{1,8}(?:us|ms|s|m|h|d)?)/u + Should be a number between 1 and 8 characters, optionally followed by either "d", "h", "m", "s", "ms" or "us". + N + + + 0 + 0 + 99 + Please specify a value between 0 and 99. + N + + + 1m + /^([0-9]{1,8}(?:us|ms|s|m|h|d)?)/u + Should be a number between 1 and 8 characters, optionally followed by either "d", "h", "m", "s", "ms" or "us". + N + + + 1m + /^([0-9]{1,8}(?:us|ms|s|m|h|d)?)/u + Should be a number between 1 and 8 characters, optionally followed by either "d", "h", "m", "s", "ms" or "us". + N + 1 N @@ -853,6 +898,7 @@ Y Y +

HTTP/3

HTTP/2

HTTP/1.1 HTTP/1.0 @@ -1079,6 +1125,15 @@ N N + + N + backend + + Follow Backend Pool settings [default] + Enable for Health Check + Disable for Health Check + + 1 N @@ -1149,29 +1204,45 @@ N sourceipv4 - Source-IP [default] - Source-IPv6 - Existing cookie value + Binary + Cookie value + Integer RDP-Cookie + Source-IPv4 [default] + Source-IPv6 + String N Y - Connection count - Current connections - Connection rate - Session count - Session rate - HTTP request count - HTTP request rate - HTTP error count - HTTP error rate Bytes in count (client to server) Bytes in rate (client to server) Bytes out count (server to client) Bytes out rate (server to client) + Connection count (total) + Connection count (current) + Connection rate + Glitch count + Glitch rate + General Purpose Counters (array of elements) + General Purpose Counter rate + gpc0 + gpc0 rate + gpc1 + gpc1 rate + General Purpose Tags (array of elements) + gpt0 + HTTP error count + HTTP error rate + HTTP fail count + HTTP fail rate + HTTP request count + HTTP request rate + Server ID + Session count + Session rate @@ -1199,6 +1270,12 @@ Please specify a value between 1 and 10000. N + + 1 + 16384 + Please specify a value between 1 and 16384. + N + 10s /^([0-9]{1,8}(?:us|ms|s|m|h|d)?)/u @@ -1235,6 +1312,38 @@ Should be a number between 1 and 8 characters, optionally followed by either "d", "h", "m", "s", "ms" or "us". N + + 0 + 0 + 99 + Please specify a value between 0 and 99. + N + + + 0 + 0 + 99 + Please specify a value between 0 and 99. + N + + + 1m + /^([0-9]{1,8}(?:us|ms|s|m|h|d)?)/u + Should be a number between 1 and 8 characters, optionally followed by either "d", "h", "m", "s", "ms" or "us". + N + + + 1m + /^([0-9]{1,8}(?:us|ms|s|m|h|d)?)/u + Should be a number between 1 and 8 characters, optionally followed by either "d", "h", "m", "s", "ms" or "us". + N + + + 1m + /^([0-9]{1,8}(?:us|ms|s|m|h|d)?)/u + Should be a number between 1 and 8 characters, optionally followed by either "d", "h", "m", "s", "ms" or "us". + N + 0 N @@ -1447,6 +1556,11 @@ Should be a string between 1 and 255 characters. N + + /^.{1,255}$/u + Should be a string between 1 and 255 characters. + N + 1 Y @@ -1711,59 +1825,133 @@ Y - HTTP Basic Auth: username/password from client matches selected User/Group - Host starts with - Host ends with - Host matches - Host regex - Host contains - Path starts with - Path ends with - Path matches - Path regex - Path contains subdir - Path contains string - HTTP Header starts with - HTTP Header ends with - HTTP Header matches - HTTP Header regex - HTTP Header contains - URL parameter contains - SSL Client certificate is valid - SSL Client certificate verify error result - SSL Client certificate issued by CA common-name - SSL Hello Type - Source IP matches specified IP - Source IP is local - Source IP: TCP source port - Source IP: incoming bytes rate - Source IP: outgoing bytes rate - Source IP: amount of data received (in kilobytes) - Source IP: amount of data sent (in kilobytes) - - Source IP: cumulative number of connections - Source IP: concurrent connections - Source IP: connection rate - - - - Source IP: cumulative number of HTTP errors - Source IP: rate of HTTP errors - Source IP: number of HTTP requests - Source IP: rate of HTTP requests - - Source IP: cumulative number of sessions - Source IP: session rate - Minimum number of usable servers in backend - Traffic is HTTP - Traffic is SSL (TCP request content inspection) - Traffic is SSL (locally deciphered) - SNI TLS extension matches (locally deciphered) - SNI TLS extension matches (TCP request content inspection) - SNI TLS extension contains (TCP request content inspection) - SNI TLS extension starts with (TCP request content inspection) - SNI TLS extension ends with (TCP request content inspection) - SNI TLS extension regex (TCP request content inspection) + hdr_beg – specified HTTP Header starts with + hdr_end – specified HTTP Header ends with + hdr – specified HTTP Header matches + hdr_reg – specified HTTP Header regex + hdr_sub – specified HTTP Header contains + hdr_beg – HTTP Host Header starts with + hdr_end – HTTP Host Header ends with + hdr – HTTP Host Header matches + hdr_reg – HTTP Host Header regex + hdr_sub – HTTP Host Header contains + http_auth – HTTP Basic Auth: username/password from client matches selected User/Group + http_method – HTTP Method + nbsrv – Minimum number of usable servers in backend + path_beg – Path starts with + path_dir – Path contains subdir + path_end – Path ends with + path – Path matches + path_reg – Path regex + path_sub – Path contains string + quic_enabled – QUIC transport protocol is enabled + req.proto_http – Traffic is HTTP + req.ssl_ver – Traffic is SSL (TCP request content inspection) + sc_bytes_in_rate – Sticky counter: incoming bytes rate + sc_bytes_out_rate – Sticky counter: outgoing bytes rate + sc_clr_gpc – Sticky counter: clear General Purpose Counter + sc_clr_gpc0 – Sticky counter: clear General Purpose Counter + sc_clr_gpc1 – Sticky counter: clear General Purpose Counter + sc0_clr_gpc0 – Sticky counter: clear General Purpose Counter + sc0_clr_gpc1 – Sticky counter: clear General Purpose Counter + sc1_clr_gpc – Sticky counter: clear General Purpose Counter + sc1_clr_gpc0 – Sticky counter: clear General Purpose Counter + sc1_clr_gpc1 – Sticky counter: clear General Purpose Counter + sc2_clr_gpc – Sticky counter: clear General Purpose Counter + sc2_clr_gpc0 – Sticky counter: clear General Purpose Counter + sc2_clr_gpc1 – Sticky counter: clear General Purpose Counter + sc_conn_cnt – Sticky counter: cumulative number of connections + sc_conn_cur – Sticky counter: concurrent connections + sc_conn_rate – Sticky counter: connection rate + sc_get_gpc – Sticky counter: get General Purpose Counter value + sc_get_gpc0 – Sticky counter: get General Purpose Counter value + sc_get_gpc1 – Sticky counter: get General Purpose Counter value + sc0_get_gpc0 – Sticky counter: get General Purpose Counter value + sc0_get_gpc1 – Sticky counter: get General Purpose Counter value + sc1_get_gpc0 – Sticky counter: get General Purpose Counter value + sc1_get_gpc1 – Sticky counter: get General Purpose Counter value + sc2_get_gpc0 – Sticky counter: get General Purpose Counter value + sc2_get_gpc1 – Sticky counter: get General Purpose Counter value + sc_get_gpt – Sticky counter: get General Purpose Tag value + sc_get_gpt0 – Sticky counter: get General Purpose Tag value + sc0_get_gpt0 – Sticky counter: get General Purpose Tag value + sc1_get_gpt0 – Sticky counter: get General Purpose Tag value + sc2_get_gpt0 – Sticky counter: get General Purpose Tag value + sc_glitch_cnt – Sticky counter: cumulative number of glitches + sc_glitch_rate – Sticky counter: rate of glitches + sc_gpc_rate – Sticky counter: increment rate of General Purpose Counter + sc_gpc0_rate – Sticky counter: increment rate of General Purpose Counter + sc_gpc1_rate – Sticky counter: increment rate of General Purpose Counter + sc0_gpc0_rate – Sticky counter: increment rate of General Purpose Counter + sc0_gpc1_rate – Sticky counter: increment rate of General Purpose Counter + sc1_gpc0_rate – Sticky counter: increment rate of General Purpose Counter + sc1_gpc1_rate – Sticky counter: increment rate of General Purpose Counter + sc2_gpc0_rate – Sticky counter: increment rate of General Purpose Counter + sc2_gpc1_rate – Sticky counter: increment rate of General Purpose Counter + sc_http_err_cnt – Sticky counter: cumulative number of HTTP errors + sc_http_err_rate – Sticky counter: rate of HTTP errors + sc_http_fail_cnt – Sticky counter: cumulative number of HTTP failures + sc_http_fail_rate – Sticky counter: rate of HTTP failures + sc_http_req_cnt – Sticky counter: cumulative