Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Network for client addr #1450

Closed
wants to merge 3 commits into from
Closed

Network for client addr #1450

wants to merge 3 commits into from

Conversation

y-trudeau
Copy link

A simple patch to support networks like in mysql.user.host in client_addr. With this patch, a query rule can be defined with a client_addr formatted like '10.0.%' which will match all the IPs starting with '10.0.'. The patch compiles fine and does the intended job but since I am not a professional developer, I am not sure everything is thread safe.

@renecannao
Copy link
Contributor

Hi Yves,
thank you for the PR!

The if statements assumes that clients use only IPv4 , while also IPv6 is supported.
I think should become:

if (strlen(qr->client_addr) >= INET6_ADDRSTRLEN) {
	proxy_error("query rule %d has an invalid client_addr\n", qr->rule_id);
	continue;
}
char net[INET6_ADDRSTRLEN];

What do you think?
Other than that, everything else makes sense to me.

@y-trudeau
Copy link
Author

Hi René, looks good to me, I forgot about ipv6.

@renecannao
Copy link
Contributor

Some extra thoughts on this, performance optimizations:
a) input validation ( if (strlen(qr->client_addr) > ) should be done only once, when the rule is loaded
b) QP_rule_t should remember if there is a wildcard in client_addr and its position if present, so to avoid strchr and few strlen, and start strncmp as soon as possible.

I will use this PR as a baseline for a new commit.

Thank you!

renecannao added a commit that referenced this pull request Apr 6, 2018
@renecannao
Add support for wildcard in mysql_query_rules.client_addr #1450
d1a14e6 
Input validation:
- client_addr not longer than INET6_ADDRSTRLEN
- % allowed only at the end of client_addr

Query rule itself remembers if there is a wildcard or not.
If there is a wildcard compares string till the wildcard.
If client_addr=='%' , it is a match all.
@renecannao
Copy link
Contributor

renecannao commented Apr 6, 2018
edited
Loading

New check implemented in d1a14e6

Input validation:

  • client_addr not longer than INET6_ADDRSTRLEN
  • % allowed only at the end of client_addr

Query rule itself remembers if there is a wildcard or not.
If there is a wildcard compares string till the wildcard.
If client_addr=='%' , it is a match all.

pondix pushed a commit to pondix/proxysql that referenced this pull request Apr 11, 2018
@renecannao @pondix
Add support for wildcard in mysql_query_rules.client_addr sysown#1450
c15ee49 
Input validation:
- client_addr not longer than INET6_ADDRSTRLEN
- % allowed only at the end of client_addr

Query rule itself remembers if there is a wildcard or not.
If there is a wildcard compares string till the wildcard.
If client_addr=='%' , it is a match all.
@renecannao renecannao closed this Aug 2, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@y-trudeau @renecannao