From: | "Godfrin, Philippe E" <philippe(dot)godfrin(at)nov(dot)com> |
---|---|
To: | <pgsql-admin(at)lists(dot)postgresql(dot)org> |
Subject: | PG Startup message and HAProxy ACL |
Date: | 2021-06-02 21:09:38 |
Message-ID: | BLAPR15MB3924EAC24A040BD35A255C16823D9@BLAPR15MB3924.namprd15.prod.outlook.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-admin |
Greetings folks!
I am trying to parse the PG startup message using an HAProxy ACL – but the acl never returns true. Here’s what it looks like:
listen pg_ingress
#mode tcp
bind *:5000
option tcplog # enable addvanced logging
# hex convert tsdbrw
acl check-rw req.payload(0,0),hex -m sub 757365720074736462727700
use_backend pg_readwrite if check-rw
default_backend pg_readonly
In detail:
acl check-rw req.payload(0,0),hex -m sub 757365720074736462727700
The req.payload should return a binary block of the entire request buffer. I am assuming that the startup message will be there but I suspect it is not.
The “hex” statement converts the binary into hex, and the -m sub attempts to match a substring of the following hex – which is “user\0tsdbrw\0”
I think this should work, but it doesn’t look that way…
When exactly does the startup message come across the tcp wire?
Much thanks,
Pg
Phil Godfrin | Database Administrator
NOV
NOV US | Engineering Data
9720 Beechnut St | Houston, Texas 77036
M 281.825.2311
E Philippe(dot)Godfrin(at)nov(dot)com
From | Date | Subject | |
---|---|---|---|
Next Message | sbob | 2021-06-02 21:33:32 | Re: column max length / max timestamps from system tables |
Previous Message | Scott Ribe | 2021-06-02 20:32:30 | Re: column max length / max timestamps from system tables |