From 8ab6fb4c5e18c0eaf7a176ece688c8a5c0e7d4fd Mon Sep 17 00:00:00 2001 From: Franco Fichtner Date: Mon, 7 Nov 2016 21:57:39 +0100 Subject: [PATCH] relayd: extensive pluginification Not perfect yet, some spots still taint the backend with requiring relayd.inc which should only be included by the plugin's own files directly. --- plist | 1 - src/etc/inc/plugins.inc.d/relayd.inc | 429 ++++++++++++++++++ .../{vslb => plugins.inc.d/relayd}/dns.proto | 0 .../{vslb => plugins.inc.d/relayd}/tcp.proto | 0 src/etc/inc/vslb.inc | 412 ----------------- src/etc/inc/xmlrpc/legacy.inc | 2 +- src/etc/inc/xmlrpc/service.inc | 2 +- src/etc/rc.bootup | 5 - src/etc/rc.filter_configure_xmlrpc | 3 +- src/www/load_balancer_monitor.php | 2 +- src/www/load_balancer_pool.php | 2 +- src/www/load_balancer_setting.php | 9 +- src/www/load_balancer_virtual_server.php | 44 +- src/www/load_balancer_virtual_server_edit.php | 4 +- src/www/status_lb_pool.php | 6 +- src/www/status_lb_vs.php | 4 +- src/www/status_services.php | 1 - src/www/system_advanced_misc.php | 1 - .../widgets/load_balancer_status.widget.php | 7 +- 19 files changed, 451 insertions(+), 483 deletions(-) rename src/etc/inc/{vslb => plugins.inc.d/relayd}/dns.proto (100%) rename src/etc/inc/{vslb => plugins.inc.d/relayd}/tcp.proto (100%) delete mode 100644 src/etc/inc/vslb.inc diff --git a/plist b/plist index 6e45bada4..3dab19c81 100644 --- a/plist +++ b/plist @@ -57,7 +57,6 @@ /usr/local/etc/inc/unbound.inc /usr/local/etc/inc/upgrade_config.inc /usr/local/etc/inc/util.inc -/usr/local/etc/inc/vslb.inc /usr/local/etc/inc/vslb/dns.proto /usr/local/etc/inc/vslb/tcp.proto /usr/local/etc/inc/xmlparse.inc diff --git a/src/etc/inc/plugins.inc.d/relayd.inc b/src/etc/inc/plugins.inc.d/relayd.inc index 05e8b09de..418afd88a 100644 --- a/src/etc/inc/plugins.inc.d/relayd.inc +++ b/src/etc/inc/plugins.inc.d/relayd.inc @@ -2,6 +2,7 @@ /* Copyright (C) 2016 Franco Fichtner + Copyright (C) 2005-2008 Bill Marquette All rights reserved. Redistribution and use in source and binary forms, with or without @@ -64,3 +65,431 @@ function relayd_syslog() return $logfacilities; } + +function relayd_subnetv4_expand($subnet) +{ + $result = array(); + + list ($ip, $bits) = explode("/", $subnet); + + $net = ip2long($ip); + $mask = (0xffffffff << (32 - $bits)); + $net &= $mask; + $size = round(exp(log(2) * (32 - $bits))); + + for ($i = 0; $i < $size; $i += 1) { + $result[] = long2ip($net | $i); + } + + return $result; +} + +function relayd_configure() +{ + return array('relayd_configure_do'); +} + +function relayd_configure_do($kill_first = false) +{ + global $config; + + if (isset($config['load_balancer']['virtual_server']) && is_array($config['load_balancer']['virtual_server'])) { + $vs_a = $config['load_balancer']['virtual_server']; + } else { + $vs_a = array(); + } + if (isset($config['load_balancer']['lbpool']) && is_array($config['load_balancer']['lbpool'])) { + $pool_a = $config['load_balancer']['lbpool']; + } else { + $pool_a = array(); + } + if (isset($config['load_balancer']['setting']) && is_array($config['load_balancer']['setting'])) { + $setting = $config['load_balancer']['setting']; + } else { + $setting = array(); + } + + $check_a = array(); + + foreach ((array)$config['load_balancer']['monitor_type'] as $type) { + $type['options'] = isset($type['options']) ? $type['options'] : array(); + switch($type['type']) { + case 'icmp': + case 'tcp': + $check_a[$type['name']] = 'check ' . $type['type']; + break; + case 'http': + case 'https': + $check_a[$type['name']] = 'check ' . $type['type']. " "; + if (!empty($type['options']['path'])) { + $check_a[$type['name']] .= "'".$type['options']['path'] . "' "; + } + if (!empty($type['options']['host'])) { + $check_a[$type['name']] .= "host ".$type['options']['host'] . " "; + } + $check_a[$type['name']] .= "code " . $type['options']['code']; + break; + case 'send': + $check_a[$type['name']] = "send "; + $check_a[$type['name']] .= !empty($type['options']['send']) ? "\"{$type['options']['send']}\"" : "\"\"" ; + $check_a[$type['name']] .= " expect "; + $check_a[$type['name']] .= !empty($type['options']['expect']) ? "\"{$type['options']['expect']}\"" : "\"\"" ; + break; + } + } + + $fd = fopen('/var/etc/relayd.conf', 'w'); + $conf = "log updates \n"; + + if (!empty($setting['timeout'])) { + $conf .= "timeout ".$setting['timeout']." \n"; + } else { + $conf .= "timeout 1000 \n"; + } + + if (!empty($setting['interval'])) { + $conf .