logstash-input-tcp 4.0.3 → 4.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b1e8027d90d562b5c9f977037e3476f52e3ecc14
-  data.tar.gz: 3cc047b2b02c5ffa6c232a5b43ad27228f529cad
+  metadata.gz: 3e9170fef8955f298473d6ab8d0fb0a5301f915c
+  data.tar.gz: e82dbe475f4d1c4928da2fd73a5e1e82009a038c
 SHA512:
-  metadata.gz: 916ddf537f41f57da7fe153a38f47c3f9d5ae6a80510f2f55f665a01ccdf49e0c58d6bc198b20bcb9cd9a145e089d45e0686ea1a85e0a7ee3cfe724749694703
-  data.tar.gz: 8b19ab43567e46209d6ea42b7d9f9898a902171cb4a9b0ccfacb85a97b0fd778e4c0a5b9d763536b5244192329ed79fae8a361e45610617bd1c301c9b8a56814
+  metadata.gz: 202ff3f0feeb6017794bcfd1f9cdc6775066560fffc658fc3429b6064bf2ee5d1cd02f60087d4ce46149e2e52642e7cfe20439a5d1a905a2f09dab1f4e4387c3
+  data.tar.gz: 7491b4f37c8b2b2ff90e8d11922143ae75da7c4cb35d78e487f906219829f941bee949f7b3fc666c1cd06cfd80c88a4eb88bda167df9534e3f3b67635860b389

data/CHANGELOG.md

@@ -1,3 +1,6 @@
+## 4.1.0
+  - Add support for proxy protocol
+
 ## 4.0.3
   - Relax constraint on logstash-core-plugin-api to >= 1.60 <= 2.99
 

data/lib/logstash/inputs/tcp.rb

@@ -30,6 +30,10 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
   # `client` connects to a server.
   config :mode, :validate => ["server", "client"], :default => "server"
 
+  # Proxy protocol support, only v1 is supported at this time
+  # http://www.haproxy.org/download/1.5/doc/proxy-protocol.txt
+  config :proxy_protocol, :validate => :boolean, :default => false
+
   # Enable SSL (must be set for other `ssl_` options to take effect).
   config :ssl_enable, :validate => :boolean, :default => false
 
@@ -55,6 +59,8 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
 
   HOST_FIELD = "host".freeze
   PORT_FIELD = "port".freeze
+  PROXY_HOST_FIELD = "proxy_host".freeze
+  PROXY_PORT_FIELD = "proxy_port".freeze
   SSLSUBJECT_FIELD = "sslsubject".freeze
 
   def initialize(*args)
@@ -153,8 +159,31 @@ class LogStash::Inputs::Tcp < LogStash::Inputs::Base
 
   def handle_socket(socket, client_address, client_port, output_queue, codec)
     peer = "#{client_address}:#{client_port}"
+    first_read = true
     while !stop?
-      codec.decode(read(socket)) do |event|
+      tbuf = read(socket)
+      if @proxy_protocol && first_read
+        first_read = false
+        orig_buf = tbuf
+        pp_hdr, tbuf = tbuf.split("\r\n", 2)
+
+        pp_info = pp_hdr.split(/\s/)
+        # PROXY proto clientip proxyip clientport proxyport
+        if pp_info[0] != "PROXY"
+          @logger.error("invalid proxy protocol header label", :hdr => pp_hdr)
+          raise IOError
+        else
+          proxy_address = pp_info[3]
+          proxy_port = pp_info[5]
+          client_address = pp_info[2]
+          client_port = pp_info[4]
+        end
+      end
+      codec.decode(tbuf) do |event|
+        if @proxy_protocol
+          event.set(PROXY_HOST_FIELD, proxy_address) unless event.get(PROXY_HOST_FIELD)
+          event.set(PROXY_PORT_FIELD, proxy_port) unless event.get(PROXY_PORT_FIELD)
+        end
         event.set(HOST_FIELD, client_address) unless event.get(HOST_FIELD)
         event.set(PORT_FIELD, client_port) unless event.get(PORT_FIELD)
         event.set(SSLSUBJECT_FIELD, socket.peer_cert.subject.to_s) if @ssl_enable && @ssl_verify && event.get(SSLSUBJECT_FIELD).nil?

data/logstash-input-tcp.gemspec

@@ -1,6 +1,6 @@
 Gem::Specification.new do |s|
   s.name          = 'logstash-input-tcp'
-  s.version         = '4.0.3'
+  s.version         = '4.1.0'
   s.licenses      = ['Apache License (2.0)']
   s.summary       = "Read events over a TCP socket."
   s.description     = "This gem is a Logstash plugin required to be installed on top of the Logstash core pipeline using $LS_HOME/bin/logstash-plugin install gemname. This gem is not a stand-alone program"

data/spec/inputs/tcp_spec.rb

@@ -63,6 +63,42 @@ describe LogStash::Inputs::Tcp do
     end
   end
 
+  it "should handle PROXY protocol v1 connections" do
+    event_count = 10
+    port = rand(1024..65535)
+    conf = <<-CONFIG
+      input {
+        tcp {
+          port => #{port}
+          proxy_protocol => true
+        }
+      }
+    CONFIG
+
+    events = input(conf) do |pipeline, queue|
+      socket = Stud::try(5.times) { TCPSocket.new("127.0.0.1", port) }
+      socket.puts("PROXY TCP4 1.2.3.4 5.6.7.8 1234 5678\r");
+      socket.flush
+      event_count.times do |i|
+        # unicode smiley for testing unicode support!
+        socket.puts("#{i} ☹")
+        socket.flush
+      end
+      socket.close
+
+      event_count.times.collect {queue.pop}
+    end
+
+    insist { events.length } == event_count
+    event_count.times do |i|
+      insist { events[i].get("message") } == "#{i} ☹"
+      insist { events[i].get("host") } == "1.2.3.4"
+      insist { events[i].get("port") } == "1234"
+      insist { events[i].get("proxy_host") } == "5.6.7.8"
+      insist { events[i].get("proxy_port") } == "5678"
+    end
+  end
+
   it "should read events with plain codec and ISO-8859-1 charset" do
     port = rand(1024..65535)
     charset = "ISO-8859-1"

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: logstash-input-tcp
 version: !ruby/object:Gem::Version
-  version: 4.0.3
+  version: 4.1.0
 platform: ruby
 authors:
 - Elastic
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2016-07-14 00:00:00.000000000 Z
+date: 2016-11-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   requirement: !ruby/object:Gem::Requirement
@@ -166,7 +166,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project:
-rubygems_version: 2.6.3
+rubygems_version: 2.4.8
 signing_key:
 specification_version: 4
 summary: Read events over a TCP socket.