number of HTTP requests + sc_http_req_rate – Sticky counter: rate of HTTP requests + sc_inc_gpc – Sticky counter: increment General Purpose Counter + sc_inc_gpc0 – Sticky counter: increment General Purpose Counter + sc_inc_gpc1 – Sticky counter: increment General Purpose Counter + sc0_inc_gpc0 – Sticky counter: increment General Purpose Counter + sc0_inc_gpc1 – Sticky counter: increment General Purpose Counter + sc1_inc_gpc0 – Sticky counter: increment General Purpose Counter + sc1_inc_gpc1 – Sticky counter: increment General Purpose Counter + sc2_inc_gpc0 – Sticky counter: increment General Purpose Counter + sc2_inc_gpc1 – Sticky counter: increment General Purpose Counter + sc_sess_cnt – Sticky counter: cumulative number of sessions + sc_sess_rate – Sticky counter: session rate + src – Source IP matches specified IP + src_bytes_in_rate – Source IP: incoming bytes rate + src_bytes_out_rate – Source IP: outgoing bytes rate + src_clr_gpc – Source IP: clear General Purpose Counter + src_clr_gpc0 – Source IP: clear General Purpose Counter + src_clr_gpc1 – Source IP: clear General Purpose Counter + src_conn_cnt – Source IP: cumulative number of connections + src_conn_cur – Source IP: concurrent connections + src_conn_rate – Source IP: connection rate + src_get_gpc – Source IP: get General Purpose Counter value + src_get_gpc0 – Source IP: get General Purpose Counter value + src_get_gpc1 – Source IP: get General Purpose Counter value + src_get_gpt – Source IP: get General Purpose Tag value + src_glitch_cnt – Source IP: cumulative number of glitches + src_glitch_rate – Source IP: rate of glitches + src_gpc_rate – Source IP: increment rate of General Purpose Counter + src_gpc0_rate – Source IP: increment rate of General Purpose Counter + src_gpc1_rate – Source IP: increment rate of General Purpose Counter + src_http_err_cnt – Source IP: cumulative number of HTTP errors + src_http_err_rate – Source IP: rate of HTTP errors + src_http_fail_cnt – Source IP: cumulative number of HTTP failures + src_http_fail_rate – Source IP: rate of HTTP failures + src_http_req_cnt – Source IP: number of HTTP requests + src_http_req_rate – Source IP: rate of HTTP requests + src_inc_gpc – Source IP: increment General Purpose Counter + src_inc_gpc0 – Source IP: increment General Purpose Counter + src_inc_gpc1 – Source IP: increment General Purpose Counter + src_is_local – Source IP is local + src_kbytes_in – Source IP: amount of data received (in kilobytes) + src_kbytes_out – Source IP: amount of data sent (in kilobytes) + src_port – Source IP: TCP source port + src_sess_cnt – Source IP: cumulative number of sessions + src_sess_rate – Source IP: session rate + ssl_c_ca_commonname – SSL Client certificate issued by CA common-name + ssl_c_verify_code – SSL Client certificate verify error result + ssl_c_verify – SSL Client certificate is valid + ssl_fc_sni – SNI TLS extension matches (locally deciphered) + ssl_fc – Traffic is SSL (locally deciphered) + ssl_hello_type – SSL Hello Type + ssl_sni_beg – SNI TLS extension starts with (TCP request content inspection) + ssl_sni_end – SNI TLS extension ends with (TCP request content inspection) + ssl_sni_reg – SNI TLS extension regex (TCP request content inspection) + ssl_sni – SNI TLS extension matches (TCP request content inspection) + ssl_sni_sub – SNI TLS extension contains (TCP request content inspection) + stopping – HAProxy process is currently stopping + url_param – URL parameter contains + wait_end – Inspection period is over Custom condition (option pass-through) @@ -2195,176 +2383,1516 @@ Y N - - - - - - /^[^\t^,^;^\.^\[^\]^\{^\}]{1,255}$/u - Should be a string between 1 and 255 characters. - Y - - - /^.