You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@trafficserver.apache.org by GitBox <gi...@apache.org> on 2020/04/20 17:07:46 UTC

[GitHub] [trafficserver] shinrich commented on a change in pull request #6645: Traffic Dump: Adding an SNI filtering option.

shinrich commented on a change in pull request #6645:
URL: https://github.com/apache/trafficserver/pull/6645#discussion_r411545401



##########
File path: plugins/experimental/traffic_dump/traffic_dump.cc
##########
@@ -597,9 +601,29 @@ global_ssn_handler(TSCont contp, TSEvent event, void *edata)
     return TS_SUCCESS;
   }
   case TS_EVENT_HTTP_SSN_START: {
-    // Grab session id to do sampling
+    // Grab session id for logging against a global value rather than the local
+    // session_counter.
     int64_t id = TSHttpSsnIdGet(ssnp);
-    if (id % sample_pool_size != 0) {
+
+    // If the user has asked for SNI filtering, filter on that first because
+    // any sampling will apply just to that subset of connections that match
+    // that SNI.
+    if (!sni_filter.empty()) {
+      TSVConn ssn_vc           = TSHttpSsnClientVConnGet(ssnp);
+      TSSslConnection ssl_conn = TSVConnSslConnectionGet(ssn_vc);
+      SSL *ssl_obj             = (SSL *)ssl_conn;
+      if (ssl_obj == nullptr) {
+        TSDebug(PLUGIN_NAME, "global_ssn_handler(): Ignore non-HTTPS session %" PRId64 "...", id);
+        break;
+      }
+      const std::string sni = SSL_get_servername(ssl_obj, TLSEXT_NAMETYPE_host_name);
+      if (sni != sni_filter) {
+        TSDebug(PLUGIN_NAME, "global_ssn_handler(): Ignore HTTPS session with non-filtered SNI: %s", sni.c_str());
+        break;
+      }
+    }
+    const auto this_session_count = session_counter++;
+    if (this_session_count % sample_pool_size != 0) {

Review comment:
       I think that SessionId has been fixed now to be globally unique.  Would be reasonable to remove this workaround (perhaps in a separate PR). I can see debugging scenarios in where it would be interesting to correlate id's in the dump file with id's in debug or error messages in TrafficServer




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org