51 lines
1.3 KiB
Perl
51 lines
1.3 KiB
Perl
package My::parser::haproxy_parser;
|
|
use strict;
|
|
use warnings;
|
|
|
|
sub new {
|
|
my $class = shift;
|
|
my $self = {};
|
|
bless ($self, $class);
|
|
return $self;
|
|
}
|
|
|
|
sub parser {
|
|
my $self = shift;
|
|
my $string = shift;
|
|
my ($reply,$hostile,$host) = ("No match for $string",0,'');
|
|
my $re_host = qr/[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}/;
|
|
if($string =~ m/SSL handshake failure/) {
|
|
$_ = $string;
|
|
$reply = 'SSL handshake failure';
|
|
$hostile = 1;
|
|
PARSE:
|
|
m/(\ ($re_host):[0-9]{1,6})/gcix && do {
|
|
$host = $2;
|
|
};
|
|
} elsif($string =~ m/http(s\~|) http(s|)\/\<NOSRV\>/) {
|
|
if($string =~ m/-1\/-1\/-1\/-1\/[0-9]{1,20} (400|0) 0/) {
|
|
#This one seems like someone is doing something bad. Return code 400/0
|
|
$_ = $string;
|
|
$hostile = 1;
|
|
$reply = 'Bad request, return code 400/0';
|
|
PARSE:
|
|
m/(\ ($re_host):[0-9]{1,6})/gcix && do {
|
|
$host = $2;
|
|
};
|
|
} else {
|
|
#Other requests of this type seems to be ... not too bad
|
|
$reply = 'Not routed, but probs only random error codes'
|
|
}
|
|
} elsif($string =~ m/https\~ /) {
|
|
#Accepted as https, probably fine..
|
|
$reply = 'Routed as https';
|
|
} elsif($string =~ m/stopped \(cumulated conns/) {
|
|
#Usual service restart info
|
|
$hostile = 0;
|
|
$reply = 'haproxy restart information'
|
|
}
|
|
return { retval => 1, retmsg => $reply, hostile => $hostile, host => $host, string => $string };
|
|
}
|
|
|
|
return 1;
|