{1,255}$/u - Should be a string between 1 and 255 characters. + N - - - Y - if + Y - IF [default] - UNLESS + CONNECT + DELETE + GET + HEAD + OPTIONS + PATCH + POST + PUT + TRACE - - - - - - Related ACL item not found - Y - N - - + + N - and + gt - AND [default] - OR + greater than + greater equal + equal + less than + less equal - - - Y + + + N + + + N + gt - Use specified Backend Pool - Override server in Backend Pool - Map domains to backend pools using a map file - FastCGI pass-header - FastCGI set-param - http-request allow - http-request deny - http-request tarpit - http-request auth - http-request redirect - http-request lua action - http-request lua service - http-request header add - http-request header set - http-request header delete - http-request header replace - http-request header replace value - http-request set-path - http-request set-var - http-response allow - http-response deny - http-response lua script - http-response header add - http-response header set - http-response header delete - http-response header replace - http-response header replace value - http-response set-status - http-response set-var - monitor fail: report failure to a monitor request - tcp-request connection accept - tcp-request connection reject - tcp-request content accept - tcp-request content reject - tcp-request content lua script - tcp-request content use-service - tcp-request inspect-delay - tcp-response content accept - tcp-response content close - tcp-response content reject - tcp-response content lua script - tcp-response inspect-delay - Custom rule (option pass-through) + greater than + greater equal + equal + less than + less equal - - - - - - Related backend item not found - N - N - - - - - - Related server item not found - N + + N - - - /^.{1,1024}$/u - Should be a string between 1 and 1024 characters. + + N - - - /^.{1,1024}$/u - Should be a string between 1 and 1024 characters. + gt + + greater than + greater equal + equal + less than + less equal + + + N - - - /^.{1,4096}$/u + + N - - - - /^.{1,4096}$/u + gt + + greater than + greater equal + equal + less than + less equal + + + N - - - /^.{1,4096}$/u + + N - - - /^.{1,4096}$/u + gt + + greater than + greater equal + equal + less than + less equal + + + N - - - /^.{1,4096}$/u + + N - - - /^.{1,4096}$/u + gt + + greater than + greater equal + equal + less than + less equal + + + N - - - /^.{1,4096}$/u + + N - - - /^.{1,4096}$/u + gt + + greater than + greater equal + equal + less than + less equal + + + N - - - /^.{1,4096}$/u + + N - - - /^.{1,4096}$/u + gt + + greater than + greater equal + equal + less than + less equal + + + N - - - /^.{1,4096}$/u + + N - - + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + N + gt + + greater than + greater equal + equal + less than + less equal + + + + N + + + 0 + 100 + Please specify a value between 0 and 99. + N + + + 0 + 100 + Please specify a value between 0 and 99. + N + + + 0 + 100 + Please specify a value between 0 and 99. + N + + + /^.{1,4096}$/u + N + + + + + + Related mapfile item not found + N + + + + + + + 1 + Y + + + /^[^\t^,^;^\.^\[^\]^\{^\}]{1,255}$/u + Should be a string between 1 and 255 characters. + Y + + + /^.{1,255}$/u + Should be a string between 1 and 255 characters. + N + + + Y + if + + IF [default] + UNLESS + + + + + + + Related ACL item not found + Y + N + + + N + and + + AND [default] + OR + + + + Y + + Compression for HTTP responses/requests + FastCGI pass-header + FastCGI set-param + http-after-response + http-request + http-response + Map data to backend pools using a map file + Map domains to backend pools using a map file + monitor fail: report failure to a monitor request + tcp-request + tcp-response + Use specified Backend Pool + Override server in Backend Pool + Custom rule (option pass-through) + + + + + + + Related backend item not found + N + N + + + + + + Related server item not found + N + N + + + /^.{1,1024}$/u + Should be a string between 1 and 1024 characters. + N + + + /^.{1,1024}$/u + Should be a string between 1 and 1024 characters. + N + + + /^.{1,4096}$/u + N + + + /^.{1,4096}$/u + N + + + N + + add-header + allow + capture + del-header + del-map + do-log + replace-header + replace-value + sc-add-gpc + sc-inc-gpc + sc-inc-gpc0 + sc-inc-gpc1 + sc-set-gpt + sc-set-gpt0 + set-header + set-log-level + set-map + set-status + set-var + set-var-fmt + strict-mode + unset-var + + + + /^.