diff --git a/LICENSE b/LICENSE index b3f101580..5858b8466 100644 --- a/LICENSE +++ b/LICENSE @@ -1,5 +1,4 @@ Copyright (c) 2015-2016 Ad Schellevis -Copyright (c) 2005-2008 Bill Marquette Copyright (c) 2005-2006 Colin Smith Copyright (c) 2011 Dan Myers Copyright (c) 2017-2018 David Harrigan @@ -10,20 +9,17 @@ Copyright (c) 2006 Eric Friesen Copyright (c) 2008-2010 Ermal Luçi Copyright (c) 2017-2018 Fabian Franz Copyright (c) 2014-2018 Franco Fichtner -Copyright (c) 2016-2017 Frank Wall +Copyright (c) 2016-2018 Frank Wall Copyright (c) 2017 Giuseppe De Marco Copyright (c) 2010 Jim Pingle -Copyright (c) 2004-2005 Jonathan Watt Copyright (c) 2015 Jos Schellevis Copyright (c) 2003-2006 Manuel Kasper Copyright (c) 2017-2018 Michael Muenz -Copyright (c) 2012 Pierre POMES Copyright (c) 2004-2012 Scott Ullrich Copyright (c) 2010 Seth Mos Copyright (c) 2008 Shrew Soft Inc. Copyright (c) 2017 Smart-Soft Copyright (c) 2013 Stanley P. Miller \ stan-qaz -Copyright (c) 2004-2005 T. Lechat Copyright (c) 2010 Yehuda Katz All rights reserved. diff --git a/net/relayd/Makefile b/net/relayd/Makefile index 6804d0fdd..8f6d1d8f8 100644 --- a/net/relayd/Makefile +++ b/net/relayd/Makefile @@ -1,6 +1,5 @@ PLUGIN_NAME= relayd -PLUGIN_VERSION= 1.2 -PLUGIN_VERSION= 1 +PLUGIN_VERSION= 2.0 PLUGIN_DEPENDS= relayd PLUGIN_COMMENT= Relayd Load Balancer PLUGIN_MAINTAINER= frank.brendel@eurolog.com diff --git a/net/relayd/src/etc/inc/plugins.inc.d/relayd.inc b/net/relayd/src/etc/inc/plugins.inc.d/relayd.inc index 6329a7a46..eb3b9f931 100644 --- a/net/relayd/src/etc/inc/plugins.inc.d/relayd.inc +++ b/net/relayd/src/etc/inc/plugins.inc.d/relayd.inc @@ -1,38 +1,38 @@ - Copyright (C) 2005-2008 Bill Marquette - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ + * Copyright (C) 2018 EURO-LOG AG + * Copyright (C) 2016 Franco Fichtner + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions are met: + * + * 1. Redistributions of source code must retain the above copyright notice, + * this list of conditions and the following disclaimer. + * + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, + * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY + * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, + * OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF + * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS + * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN + * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE + * POSSIBILITY OF SUCH DAMAGE. + */ function relayd_enabled() { global $config; - return isset($config['load_balancer']['lbpool']) && count($config['load_balancer']['lbpool']) && - isset($config['load_balancer']['virtual_server']) && count($config['load_balancer']['virtual_server']); + return isset($config['OPNsense']['relayd']['general']['enabled']) && + $config['OPNsense']['relayd']['general']['enabled'] == 1; } function relayd_firewall($fw) @@ -53,12 +53,15 @@ function relayd_services() return $services; } - $pconfig = array(); - $pconfig['name'] = 'relayd'; - $pconfig['description'] = gettext('Relayd Load Balancer'); - $pconfig['php']['restart'] = array('relayd_configure_do'); - $pconfig['php']['start'] = array('relayd_configure_do'); - $services[] = $pconfig; + $services[] = array( + 'description' => gettext('Relayd Load Balancer'), + 'configd' => array( + 'restart' => array('relayd restart'), + 'start' => array('relayd start'), + 'stop' => array('relayd stop'), + ), + 'name' => 'relayd', + ); return $services; } @@ -69,7 +72,8 @@ function relayd_xmlrpc_sync() $result[] = array( 'description' => gettext('Relayd