= "interval ".$setting['interval']." \n"; + } + + if (!empty($setting['prefork'])) { + $conf .= "prefork ".$setting['prefork']." \n"; + } + + /* reindex pools by name as we loop through the pools array */ + $pools = array(); + /* Virtual server pools */ + for ($i = 0; isset($pool_a[$i]); $i++) { + if (is_array($pool_a[$i]['servers'])) { + if (!empty($pool_a[$i]['retry'])) { + $retrytext = " retry {$pool_a[$i]['retry']}"; + } else { + $retrytext = ""; + } + $conf .= "table <{$pool_a[$i]['name']}> {\n"; + foreach ($pool_a[$i]['servers'] as $server) { + if (is_subnetv4($server)) { + foreach (relayd_subnetv4_expand($server) as $ip) { + $conf .= "\t{$ip}{$retrytext}\n"; + } + } else { + $conf .= "\t{$server}{$retrytext}\n"; + } + } + $conf .= "}\n"; + /* Index by name for easier fetching when we loop through the virtual servers */ + $pools[$pool_a[$i]['name']] = $pool_a[$i]; + } + } + + // collect used protocols + $used_protocols = array(); + foreach ($vs_a as $vs) { + if (isset($vs['relay_protocol']) && !in_array($vs['relay_protocol'], $used_protocols)) { + $used_protocols[] = $vs['relay_protocol']; + if (is_file('/usr/local/etc/inc/plugins.inc.d/relayd/'.basename($vs['relay_protocol']).'.proto')) { + $conf .= file_get_contents('/usr/local/etc/inc/plugins.inc.d/relayd/'.basename($vs['relay_protocol']).'.proto')."\n"; + } + } + } + + for ($i = 0; isset($vs_a[$i]); $i++) { + $append_port_to_name = false; + if (is_alias($pools[$vs_a[$i]['poolname']]['port'])) { + $dest_port_array = filter_expand_alias_array($pools[$vs_a[$i]['poolname']]['port']); + $append_port_to_name = true; + } else { + $dest_port_array = array($pools[$vs_a[$i]['poolname']]['port']); + } + if (is_alias($vs_a[$i]['port'])) { + $src_port_array = filter_expand_alias_array($vs_a[$i]['port']); + $append_port_to_name = true; + } elseif ($vs_a[$i]['port']) { + $src_port_array = array($vs_a[$i]['port']); + } else { + $src_port_array = $dest_port_array; + } + + $append_ip_to_name = false; + if (is_alias($vs_a[$i]['ipaddr'])) { + $ip_list = array(); + foreach (filter_expand_alias_array($vs_a[$i]['ipaddr']) as $item) { + log_error("item is $item"); + if (is_subnetv4($item)) { + $ip_list = array_merge($ip_list, relayd_subnetv4_expand($item)); + } else { + $ip_list[] = $item; + } + } + $append_ip_to_name = true; + } elseif (is_subnetv4($vs_a[$i]['ipaddr'])) { + $ip_list = relayd_subnetv4_expand($vs_a[$i]['ipaddr']); + $append_ip_to_name = true; + } else { + $ip_list = array($vs_a[$i]['ipaddr']); + } + + for ($j = 0; $j < count($ip_list); $j += 1) { + $ip = $ip_list[$j]; + for ($k = 0; $k < count($src_port_array) && $k < count($dest_port_array); $k += 1) { + $src_port = $src_port_array[$k]; + $dest_port = $dest_port_array[$k]; + + $name = $vs_a[$i]['name']; + if ($append_ip_to_name) { + $name .= "_" . $j; + } + if ($append_port_to_name) { + $name .= "_" . $src_port; + } + + if ($vs_a[$i]['mode'] == 'relay') { + // relay mode + $conf .= "relay \"{$name}\" {\n"; + $conf .= " listen on {$ip} port {$src_port} \n"; + $conf .= " protocol \"{$vs_a[$i]['relay_protocol']}\"\n"; + $lbmode = ""; + if ($pools[$vs_a[$i]['poolname']]['mode'] == "loadbalance") { + $lbmode = "mode loadbalance"; + } + + $conf .= " forward to <{$vs_a[$i]['poolname']}> port {$dest_port} {$lbmode} {$check_a[$pools[$vs_a[$i]['poolname']]['monitor']]} \n"; + + if (isset($vs_a[$i]['sitedown']) && strlen($vs_a[$i]['sitedown']) > 0 && ($vs_a[$i]['relay_protocol'] != 'dns')) { + $conf .= " forward to <{$vs_a[$i]['sitedown']}> port {$dest_port} {$lbmode} {$check_a[$pools[$vs_a[$i]['poolname']]['monitor']]} \n"; + } + $conf .= "}\n"; + } else { + // redirect mode + $conf .= "redirect \"{$name}\" {\n"; + $conf .= " listen on {$ip} port {$src_port}\n"; + $conf .= " forward to <{$vs_a[$i]['poolname']}> port {$dest_port} {$check_a[$pools[$vs_a[$i]['poolname']]['monitor']]} \n"; + + if (isset($config['load_balancer']['setting']['lb_use_sticky'])) { + $conf .= " sticky-address\n"; + } + + /* sitedown MUST use the same port as the primary pool - sucks, but it's a relayd thing */ + if (isset($vs_a[$i]['sitedown']) && strlen($vs_a[$i]['sitedown']) > 0 && ($vs_a[$i]['relay_protocol'] != 'dns')) { + $conf .= " forward to <{$vs_a[$i]['sitedown']}> port {$dest_port} {$check_a[$pools[$vs_a[$i]['sitedown']]['monitor']]} \n"; + } + + $conf .