{1,4096}$/u + N + + + N + + add-acl + add-header + allow + auth + cache-use + capture + del-acl + del-header + del-map + deny + disable-l7-retry + do-log + do-resolve + early-hint + normalize-uri + redirect + reject + replace-header + replace-path + replace-pathq + replace-uri + replace-value + return + sc-add-gpc + sc-inc-gpc + sc-inc-gpc0 + sc-inc-gpc1 + sc-set-gpt + sc-set-gpt0 + send-spoe-group + set-dst + set-dst-port + set-fc-mark + set-fc-tos + set-header + set-log-level + set-map + set-method + set-nice + set-path + set-pathq + set-priority-class + set-priority-offset + set-query + set-src + set-src-port + set-timeout + set-uri + set-var + set-var-fmt + silent-drop + strict-mode + tarpit + track-sc0 + track-sc1 + track-sc2 + unset-var + use-service + wait-for-body + wait-for-handshake + + + + /^.{1,4096}$/u + N + + + N + + add-acl + add-header + allow + cache-store + capture + del-acl + del-header + del-map + deny + do-log + redirect + replace-header + replace-value + return + sc-add-gpc + sc-inc-gpc + sc-inc-gpc0 + sc-inc-gpc1 + sc-set-gpt + sc-set-gpt0 + send-spoe-group + set-fc-mark + set-fc-tos + set-header + set-log-level + set-map + set-nice + set-status + set-timeout + set-var + set-var-fmt + silent-drop + strict-mode + track-sc0 + track-sc1 + track-sc2 + unset-var + wait-for-body + + + + /^.{1,4096}$/u + N + + + N + + connection accept + connection expect-netscaler-cip + connection expect-proxy + connection fc-silent-drop + connection reject + connection sc-add-gpc + connection sc-inc-gpc + connection sc-inc-gpc0 + connection sc-inc-gpc1 + connection sc-set-gpt + connection sc-set-gpt0 + connection send-spoe-group + connection set-dst + connection set-dst-port + connection set-fc-mark + connection set-fc-tos + connection set-log-level + connection set-src + connection set-src-port + connection set-var + connection set-var-fmt + connection silent-drop + connection track-sc0 + connection track-sc1 + connection track-sc2 + connection unset-var + content accept + content capture + content do-resolve + content lua + content reject + content sc-add-gpc + content sc-inc-gpc + content sc-inc-gpc0 + content sc-inc-gpc1 + content sc-set-gpt + content sc-set-gpt0 + content send-spoe-group + content set-dst + content set-dst-port + content set-fc-mark + content set-fc-tos + content set-log-level + content set-nice + content set-priority-class + content set-priority-offset + content set-src + content set-src-port + content set-var + content set-var-fmt + content silent-drop + content switch-mode + content track-sc0 + content track-sc1 + content track-sc2 + content unset-var + content use-service + inspect-delay + session accept + session attach-srv + session reject + session sc-add-gpc + session sc-inc-gpc + session sc-inc-gpc0 + session sc-inc-gpc1 + session sc-set-gpt + session sc-set-gpt0 + session send-spoe-group + session set-dst + session set-dst-port + session set-fc-mark + session set-fc-tos + session set-log-level + session set-src + session set-src-port + session set-var + session set-var-fmt + session silent-drop + session track-sc0 + session track-sc1 + session track-sc2 + session unset-var + + + + /^.{1,4096}$/u + N + + + N + + content accept + content close + content lua + content reject + content sc-add-gpc + content sc-inc-gpc + content sc-inc-gpc0 + content sc-inc-gpc1 + content sc-set-gpt + content sc-set-gpt0 + content send-spoe-group + content set-fc-mark + content set-fc-tos + content set-log-level + content set-nice + content set-var + content set-var-fmt + content silent-drop + content unset-var + inspect-delay + + + + /^.{1,4096}$/u + N + + + + /^.{1,4096}$/u + N + + + 100 + 999 + Please specify a value between 100 and 999. + N + + + /^.{1,4096}$/u + N + + + /^.{1,4096}$/u + N + + + /^.{1,4096}$/u + N + + + /^.{1,4096}$/u + N + + + /^.{1,4096}$/u + N + + + /^.{1,4096}$/u + N + + + /^.{1,4096}$/u + N + + + /^.{1,4096}$/u + N + + + /^.{1,4096}$/u + N + + + /^.{1,4096}$/u + N + + /^.{1,4096}$/u N @@ -2464,10 +3992,6 @@ /^.{1,4096}$/u N - - /^.{1,4096}$/u - N - /^.{1,4096}$/u N @@ -2488,44 +4012,35 @@ /^.{1,32}$/u N - - /^.{1,4096}$/u - N - - - + + - Related backend item not found - Y + Related map file item not found + N N - - + + - Related server item not found - Y - N - - - N - - + Related backend pool item not found + N N - - + + + /^.{1,4096}$/u N - +