Load Balancer'), - 'section' => 'load_balancer', + 'section' => 'OPNsense.relayd', + /* kept for backwards compat: */ 'id' => 'lb', ); @@ -84,450 +88,3 @@ function relayd_syslog() return $logfacilities; } - -function relayd_subnetv4_expand($subnet) -{ - $result = array(); - - list ($ip, $bits) = explode("/", $subnet); - - $net = ip2long($ip); - $mask = (0xffffffff << (32 - $bits)); - $net &= $mask; - $size = round(exp(log(2) * (32 - $bits))); - - for ($i = 0; $i < $size; $i += 1) { - $result[] = long2ip($net | $i); - } - - return $result; -} - -function relayd_configure() -{ - return array( - 'bootup' => array('relayd_configure_do'), - 'remote' => array('relayd_configure_do'), - ); -} - -function relayd_configure_do($kill_first = false) -{ - global $config; - - if (isset($config['load_balancer']['virtual_server']) && is_array($config['load_balancer']['virtual_server'])) { - $vs_a = $config['load_balancer']['virtual_server']; - } else { - $vs_a = array(); - } - if (isset($config['load_balancer']['lbpool']) && is_array($config['load_balancer']['lbpool'])) { - $pool_a = $config['load_balancer']['lbpool']; - } else { - $pool_a = array(); - } - if (isset($config['load_balancer']['setting']) && is_array($config['load_balancer']['setting'])) { - $setting = $config['load_balancer']['setting']; - } else { - $setting = array(); - } - if (isset($config['load_balancer']['monitor_type']) && is_array($config['load_balancer']['monitor_type'])) { - $monitors_a = $config['load_balancer']['monitor_type']; - } else { - $monitors_a = array(); - } - - $check_a = array(); - - foreach ($monitors_a as $type) { - $type['options'] = isset($type['options']) ? $type['options'] : array(); - switch ($type['type']) { - case 'icmp': - case 'tcp': - $check_a[$type['name']] = "check {$type['type']} "; - break; - case 'http': - case 'https': - $check_a[$type['name']] = "check {$type['type']} "; - if (!empty($type['options']['path'])) { - $check_a[$type['name']] .= "'".$type['options']['path'] . "' "; - } - if (!empty($type['options']['host'])) { - $check_a[$type['name']] .= "host ".$type['options']['host'] . " "; - } - $check_a[$type['name']] .= "code " . $type['options']['code']; - break; - case 'send': - $check_a[$type['name']] = "check {$type['type']} "; - $check_a[$type['name']] .= !empty($type['options']['send']) ? "\"{$type['options']['send']}\"" : "\"\""; - $check_a[$type['name']] .= " expect "; - $check_a[$type['name']] .= !empty($type['options']['expect']) ? "\"{$type['options']['expect']}\"" : "\"\""; - break; - default: - break; - } - } - - $fd = fopen('/var/etc/relayd.conf', 'w'); - $conf = "log updates \n"; - - if (!empty($setting['timeout'])) { - $conf .= "timeout ".$setting['timeout']." \n"; - } else { - $conf .= "timeout 1000 \n"; - } - - if (!empty($setting['interval'])) { - $conf .= "interval ".$setting['interval']." \n"; - } - - if (!empty($setting['prefork'])) { - $conf .= "prefork ".$setting['prefork']." \n"; - } - - /* reindex pools by name as we loop through the pools array */ - $pools = array(); - /* Virtual server pools */ - for ($i = 0; isset($pool_a[$i]); $i++) { - if (is_array($pool_a[$i]['servers'])) { - if (!empty($pool_a[$i]['retry'])) { - $retrytext = " retry {$pool_a[$i]['retry']}"; - } else { - $retrytext = ""; - } - $conf .= "table <{$pool_a[$i]['name']}> {\n"; - foreach ($pool_a[$i]['servers'] as $server) { - if (is_subnetv4($server)) { - foreach (relayd_subnetv4_expand($server) as $ip) { - $conf .= "\t{$ip}{$retrytext}\n"; - } - } else { - $conf .= "\t{$server}{$retrytext}\n"; - } - } - $conf .