= "}\n"; + } + } + } + } + fwrite($fd, $conf); + fclose($fd); + + if (is_process_running('relayd')) { + if (! empty($vs_a)) { + if ($kill_first) { + killbyname('relayd'); + /* Remove all active relayd anchors now that relayd is no longer running. */ + relayd_cleanup_lb_anchor('*'); + mwexec('/usr/local/sbin/relayd -f /var/etc/relayd.conf'); + } else { + // it's running and there is a config, just reload + mwexec('/usr/local/sbin/relayctl reload'); + } + } else { + /* + * XXX: Something breaks our control connection with relayd + * and makes 'relayctl stop' not work + * rule reloads are the current suspect + * mwexec('/usr/local/sbin/relayctl stop'); + * returns "command failed" + */ + killbyname('relayd'); + /* Remove all active relayd anchors now that relayd is no longer running. */ + relayd_cleanup_lb_anchor("*"); + } + } elseif (!empty($vs_a)) { + // not running and there is a config, start it + /* Remove all active relayd anchors so it can start fresh. */ + relayd_cleanup_lb_anchor('*'); + mwexec('/usr/local/sbin/relayd -f /var/etc/relayd.conf'); + } +} + +function relayd_get_lb_redirects() +{ +/* +# relayctl show summary +Id Type Name Avlblty Status +1 redirect testvs2 active +5 table test2:80 active (3 hosts up) +11 host 192.168.1.2 91.55% up +10 host 192.168.1.3 100.00% up +9 host 192.168.1.4 88.73% up +3 table test:80 active (1 hosts up) +7 host 192.168.1.2 66.20% down +6 host 192.168.1.3 97.18% up +0 redirect testvs active +3 table test:80 active (1 hosts up) +7 host 192.168.1.2 66.20% down +6 host 192.168.1.3 97.18% up +4 table testvs-sitedown:80 active (1 hosts up) +8 host 192.168.1.4 84.51% up +# relayctl show redirects +Id Type Name Avlblty Status +1 redirect testvs2 active +0 redirect testvs active +# relayctl show redirects +Id Type Name Avlblty Status +1 redirect testvs2 active + total: 2 sessions + last: 2/60s 2/h 2/d sessions + average: 1/60s 0/h 0/d sessions +0 redirect testvs active +*/ + $rdr_a = array(); + exec('/usr/local/sbin/relayctl show redirects 2>&1', $rdr_a); + $relay_a = array(); + exec('/usr/local/sbin/relayctl show relays 2>&1', $relay_a); + $vs = array(); + $cur_entry = ""; + for ($i = 0; isset($rdr_a[$i]); $i++) { + $line = $rdr_a[$i]; + if (preg_match("/^[0-9]+/", $line)) { + $regs = array(); + if ($x = preg_match("/^[0-9]+\s+redirect\s+([^\s]+)\s+([^\s]+)/", $line, $regs)) { + $cur_entry = trim($regs[1]); + $vs[trim($regs[1])] = array(); + $vs[trim($regs[1])]['status'] = trim($regs[2]); + } + } elseif (($x = preg_match("/^\s+total:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { + $vs[$cur_entry]['total'] = trim($regs[1]); + } elseif (($x = preg_match("/^\s+last:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { + $vs[$cur_entry]['last'] = trim($regs[1]); + } elseif (($x = preg_match("/^\s+average:(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { + $vs[$cur_entry]['average'] = trim($regs[1]); + } + } + $cur_entry = ""; + for ($i = 0; isset($relay_a[$i]); $i++) { + $line = $relay_a[$i]; + if (preg_match("/^[0-9]+/", $line)) { + $regs = array(); + if ($x = preg_match("/^[0-9]+\s+relay\s+([^\s]+)\s+([^\s]+)/", $line, $regs)) { + $cur_entry = trim($regs[1]); + $vs[trim($regs[1])] = array(); + $vs[trim($regs[1])]['status'] = trim($regs[2]); + } + } elseif (($x = preg_match("/^\s+total:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { + $vs[$cur_entry]['total'] = trim($regs[1]); + } elseif (($x = preg_match("/^\s+last:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { + $vs[$cur_entry]['last'] = trim($regs[1]); + } elseif (($x = preg_match("/^\s+average:(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { + $vs[$cur_entry]['average'] = trim($regs[1]); + } + } + return $vs; +} + +function relayd_get_lb_summary() +{ + $relayctl = array(); + exec('/usr/local/sbin/relayctl show summary 2>&1', $relayctl); + $relay_hosts=Array(); + foreach( (array) $relayctl as $line) { + $t = explode("\t", $line); + if (isset($t[1])) { + switch (trim($t[1])) { + case "table": + $curpool=trim($t[2]); + break; + case "host": + $curhost=trim($t[2]); + if (!isset($relay_hosts[$curpool])) { + $relay_hosts[$curpool] = array(); + } + if (!isset($relay_hosts[$curpool][$curhost])) { + $relay_hosts[$curpool][$curhost]['avail'] = array(); + } + $relay_hosts[$curpool][$curhost]['avail']=trim($t[3]); + $relay_hosts[$curpool][$curhost]['state']=trim($t[4]); + break; + } + } + } + return $relay_hosts; +} + +/* + * Remove NAT rules from a relayd anchor that is no longer in use. + * $anchorname can either be "*" to clear all anchors or a specific + * anchor name. + */ +function