From bd6c048d45986c331c267df40b2bcb4361adc325 Mon Sep 17 00:00:00 2001 From: Franco Fichtner Date: Sat, 5 Nov 2016 19:01:56 +0100 Subject: [PATCH] relayd: use plugin hooks --- plist | 1 + src/etc/inc/filter.inc | 4 -- src/etc/inc/plugins.inc.d/relayd.inc | 66 ++++++++++++++++++++++++++++ src/etc/inc/services.inc | 9 ---- src/etc/inc/system.inc | 1 - 5 files changed, 67 insertions(+), 14 deletions(-) create mode 100644 src/etc/inc/plugins.inc.d/relayd.inc diff --git a/plist b/plist index 643a5df2f..6e45bada4 100644 --- a/plist +++ b/plist @@ -46,6 +46,7 @@ /usr/local/etc/inc/plugins.inc.d/if_ipsec.inc /usr/local/etc/inc/plugins.inc.d/if_openvpn.inc /usr/local/etc/inc/plugins.inc.d/miniupnpd.inc +/usr/local/etc/inc/plugins.inc.d/relayd.inc /usr/local/etc/inc/plugins.inc.d/shaper.inc /usr/local/etc/inc/plugins.inc.d/squid.inc /usr/local/etc/inc/plugins.inc.d/suricata.inc diff --git a/src/etc/inc/filter.inc b/src/etc/inc/filter.inc index e56ee3be4..17bf6537a 100644 --- a/src/etc/inc/filter.inc +++ b/src/etc/inc/filter.inc @@ -480,7 +480,6 @@ function filter_configure_sync() $rules .= "{$natrules}\n"; $rules .= $fw->anchorToText('nat,binat,rdr', 'tail'); $rules .= $fw->anchorToText('fw', 'head'); - $rules .= "anchor \"relayd/*\"\n"; // relayd $rules .= filter_rules_legacy($FilterIflist); $rules .= $fw->outputFilterRules(); $rules .= "{$pfrules}\n"; @@ -1716,9 +1715,6 @@ function filter_nat_rules_generate(&$FilterIflist) unset($tonathosts, $tonathosts_array, $numberofnathosts); } - $natrules .= "\n# Load balancing\n"; - $natrules .= "rdr-anchor \"relayd/*\"\n"; - // prevent redirection on ports with "lock out" protection if (!isset($config['system']['webgui']['noantilockout'])) { $alports = filter_get_antilockout_ports(); diff --git a/src/etc/inc/plugins.inc.d/relayd.inc b/src/etc/inc/plugins.inc.d/relayd.inc new file mode 100644 index 000000000..66e87bfb4 --- /dev/null +++ b/src/etc/inc/plugins.inc.d/relayd.inc @@ -0,0 +1,66 @@ + + All rights reserved. + + Redistribution and use in source and binary forms, with or without + modification, are permitted provided that the following conditions are met: + + 1. Redistributions of source code must retain the above copyright notice, + this list of conditions and the following disclaimer. + + 2. Redistributions in binary form must reproduce the above copyright + notice, this list of conditions and the following disclaimer in the + documentation and/or other materials provided with the distribution. + + THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + POSSIBILITY OF SUCH DAMAGE. +*/ + +function relayd_firewall($fw) +{ + global $config; + + if (isset($config['load_balancer']['virtual_server']) && isset($config['load_balancer']['lbpool']) && + count($config['load_balancer']['virtual_server']) && count($config['load_balancer']['lbpool'])) { + $fw->registerAnchor('relayd/*', 'rdr'); + $fw->registerAnchor('relayd/*', 'fw'); + } +} + +function relayd_services() +{ + global $config; + + $services = array(); + + if (isset($config['load_balancer']['virtual_server']) && isset($config['load_balancer']['lbpool']) && + count($config['load_balancer']['virtual_server']) && count($config['load_balancer']['lbpool'])) { + $pconfig = array(); + $pconfig['name'] = 'relayd'; + $pconfig['description'] = gettext('Server load balancing daemon'); + $pconfig['php']['restart'] = array('relayd_configure', 'filter_configure'); + $pconfig['php']['start'] = array('relayd_configure', 'filter_configure'); + $services[] = $pconfig; + } + + return $services; +} + +function relayd_syslog() +{ + $logfacilities = array(); + + $logfacilities['relayd'] = array('facility' => array('relayd'), 'remote' => 'relayd'); + + return $logfacilities; +} diff --git a/src/etc/inc/services.inc b/src/etc/inc/services.inc index 345147c15..c0703202b 100644 --- a/src/etc/inc/services.inc +++ b/src/etc/inc/services.inc @@ -2505,15 +2505,6 @@ function services_get() $services[] = $pconfig; } - if (isset($config['load_balancer']['virtual_server']) && isset($config['load_balancer']['lbpool']) && count($config['load_balancer']['virtual_server']) && count($config['load_balancer']['lbpool'])) { - $pconfig = array(); - $pconfig['name'] = "relayd"; - $pconfig['description'] = gettext("Server load balancing daemon"); - $pconfig['php']['restart'] = array('relayd_configure', 'filter_configure'); - $pconfig['php']['start'] = array('relayd_configure', 'filter_configure'); - $services[] = $pconfig; - } - if (isset($config['OPNsense']['captiveportal']['zones']['zone'])) { $enabled = false; if (!empty($config['OPNsense']['captiveportal']['zones']['zone']['enabled'])) { diff --git a/src/etc/inc/system.inc b/src/etc/inc/system.inc index f03d3a406..24d02e7b6 100644 --- a/src/etc/inc/system.inc +++ b/src/etc/inc/system.inc @@ -800,7 +800,6 @@ function system_syslogd_start() $syslogconfs['ntpd'] = array('facility' => array('ntp', 'ntpd', 'ntpdate')); $syslogconfs['portalauth'] = array('facility' => array('captiveportal'), 'remote' => 'portalauth'); $syslogconfs['ppps'] = array('facility' => array('ppp')); - $syslogconfs['relayd'] = array('facility' => array('relayd'), 'remote' => 'relayd'); $syslogconfs['resolver'] = array('facility' => array('dnsmasq', 'filterdns', 'unbound')); $syslogconfs['routing'] = array('facility' => array('radvd', 'routed', 'rtsold', 'olsrd', 'zebra', 'ospfd', 'bgpd', 'miniupnpd')); $syslogconfs['wireless'] = array('facility' => array('hostapd'), 'remote' => 'hostapd');