= "}\n"; - /* Index by name for easier fetching when we loop through the virtual servers */ - $pools[$pool_a[$i]['name']] = $pool_a[$i]; - } - } - - // collect used protocols - $used_protocols = array(); - foreach ($vs_a as $vs) { - if (isset($vs['relay_protocol']) && !in_array($vs['relay_protocol'], $used_protocols)) { - $used_protocols[] = $vs['relay_protocol']; - if (is_file('/usr/local/etc/inc/plugins.inc.d/relayd/'.basename($vs['relay_protocol']).'.proto')) { - $conf .= file_get_contents('/usr/local/etc/inc/plugins.inc.d/relayd/'.basename($vs['relay_protocol']).'.proto')."\n"; - } - } - } - - for ($i = 0; isset($vs_a[$i]); $i++) { - $append_port_to_name = false; - if (is_alias($pools[$vs_a[$i]['poolname']]['port'])) { - $dest_port_array = filter_expand_alias_array($pools[$vs_a[$i]['poolname']]['port']); - $append_port_to_name = true; - } else { - $dest_port_array = array($pools[$vs_a[$i]['poolname']]['port']); - } - if (is_alias($vs_a[$i]['port'])) { - $src_port_array = filter_expand_alias_array($vs_a[$i]['port']); - $append_port_to_name = true; - } elseif ($vs_a[$i]['port']) { - $src_port_array = array($vs_a[$i]['port']); - } else { - $src_port_array = $dest_port_array; - } - - $append_ip_to_name = false; - if (is_alias($vs_a[$i]['ipaddr'])) { - $ip_list = array(); - foreach (filter_expand_alias_array($vs_a[$i]['ipaddr']) as $item) { - log_error("item is $item"); - if (is_subnetv4($item)) { - $ip_list = array_merge($ip_list, relayd_subnetv4_expand($item)); - } else { - $ip_list[] = $item; - } - } - $append_ip_to_name = true; - } elseif (is_subnetv4($vs_a[$i]['ipaddr'])) { - $ip_list = relayd_subnetv4_expand($vs_a[$i]['ipaddr']); - $append_ip_to_name = true; - } else { - $ip_list = array($vs_a[$i]['ipaddr']); - } - - for ($j = 0; $j < count($ip_list); $j += 1) { - $ip = $ip_list[$j]; - for ($k = 0; $k < count($src_port_array) && $k < count($dest_port_array); $k += 1) { - $src_port = $src_port_array[$k]; - $dest_port = $dest_port_array[$k]; - - $name = $vs_a[$i]['name']; - if ($append_ip_to_name) { - $name .= "_" . $j; - } - if ($append_port_to_name) { - $name .= "_" . $src_port; - } - - if ($vs_a[$i]['mode'] == 'relay') { - // relay mode - $conf .= "relay \"{$name}\" {\n"; - $conf .= " listen on {$ip} port {$src_port} \n"; - $conf .= " protocol \"{$vs_a[$i]['relay_protocol']}\"\n"; - $lbmode = ""; - if ($pools[$vs_a[$i]['poolname']]['mode'] == "loadbalance") { - $lbmode = "mode loadbalance"; - } - - $conf .= " forward to <{$vs_a[$i]['poolname']}> port {$dest_port} {$lbmode} {$check_a[$pools[$vs_a[$i]['poolname']]['monitor']]} \n"; - - if (isset($vs_a[$i]['sitedown']) && strlen($vs_a[$i]['sitedown']) > 0 && ($vs_a[$i]['relay_protocol'] != 'dns')) { - $conf .= " forward to <{$vs_a[$i]['sitedown']}> port {$dest_port} {$lbmode} {$check_a[$pools[$vs_a[$i]['poolname']]['monitor']]} \n"; - } - - if (isset($vs_a[$i]['sessiontimeout'])) { - $conf .= " session timeout {$vs_a[$i]['sessiontimeout']} \n"; - } - - $conf .= "}\n"; - } else { - // redirect mode - $conf .= "redirect \"{$name}\" {\n"; - $conf .= " listen on {$ip} port {$src_port}\n"; - $conf .= " forward to <{$vs_a[$i]['poolname']}> port {$dest_port} {$check_a[$pools[$vs_a[$i]['poolname']]['monitor']]} \n"; - - if (isset($config['load_balancer']['setting']['lb_use_sticky'])) { - $conf .= " sticky-address\n"; - } - - /* sitedown MUST use the same port as the primary pool - sucks, but it's a relayd thing */ - if (isset($vs_a[$i]['sitedown']) && strlen($vs_a[$i]['sitedown']) > 0 && ($vs_a[$i]['relay_protocol'] != 'dns')) { - $conf .