relayd_cleanup_lb_anchor($anchorname = "*") +{ + /* NOTE: These names come back prepended with "relayd/" e.g. "relayd/MyVSName" */ + $lbanchors = explode("\n", trim(`/sbin/pfctl -sA -a relayd | /usr/bin/awk '{print $1;}'`)); + foreach ($lbanchors as $lba) { + if (($anchorname == "*") || ($lba == "relayd/{$anchorname}")) { + /* Flush both the NAT and the Table for the anchor, so it will be completely removed by pf. */ + mwexecf('/sbin/pfctl -a %s -F nat', $lba); + mwexecf('/sbin/pfctl -a %s -F Tables', $lba); + } + } +} + +/* Mark an anchor for later cleanup. This will allow us to remove an old VS name */ +function relayd_cleanup_lb_mark_anchor($name) +{ + /* Nothing to do! */ + if (empty($name)) { + return; + } + + $filename = '/tmp/relayd_anchors_remove'; + $cleanup_anchors = array(); + + /* Read in any currently unapplied name changes */ + if (file_exists($filename)) { + $cleanup_anchors = explode("\n", file_get_contents($filename)); + } + + /* Only add the anchor to the list if it's not already there. */ + if (!in_array($name, $cleanup_anchors)) { + $cleanup_anchors[] = $name; + } + + file_put_contents($filename, implode("\n", $cleanup_anchors)); +} + +function relayd_cleanup_lb_marked() +{ + global $config; + + $filename = '/tmp/relayd_anchors_remove'; + $cleanup_anchors = array(); + + /* Nothing to do! */ + if (!file_exists($filename)) { + return; + } else { + $cleanup_anchors = explode("\n", file_get_contents($filename)); + /* Nothing to do! */ + if (empty($cleanup_anchors)) { + return; + } + } + + /* Load current names so we can make sure we don't remove an anchor that is still in use. */ + $active_vsnames = array(); + if (isset($config['load_balancer']['virtual_server'])) { + foreach ($config['load_balancer']['virtual_server'] as $vs) { + $active_vsnames[] = $vs['name']; + } + } + + foreach ($cleanup_anchors as $anchor) { + /* Only cleanup an anchor if it is not still active. */ + if (!in_array($anchor, $active_vsnames)) { + relayd_cleanup_lb_anchor($anchor); + } + } + + @unlink($filename); +} diff --git a/src/etc/inc/vslb/dns.proto b/src/etc/inc/plugins.inc.d/relayd/dns.proto similarity index 100% rename from src/etc/inc/vslb/dns.proto rename to src/etc/inc/plugins.inc.d/relayd/dns.proto diff --git a/src/etc/inc/vslb/tcp.proto b/src/etc/inc/plugins.inc.d/relayd/tcp.proto similarity index 100% rename from src/etc/inc/vslb/tcp.proto rename to src/etc/inc/plugins.inc.d/relayd/tcp.proto diff --git a/src/etc/inc/vslb.inc b/src/etc/inc/vslb.inc deleted file mode 100644 index 679ca1503..000000000 --- a/src/etc/inc/vslb.inc +++ /dev/null @@ -1,412 +0,0 @@ - {\n"; - foreach ($pool_a[$i]['servers'] as $server) { - if (is_subnetv4($server)) { - foreach (subnetv4_expand($server) as $ip) { - $conf .= "\t{$ip}{$retrytext}\n"; - } - } else { - $conf .= "\t{$server}{$retrytext}\n"; - } - } - $conf .= "}\n"; - /* Index by name for easier fetching when we loop through the virtual servers */ - $pools[$pool_a[$i]['name']] = $pool_a[$i]; - } - } - - // collect used protocols - $used_protocols = array(); - foreach ($vs_a as $vs) { - if (isset($vs['relay_protocol']) && !in_array($vs['relay_protocol'], $used_protocols)) { - $used_protocols[] = $vs['relay_protocol']; - if (is_file('/usr/local/etc/inc/vslb/'.basename($vs['relay_protocol']).'.proto')) { - $conf .= file_get_contents('/usr/local/etc/inc/vslb/'.basename($vs['relay_protocol']).'.proto')."\n"; - } - } - } - - for ($i = 0; isset($vs_a[$i]); $i++) { - $append_port_to_name = false; - if (is_alias($pools[$vs_a[$i]['poolname']]['port'])) { - $dest_port_array = filter_expand_alias_array($pools[$vs_a[$i]['poolname']]['port']); - $append_port_to_name = true; - } else { - $dest_port_array = array($pools[$vs_a[$i]['poolname']]['port']); - } - if (is_alias($vs_a[$i]['port'])) { - $src_port_array = filter_expand_alias_array($vs_a[$i]['port']); - $append_port_to_name = true; - } elseif ($vs_a[$i]['port']) { - $src_port_array = array($vs_a[$i]['port']); - } else { - $src_port_array = $dest_port_array; - } - - $append_ip_to_name = false; - if (is_alias($vs_a[$i]['ipaddr'])) { - $ip_list = array(); - foreach (filter_expand_alias_array($vs_a[$i]['ipaddr']) as $item) { - log_error("item is $item"); - if (is_subnetv4($item)) { - $ip_list = array_merge($ip_list, subnetv4_expand($item)); - } else { - $ip_list[] = $item; - } - } - $append_ip_to_name = true; - } elseif (is_subnetv4($vs_a[$i]['ipaddr'])) { - $ip_list = subnetv4_expand($vs_a[$i]['ipaddr']); - $append_ip_to_name = true; - } else { - $ip_list = array($vs_a[$i]['ipaddr']); - } - - for ($j = 0; $j < count($ip_list); $j += 1) { - $ip = $ip_list[$j]; - for ($k = 0; $k < count($src_port_array) && $k < count($dest_port_array); $k += 1) { - $src_port = $src_port_array[$k]; - $dest_port = $dest_port_array[$k]; - - $name = $vs_a[$i]['name']; - if ($append_ip_to_name) { - $name .