Forum Discussion

R_Marc's avatar
R_Marc
Icon for Nimbostratus rankNimbostratus
Jun 10, 2014

Need to access server IP in CLIENT_DATA

I need to make a modification to the TCP::payload with the target IP of the back-end server. I'm able to make the modifications (when there's one known target server) but I need to do this with a cluster of backend servers.

This sorta works, but breaks down if there are multiple back end servers, as another LB selection is made and so my modified payload doesn't always match the target server. Note, my goal is to not override the load balancing.

when CLIENT_DATA {
        if { [TCP::payload] contains "(CONNECT_DATA=" } {
                set selection [LB::select]
                log local0. "LB server [lindex $selection 3]"
                set ip_match [regexp -all -inline -indices [IP::local_addr] [TCP::payload]]
                log local0. "[TCP::payload]"

                foreach instance $ip_match {
                  set service_start [lindex $instance 0]
                  set original_tcp_length [TCP::payload length]
                  TCP::payload replace $service_start 14 [lindex $selection 3]
                  log local0. "[TCP::payload]"
                  TCP::payload replace 0 2 [binary format S1 [TCP::payload length]]
                }
         }
      TCP::release
}

9 Replies

    • R_Marc's avatar
      R_Marc
      Icon for Nimbostratus rankNimbostratus
      Yes. Perhaps I'm doing something wrong there, but here's what I tried as a test:
          when CLIENT_ACCEPTED {
        log local0. "client ip [IP::client_addr]"
      }
      when CLIENT_DATA {
        log local0. "in client data"
      }
      when LB_SELECTED {
          TCP::collect
          log local0. "[TCP::payload]"
          TCP::release
      
      }
      
      when SERVER_CONNECTED {
            log local0. "[IP::server_addr]"
      }
      
      Here's what I see in the log:
      Jun 10 12:05:53 slot1/bip info tmm[10558]: Rule /Common/monitoring-rule : client ip 10.0.148.33
      Jun 10 12:05:53 slot1/bip info tmm[10558]: Rule /Common/monitoring-rule :
      Jun 10 12:05:53 slot1/bip info tmm[10558]: Rule /Common/monitoring-rule : 10.0.145.161
      
      I'll read that article though and see if I find anything useful.
    • nitass's avatar
      nitass
      Icon for Employee rankEmployee
      i think you should release data (TCP::release) in CLIENT_DATA (not LB_SELECTED).
    • R_Marc's avatar
      R_Marc
      Icon for Nimbostratus rankNimbostratus
      Yes. Perhaps I'm doing something wrong there, but here's what I tried as a test:
          when CLIENT_ACCEPTED {
        log local0. "client ip [IP::client_addr]"
      }
      when CLIENT_DATA {
        log local0. "in client data"
      }
      when LB_SELECTED {
          TCP::collect
          log local0. "[TCP::payload]"
          TCP::release
      
      }
      
      when SERVER_CONNECTED {
            log local0. "[IP::server_addr]"
      }
      
      Here's what I see in the log:
      Jun 10 12:05:53 slot1/bip info tmm[10558]: Rule /Common/monitoring-rule : client ip 10.0.148.33
      Jun 10 12:05:53 slot1/bip info tmm[10558]: Rule /Common/monitoring-rule :
      Jun 10 12:05:53 slot1/bip info tmm[10558]: Rule /Common/monitoring-rule : 10.0.145.161
      
      I'll read that article though and see if I find anything useful.
    • nitass_89166's avatar
      nitass_89166
      Icon for Noctilucent rankNoctilucent
      i think you should release data (TCP::release) in CLIENT_DATA (not LB_SELECTED).
    • R_Marc's avatar
      R_Marc
      Icon for Nimbostratus rankNimbostratus
      Got it working... Thanks for the tip.
  • R_Marc's avatar
    R_Marc
    Icon for Nimbostratus rankNimbostratus

    After reading the comments (thanks again) got it working:

    when CLIENT_DATA {
      log local0. "-"
      if { [TCP::payload] contains "(CONNECT_DATA=" } {
            set ip_match [regexp -all -inline -indices [IP::local_addr] [TCP::payload]]
            foreach instance $ip_match {
               set service_start [lindex $instance 0]
               set original_tcp_length [TCP::payload length]
               TCP::payload replace $service_start 14 [LB::server addr]
               TCP::payload replace 0 2 [binary format S1 [TCP::payload length]]
            }
      }
      TCP::release
      TCP::collect
    }
    when LB_SELECTED {
      TCP::collect
    }