= " forward to <{$vs_a[$i]['sitedown']}> port {$dest_port} {$check_a[$pools[$vs_a[$i]['sitedown']]['monitor']]} \n"; - } - - if (isset($vs_a[$i]['sessiontimeout'])) { - $conf .= " session timeout {$vs_a[$i]['sessiontimeout']} \n"; - } - - $conf .= "}\n"; - } - } - } - } - fwrite($fd, $conf); - fclose($fd); - - if (is_process_running('relayd')) { - if (! empty($vs_a)) { - if ($kill_first) { - killbyname('relayd'); - /* Remove all active relayd anchors now that relayd is no longer running. */ - relayd_cleanup_lb_anchor('*'); - mwexec('/usr/local/sbin/relayd -f /var/etc/relayd.conf'); - } else { - // it's running and there is a config, just reload - mwexec('/usr/local/sbin/relayctl reload'); - } - } else { - /* - * XXX: Something breaks our control connection with relayd - * and makes 'relayctl stop' not work - * rule reloads are the current suspect - * mwexec('/usr/local/sbin/relayctl stop'); - * returns "command failed" - */ - killbyname('relayd'); - /* Remove all active relayd anchors now that relayd is no longer running. */ - relayd_cleanup_lb_anchor("*"); - } - } elseif (!empty($vs_a)) { - // not running and there is a config, start it - /* Remove all active relayd anchors so it can start fresh. */ - relayd_cleanup_lb_anchor('*'); - mwexec('/usr/local/sbin/relayd -f /var/etc/relayd.conf'); - } -} - -function relayd_get_lb_redirects() -{ -/* -# relayctl show summary -Id Type Name Avlblty Status -1 redirect testvs2 active -5 table test2:80 active (3 hosts up) -11 host 192.168.1.2 91.55% up -10 host 192.168.1.3 100.00% up -9 host 192.168.1.4 88.73% up -3 table test:80 active (1 hosts up) -7 host 192.168.1.2 66.20% down -6 host 192.168.1.3 97.18% up -0 redirect testvs active -3 table test:80 active (1 hosts up) -7 host 192.168.1.2 66.20% down -6 host 192.168.1.3 97.18% up -4 table testvs-sitedown:80 active (1 hosts up) -8 host 192.168.1.4 84.51% up -# relayctl show redirects -Id Type Name Avlblty Status -1 redirect testvs2 active -0 redirect testvs active -# relayctl show redirects -Id Type Name Avlblty Status -1 redirect testvs2 active - total: 2 sessions - last: 2/60s 2/h 2/d sessions - average: 1/60s 0/h 0/d sessions -0 redirect testvs active -*/ - $rdr_a = array(); - exec('/usr/local/sbin/relayctl show redirects 2>&1', $rdr_a); - $relay_a = array(); - exec('/usr/local/sbin/relayctl show relays 2>&1', $relay_a); - $vs = array(); - $cur_entry = ""; - for ($i = 0; isset($rdr_a[$i]); $i++) { - $line = $rdr_a[$i]; - if (preg_match("/^[0-9]+/", $line)) { - $regs = array(); - if ($x = preg_match("/^[0-9]+\s+redirect\s+([^\s]+)\s+([^\s]+)/", $line, $regs)) { - $cur_entry = trim($regs[1]); - $vs[trim($regs[1])] = array(); - $vs[trim($regs[1])]['status'] = trim($regs[2]); - } - } elseif (($x = preg_match("/^\s+total:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['total'] = trim($regs[1]); - } elseif (($x = preg_match("/^\s+last:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['last'] = trim($regs[1]); - } elseif (($x = preg_match("/^\s+average:(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['average'] = trim($regs[1]); - } - } - $cur_entry = ""; - for ($i = 0; isset($relay_a[$i]); $i++) { - $line = $relay_a[$i]; - if (preg_match("/^[0-9]+/", $line)) { - $regs = array(); - if ($x = preg_match("/^[0-9]+\s+relay\s+([^\s]+)\s+([^\s]+)/", $line, $regs)) { - $cur_entry = trim($regs[1]); - $vs[trim($regs[1])] = array(); - $vs[trim($regs[1])]['status'] = trim($regs[2]); - } - } elseif (($x = preg_match("/^\s+total:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['total'] = trim($regs[1]); - } elseif (($x = preg_match("/^\s+last:\s(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['last'] = trim($regs[1]); - } elseif (($x = preg_match("/^\s+average:(.