= "_" . $j; - } - if ($append_port_to_name) { - $name .= "_" . $src_port; - } - - if ($vs_a[$i]['mode'] == 'relay') { - // relay mode - $conf .= "relay \"{$name}\" {\n"; - $conf .= " listen on {$ip} port {$src_port} \n"; - $conf .= " protocol \"{$vs_a[$i]['relay_protocol']}\"\n"; - $lbmode = ""; - if ($pools[$vs_a[$i]['poolname']]['mode'] == "loadbalance") { - $lbmode = "mode loadbalance"; - } - - $conf .= " forward to <{$vs_a[$i]['poolname']}> port {$dest_port} {$lbmode} {$check_a[$pools[$vs_a[$i]['poolname']]['monitor']]} \n"; - - if (isset($vs_a[$i]['sitedown']) && strlen($vs_a[$i]['sitedown']) > 0 && ($vs_a[$i]['relay_protocol'] != 'dns')) { - $conf .= " forward to <{$vs_a[$i]['sitedown']}> port {$dest_port} {$lbmode} {$check_a[$pools[$vs_a[$i]['poolname']]['monitor']]} \n"; - } - $conf .= "}\n"; - } else { - // redirect mode - $conf .= "redirect \"{$name}\" {\n"; - $conf .= " listen on {$ip} port {$src_port}\n"; - $conf .= " forward to <{$vs_a[$i]['poolname']}> port {$dest_port} {$check_a[$pools[$vs_a[$i]['poolname']]['monitor']]} \n"; - - if (isset($config['load_balancer']['setting']['lb_use_sticky'])) { - $conf .= " sticky-address\n"; - } - - /* sitedown MUST use the same port as the primary pool - sucks, but it's a relayd thing */ - if (isset($vs_a[$i]['sitedown']) && strlen($vs_a[$i]['sitedown']) > 0 && ($vs_a[$i]['relay_protocol'] != 'dns')) { - $conf .= " forward to <{$vs_a[$i]['sitedown']}> port {$dest_port} {$check_a[$pools[$vs_a[$i]['sitedown']]['monitor']]} \n"; - } - - $conf .= "}\n"; - } - } - } - } - fwrite($fd, $conf); - fclose($fd); - - if (is_process_running('relayd')) { - if (! empty($vs_a)) { - if ($kill_first) { - killbyname('relayd'); - /* Remove all active relayd anchors now that relayd is no longer running. */ - cleanup_lb_anchor('*'); - mwexec('/usr/local/sbin/relayd -f /var/etc/relayd.conf'); - } else { - // it's running and there is a config, just reload - mwexec('/usr/local/sbin/relayctl reload'); - } - } else { - /* - * XXX: Something breaks our control connection with relayd - * and makes 'relayctl stop' not work - * rule reloads are the current suspect - * mwexec('/usr/local/sbin/relayctl stop'); - * returns "command failed" - */ - killbyname('relayd'); - /* Remove all active relayd anchors now that relayd is no longer running. */ - cleanup_lb_anchor("*"); - } - } elseif (!empty($vs_a)) { - // not running and there is a config, start it - /* Remove all active relayd anchors so it can start fresh. */ - cleanup_lb_anchor('*'); - mwexec('/usr/local/sbin/relayd -f /var/etc/relayd.conf'); - } -} - -function get_lb_redirects() -{ -/* -# relayctl show summary -Id Type Name Avlblty Status -1 redirect testvs2 active -5 table test2:80 active (3 hosts up) -11 host 192.168.1.2 91.55% up -10 host 192.168.1.3 100.00% up -9 host 192.168.1.4 88.73% up -3 table test:80 active (1 hosts up) -7 host 192.168.1.2 66.20% down -6 host 192.168.1.3 97.18% up -0 redirect testvs active -3 table test:80 active (1 hosts up) -7 host 192.168.1.2 66.20% down -6 host 192.168.1.3 97.18% up -4 table testvs-sitedown:80 active (1 hosts up) -8 host 192.168.1.4 84.51% up -# relayctl show redirects -Id Type Name Avlblty Status -1 redirect testvs2 active -0 redirect testvs active -# relayctl show redirects -Id Type Name Avlblty Status -1 redirect testvs2 active - total: 2 sessions - last: 2/60s 2/h 2/d sessions - average: 1/60s 0/h 0/d sessions -0 redirect testvs active -*/ - $rdr_a = array(); - exec('/usr/local/sbin/relayctl show redirects 2>&1', $rdr_a); - $relay_a = array(); - exec('/usr/local/sbin/relayctl show relays 2>&1', $relay_a); - $vs = array(); - $cur_entry = ""; - for ($i = 0; isset($rdr_a[$i]); $i++) { - $line = $rdr_a[$i]; - if (preg_match("/^[0-9]+/", $line)) { - $regs = array(); - if ($x = preg_match("/^[0-9]+\s+redirect\s+([^\s]+)\s+([^\s]+)/", $line, $regs)) { - $cur_entry = trim($regs[1]); - $vs[trim($regs[1])] = array(); - $vs[trim($regs[1])]['status'] = trim($regs[2]); - } - } elseif (($x = preg_match("/^\s+total:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['total'] = trim($regs[1]); - } elseif (($x = preg_match("/^\s+last:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['last'] = trim($regs[1]); - } elseif (($x = preg_match("/^\s+average:(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['average'] = trim($regs[1]); - } - } - $cur_entry = ""; - for ($i = 0; isset($relay_a[$i]); $i++) { - $line = $relay_a[$i]; - if (preg_match("/^[0-9]+/", $line)) { - $regs = array(); - if ($x = preg_match("/^[0-9]+\s+relay\s+([^\s]+)\s+([^\s]+)/", $line, $regs)) { - $cur_entry = trim($regs[1]); - $vs[trim($regs[1])] = array(); - $vs[trim($regs[1])]['status'] = trim($regs[2]); - } - } elseif (($x = preg_match("/^\s+total:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['total'] = trim($regs[1]); - } elseif (($x = preg_match("/^\s+last:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['last'] = trim($regs[1]); - } elseif (($x = preg_match("/^\s+average:(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['average'] = trim($regs[1]); - } - } - return $vs; -} - -function get_lb_summary() -{ - $relayctl = array(); - exec('/usr/local/sbin/relayctl show summary 2>&1', $relayctl); - $relay_hosts=Array(); - foreach( (array) $relayctl as $line) { - $t = explode("\t", $line); - if (isset($t[1])) { - switch (trim($t[1])) { - case "table": - $curpool=trim($t[2]); - break; - case "host": - $curhost=trim($t[2]); - if (!isset($relay_hosts[$curpool])) { - $relay_hosts[$curpool] = array(); - } - if (!isset($relay_hosts[$curpool][$curhost])) { - $relay_hosts[$curpool][$curhost]['avail'] = array(); - } - $relay_hosts[$curpool][$curhost]['avail']=trim($t[3]); - $relay_hosts[$curpool][$curhost]['state']=trim($t[4]); - break; - } - } - } - return $relay_hosts; -} - -/* Get a list of all relayd virtual server anchors */ -function get_lb_anchors() { - /* NOTE: These names come back prepended with "relayd/" e.g. "relayd/MyVSName" */ - return explode("\n", trim(`/sbin/pfctl -sA -a relayd | /usr/bin/awk '{print $1;}'`)); -} - -/* Remove NAT rules from a relayd anchor that is no longer in use. - $anchorname can either be * to clear all anchors or a specific anchor name.*/ -function cleanup_lb_anchor($anchorname = "*") -{ - $lbanchors = get_lb_anchors(); - foreach ($lbanchors as $lba) { - if (($anchorname == "*") || ($lba == "relayd/{$anchorname}")) { - /* Flush both the NAT and the Table for the anchor, so it will be completely removed by pf. */ - mwexec("/sbin/pfctl -a " . escapeshellarg($lba) . " -F nat"); - mwexec("/sbin/pfctl -a " . escapeshellarg($lba) . " -F Tables"); - } - } -} - -/* Mark an anchor for later cleanup. This will allow us to remove an old VS name */ -function cleanup_lb_mark_anchor($name) -{ - /* Nothing to do! */ - if (empty($name)) { - return; - } - - $filename = '/tmp/relayd_anchors_remove'; - $cleanup_anchors = array(); - - /* Read in any currently unapplied name changes */ - if (file_exists($filename)) { - $cleanup_anchors = explode("\n", file_get_contents($filename)); - } - - /* Only add the anchor to the list if it's not already there. */ - if (!in_array($name, $cleanup_anchors)) { - $cleanup_anchors[] = $name; - } - - file_put_contents($filename, implode("\n", $cleanup_anchors)); -} diff --git a/src/etc/inc/xmlrpc/legacy.inc b/src/etc/inc/xmlrpc/legacy.inc index 1329ebead..b07e244a8 100644 --- a/src/etc/inc/xmlrpc/legacy.inc +++ b/src/etc/inc/xmlrpc/legacy.inc @@ -126,7 +126,7 @@ function filter_configure_xmlrpc() require_once("system.inc"); require_once("util.inc"); require_once("interfaces.inc"); - require_once("vslb.inc"); + require_once("plugins.inc.d/relayd.inc"); require_once("openvpn.inc"); require_once("services.inc"); require_once("rrd.inc"); diff --git a/src/etc/inc/xmlrpc/service.inc b/src/etc/inc/xmlrpc/service.inc index a71ca9627..1cd40e048 100644 --- a/src/etc/inc/xmlrpc/service.inc +++ b/src/etc/inc/xmlrpc/service.inc @@ -30,7 +30,7 @@ require_once("services.inc"); require_once("system.inc"); -require_once("vslb.inc"); +require_once("plugins.inc.d/relayd.inc"); require_once('util.inc'); require_once("unbound.inc"); require_once("openvpn.inc"); diff --git a/src/etc/rc.bootup b/src/etc/rc.bootup index f75cf878c..600c7cd86 100755 --- a/src/etc/rc.bootup +++ b/src/etc/rc.bootup @@ -49,8 +49,6 @@ require_once("system.inc"); echo "."; require_once("unbound.inc"); echo "."; -require_once("vslb.inc"); -echo "."; require_once("filter.inc"); echo "."; require_once("ipsec.inc"); @@ -200,9 +198,6 @@ echo "Starting NTP time client..."; system_ntp_configure(false); echo "done.