feat: change "connected clients" logging as DEBUG

rootfs/Dockerfile

@@ -1,25 +1,29 @@
 FROM alpine:3.14
 
-ARG HAPROXY_MAJOR=2.2
-ARG HAPROXY_VERSION=2.2.4
-ARG HAPROXY_MD5=c2717fcff503ef8574cd6395e2ca4d24
+ARG HAPROXY_MAJOR=2.5
+ARG HAPROXY_VERSION=2.5.1
+ARG HAPROXY_MD5=e2158c5830e1f7d218adf58f1114a3a8
 ARG MODSEC_VERSION=2.9.5
 ARG MODSEC_MD5=d13cf51673b25a10f7ba9969d9b48252
 
+ADD spoa-log.patch /
+
 RUN apk add --no-cache --virtual .build-modsecurity \
+        apache2-dev \
         curl \
-        openssl \
-        tar \
-        make \
+        curl-dev \
         gcc \
+        git \
         libc-dev \
+        libevent-dev \
+        libxml2-dev \
         linux-headers \
-        apache2-dev \
+        make \
+        openssl \
+        patch \
         pcre-dev \
-        libxml2-dev \
-        libevent-dev \
-        curl-dev \
-        yajl-dev\
+        tar \
+        yajl-dev \
     && curl -fsSLo /tmp/modsecurity.tar.gz https://github.com/SpiderLabs/ModSecurity/releases/download/v${MODSEC_VERSION}/modsecurity-${MODSEC_VERSION}.tar.gz \
     && curl -fsSLo /tmp/haproxy.tar.gz https://www.haproxy.org/download/${HAPROXY_MAJOR}/src/haproxy-${HAPROXY_VERSION}.tar.gz \
     && echo "$MODSEC_MD5  /tmp/modsecurity.tar.gz" | md5sum -c \
@@ -41,6 +45,9 @@ RUN apk add --no-cache --virtual .build-modsecurity \
     && make -C standalone install \
     && mkdir -p INSTALL/include \
     && cp standalone/*.h apache2/*.h INSTALL/include \
+    && mkdir -p /usr/src/haproxy/contrib/ \
+    && git clone https://github.com/haproxy/spoa-modsecurity /usr/src/haproxy/contrib/modsecurity \
+    && patch -p0 /usr/src/haproxy/contrib/modsecurity/spoa.c < /spoa-log.patch \
     && cd / \
     && make -C /usr/src/haproxy/contrib/modsecurity \
         MODSEC_INC=/usr/src/modsecurity/INSTALL/include \

rootfs/spoa-log.patch

@@ -0,0 +1,49 @@
+--- spoa.c.orig
++++ spoa.c
+@@ -1244,7 +1244,7 @@
+ {
+ 	struct worker *worker = arg;
+
+-	LOG(worker, "%u clients connected", worker->nbclients);
++	DEBUG(worker, "%u clients connected", worker->nbclients);
+ }
+
+ static void
+@@ -1441,7 +1441,7 @@
+ 	switch (client->state) {
+ 		case SPOA_ST_CONNECTING:
+ 			if (handle_hahello(frame) < 0) {
+-				LOG(client->worker, "Failed to decode HELLO frame");
++				DEBUG(client->worker, "Failed to decode HELLO frame");
+ 				goto disconnect;
+ 			}
+ 			prepare_agenthello(frame);
+@@ -1458,12 +1458,12 @@
+ 				n = handle_hanotify(frame);
+
+ 			if (n < 0) {
+-				LOG(client->worker, "Failed to decode frame: %s",
++				DEBUG(client->worker, "Failed to decode frame: %s",
+ 				    spoe_frm_err_reasons[client->status_code]);
+ 				goto disconnect;
+ 			}
+ 			else if (n == 0) {
+-				LOG(client->worker, "Ignore invalid/unknown/aborted frame");
++				DEBUG(client->worker, "Ignore invalid/unknown/aborted frame");
+ 				goto ignore_frame;
+ 			}
+ 			else if (n == 1)
+@@ -1474,11 +1474,11 @@
+ 		case SPOA_ST_DISCONNECTING:
+ 		  disconnecting:
+ 			if (handle_hadiscon(frame) < 0) {
+-				LOG(client->worker, "Failed to decode DISCONNECT frame");
++				DEBUG(client->worker, "Failed to decode DISCONNECT frame");
+ 				goto disconnect;
+ 			}
+ 			if (client->status_code != SPOE_FRM_ERR_NONE)
+-				LOG(client->worker, "<%lu> Peer closed connection: %s",
++				DEBUG(client->worker, "<%lu> Peer closed connection: %s",
+ 				    client->id, spoe_frm_err_reasons[client->status_code]);
+ 			goto disconnect;
+ 	}