\n"; -/* start load balancer daemon */ -relayd_configure_do(); - /* start DHCP service */ services_dhcpd_configure(); diff --git a/src/etc/rc.filter_configure_xmlrpc b/src/etc/rc.filter_configure_xmlrpc index 8d3e52eab..fd4f16bc8 100755 --- a/src/etc/rc.filter_configure_xmlrpc +++ b/src/etc/rc.filter_configure_xmlrpc @@ -29,7 +29,6 @@ CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. - */ require_once("config.inc"); @@ -38,7 +37,7 @@ require_once("util.inc"); require_once("xmlrpc.inc"); require_once("interfaces.inc"); require_once("openvpn.inc"); -require_once("vslb.inc"); +require_once("plugins.inc.d/relayd.inc"); require_once("system.inc"); require_once("services.inc"); require_once("rrd.inc"); diff --git a/src/www/load_balancer_monitor.php b/src/www/load_balancer_monitor.php index 4d806bc24..bd732c605 100644 --- a/src/www/load_balancer_monitor.php +++ b/src/www/load_balancer_monitor.php @@ -30,7 +30,7 @@ require_once("guiconfig.inc"); require_once("filter.inc"); require_once("services.inc"); -require_once("vslb.inc"); +require_once("plugins.inc.d/relayd.inc"); require_once("interfaces.inc"); if (empty($config['load_balancer']['monitor_type']) || !is_array($config['load_balancer']['monitor_type'])) { diff --git a/src/www/load_balancer_pool.php b/src/www/load_balancer_pool.php index fa60eed11..e510592f5 100644 --- a/src/www/load_balancer_pool.php +++ b/src/www/load_balancer_pool.php @@ -30,7 +30,7 @@ require_once("guiconfig.inc"); require_once("filter.inc"); require_once("services.inc"); -require_once("vslb.inc"); +require_once("plugins.inc.d/relayd.inc"); require_once("interfaces.inc"); if (!is_array($config['load_balancer']['lbpool'])) { diff --git a/src/www/load_balancer_setting.php b/src/www/load_balancer_setting.php index f76346d00..fb1855bfd 100644 --- a/src/www/load_balancer_setting.php +++ b/src/www/load_balancer_setting.php @@ -31,7 +31,7 @@ require_once("guiconfig.inc"); require_once("filter.inc"); require_once("services.inc"); -require_once("vslb.inc"); +require_once("plugins.inc.d/relayd.inc"); require_once("interfaces.inc"); if (empty($config['load_balancer']) || !is_array($config['load_balancer'])) { @@ -42,7 +42,6 @@ if (empty($config['load_balancer']['setting']) || !is_array($config['load_balanc $config['load_balancer']['setting'] = array(); } - if ($_SERVER['REQUEST_METHOD'] === 'GET') { $pconfig = array(); $pconfig['timeout'] = !empty($config['load_balancer']['setting']['timeout']) ? $config['load_balancer']['setting']['timeout'] : null; @@ -94,12 +93,12 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { } } - $service_hook = 'relayd'; legacy_html_escape_form_data($pconfig); -include("head.inc"); -?> +include("head.inc"); + +?>
diff --git a/src/www/load_balancer_virtual_server.php b/src/www/load_balancer_virtual_server.php index 36c81cb89..68feb8586 100644 --- a/src/www/load_balancer_virtual_server.php +++ b/src/www/load_balancer_virtual_server.php @@ -29,48 +29,10 @@ require_once("guiconfig.inc"); require_once("filter.inc"); -require_once("vslb.inc"); +require_once("plugins.inc.d/relayd.inc"); require_once("services.inc"); require_once("interfaces.inc"); -/* Cleanup relayd anchors that have been marked for cleanup. */ -function cleanup_lb_marked() -{ - global $config; - - $filename = '/tmp/relayd_anchors_remove'; - $cleanup_anchors = array(); - - /* Nothing to do! */ - if (!file_exists($filename)) { - return; - } else { - $cleanup_anchors = explode("\n", file_get_contents($filename)); - /* Nothing to do! */ - if (empty($cleanup_anchors)) { - return; - } - } - - /* Load current names so we can make sure we don't remove an anchor that is still in use. */ - $active_vsnames = array(); - if (isset($config['load_balancer']['virtual_server'])) { - foreach ($config['load_balancer']['virtual_server'] as $vs) { - $active_vsnames[] = $vs['name']; - } - } - - foreach ($cleanup_anchors as $anchor) { - /* Only cleanup an anchor if it is not still active. */ - if (!in_array($anchor, $active_vsnames)) { - cleanup_lb_anchor($anchor); - } - } - - @unlink($filename); -} - - if (empty($config['load_balancer']['virtual_server']) || !is_array($config['load_balancer']['virtual_server'])) { $config['load_balancer']['virtual_server'] = array(); } @@ -79,7 +41,7 @@ $a_vs = &$config['load_balancer']['virtual_server']; if ($_SERVER['REQUEST_METHOD'] === 'POST') { if (isset($_POST['act']) && $_POST['act'] == "del") { if (isset($_POST['id']) && !empty($a_vs[$_POST['id']])){ - cleanup_lb_mark_anchor($a_vs[$_POST['id']]['name']); + relayd_cleanup_lb_mark_anchor($a_vs[$_POST['id']]['name']); unset($a_vs[$_POST['id']]); write_config(); mark_subsystem_dirty('loadbalancer'); @@ -89,7 +51,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { relayd_configure_do(); filter_configure(); /* Wipe out old relayd anchors no longer in use. */ - cleanup_lb_marked(); + relayd_cleanup_lb_marked(); clear_subsystem_dirty('loadbalancer'); header(url_safe('Location: /load_balancer_virtual_server.php')); exit; diff --git a/src/www/load_balancer_virtual_server_edit.php b/src/www/load_balancer_virtual_server_edit.php index 9ec1cc965..6dd4dfdfe 100644 --- a/src/www/load_balancer_virtual_server_edit.php +++ b/src/www/load_balancer_virtual_server_edit.php @@ -29,7 +29,7 @@ require_once("guiconfig.inc"); require_once("services.inc"); -require_once("vslb.inc"); +require_once("plugins.inc.d/relayd.inc"); require_once("interfaces.inc"); if (empty($config['load_balancer']) || !is_array($config['load_balancer'])) { @@ -116,7 +116,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') { if (isset($id)) { if ($a_vs[$id]['name'] != $pconfig['name']) { /* Because the VS name changed, mark the old name for cleanup. */ - cleanup_lb_mark_anchor($a_vs[$id]['name']); + relayd_cleanup_lb_mark_anchor($a_vs[$id]['name']); } $a_vs[$id] = $vsent; } else { diff --git a/src/www/status_lb_pool.php b/src/www/status_lb_pool.php index 7b0e698b0..7b7bbaed4 100644 --- a/src/www/status_lb_pool.php +++ b/src/www/status_lb_pool.php @@ -29,7 +29,7 @@ require_once("guiconfig.inc"); require_once("filter.inc"); -require_once("vslb.inc"); +require_once("plugins.inc.d/relayd.inc"); require_once("services.inc"); require_once("interfaces.inc"); @@ -76,11 +76,11 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { $service_hook = 'relayd'; include("head.inc"); -$relay_hosts = get_lb_summary(); +$relay_hosts = relayd_get_lb_summary(); legacy_html_escape_form_data($a_pool); legacy_html_escape_form_data($relay_hosts); -?> +?>
diff --git a/src/www/status_lb_vs.php b/src/www/status_lb_vs.php index 3ac4e0223..efa211e94 100644 --- a/src/www/status_lb_vs.php +++ b/src/www/status_lb_vs.php @@ -30,7 +30,7 @@ require_once("guiconfig.inc"); require_once("filter.inc"); require_once("services.inc"); -require_once("vslb.inc"); +require_once("plugins.inc.d/relayd.inc"); if (empty($config['load_balancer']['lbpool']) || !is_array($config['load_balancer']['lbpool'])) { $a_pool = array(); @@ -53,7 +53,7 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') { } } -$rdr_a = get_lb_redirects(); +$rdr_a = relayd_get_lb_redirects(); $service_hook = 'relayd'; legacy_html_escape_form_data($a_vs); diff --git a/src/www/status_services.php b/src/www/status_services.php index cc8d18bea..a42eef874 100644 --- a/src/www/status_services.php +++ b/src/www/status_services.php @@ -30,7 +30,6 @@ require_once("guiconfig.inc"); require_once("services.inc"); -require_once("vslb.inc"); require_once("system.inc"); require_once("unbound.inc"); require_once("openvpn.inc"); diff --git a/src/www/system_advanced_misc.php b/src/www/system_advanced_misc.php index 27b4a4574..02ada6822 100644 --- a/src/www/system_advanced_misc.php +++ b/src/www/system_advanced_misc.php @@ -32,7 +32,6 @@ require_once("guiconfig.inc"); require_once("filter.inc"); require_once("ipsec.inc"); -require_once("vslb.inc"); require_once("system.inc"); require_once("services.inc"); require_once("interfaces.inc"); diff --git a/src/www/widgets/widgets/load_balancer_status.widget.php b/src/www/widgets/widgets/load_balancer_status.widget.php index aafd73273..16ff7274a 100644 --- a/src/www/widgets/widgets/load_balancer_status.widget.php +++ b/src/www/widgets/widgets/load_balancer_status.widget.php @@ -33,7 +33,7 @@ require_once("guiconfig.inc"); require_once("filter.inc"); -require_once("vslb.inc"); +require_once("plugins.inc.d/relayd.inc"); $now = time(); $year = date("Y"); @@ -49,15 +49,14 @@ if (!is_array($config['load_balancer']['virtual_server'])) { } $a_vs = &$config['load_balancer']['virtual_server']; $a_pool = &$config['load_balancer']['lbpool']; -$rdr_a = get_lb_redirects(); -$relay_hosts = get_lb_summary(); +$rdr_a = relayd_get_lb_redirects(); +$relay_hosts = relayd_get_lb_summary(); $lb_logfile = '/var/log/relayd.log'; $nentries = isset($config['syslog']['nentries']) ? $config['syslog']['nentries'] : 50; ?> -