*)\ssessions/", $line, $regs)) && !empty($cur_entry)) { - $vs[$cur_entry]['average'] = trim($regs[1]); - } - } - return $vs; -} - -function relayd_get_lb_summary() -{ - $relayctl = array(); - exec('/usr/local/sbin/relayctl show summary 2>&1', $relayctl); - $relay_hosts=array(); - foreach ((array) $relayctl as $line) { - $t = explode("\t", $line); - if (isset($t[1])) { - switch (trim($t[1])) { - case "table": - $curpool=trim($t[2]); - break; - case "host": - $curhost=trim($t[2]); - if (!isset($relay_hosts[$curpool])) { - $relay_hosts[$curpool] = array(); - } - if (!isset($relay_hosts[$curpool][$curhost])) { - $relay_hosts[$curpool][$curhost]['avail'] = array(); - } - $relay_hosts[$curpool][$curhost]['avail']=trim($t[3]); - $relay_hosts[$curpool][$curhost]['state']=trim($t[4]); - break; - } - } - } - return $relay_hosts; -} - -/* - * Remove NAT rules from a relayd anchor that is no longer in use. - * $anchorname can either be "*" to clear all anchors or a specific - * anchor name. - */ -function relayd_cleanup_lb_anchor($anchorname = "*") -{ - /* NOTE: These names come back prepended with "relayd/" e.g. "relayd/MyVSName" */ - $lbanchors = explode("\n", trim(`/sbin/pfctl -sA -a relayd | /usr/bin/awk '{print $1;}'`)); - foreach ($lbanchors as $lba) { - if (($anchorname == "*") || ($lba == "relayd/{$anchorname}")) { - /* Flush both the NAT and the Table for the anchor, so it will be completely removed by pf. */ - mwexecf('/sbin/pfctl -a %s -F nat', $lba); - mwexecf('/sbin/pfctl -a %s -F Tables', $lba); - } - } -} - -/* Mark an anchor for later cleanup. This will allow us to remove an old VS name */ -function relayd_cleanup_lb_mark_anchor($name) -{ - /* Nothing to do! */ - if (empty($name)) { - return; - } - - $filename = '/tmp/relayd_anchors_remove'; - $cleanup_anchors = array(); - - /* Read in any currently unapplied name changes */ - if (file_exists($filename)) { - $cleanup_anchors = explode("\n", file_get_contents($filename)); - } - - /* Only add the anchor to the list if it's not already there. */ - if (!in_array($name, $cleanup_anchors)) { - $cleanup_anchors[] = $name; - } - - file_put_contents($filename, implode("\n", $cleanup_anchors)); -} - -function relayd_cleanup_lb_marked() -{ - global $config; - - $filename = '/tmp/relayd_anchors_remove'; - $cleanup_anchors = array(); - - /* Nothing to do! */ - if (!file_exists($filename)) { - return; - } else { - $cleanup_anchors = explode("\n", file_get_contents($filename)); - /* Nothing to do! */ - if (empty($cleanup_anchors)) { - return; - } - } - - /* Load current names so we can make sure we don't remove an anchor that is still in use. */ - $active_vsnames = array(); - if (isset($config['load_balancer']['virtual_server'])) { - foreach ($config['load_balancer']['virtual_server'] as $vs) { - $active_vsnames[] = $vs['name']; - } - } - - foreach ($cleanup_anchors as $anchor) { - /* Only cleanup an anchor if it is not still active. */ - if (!in_array($anchor, $active_vsnames)) { - relayd_cleanup_lb_anchor($anchor); - } - } - - @unlink($filename); -} diff --git a/net/relayd/src/etc/inc/plugins.inc.d/relayd/dns.proto b/net/relayd/src/etc/inc/plugins.inc.d/relayd/dns.proto deleted file mode 100644 index 0f90ff041..000000000 --- a/net/relayd/src/etc/inc/plugins.inc.d/relayd/dns.proto +++ /dev/null @@ -1,3 +0,0 @@ -dns protocol "dns" { - tcp { nodelay, sack, socket buffer 1024, backlog 1000 } -} diff --git a/net/relayd/src/etc/inc/plugins.inc.d/relayd/tcp.proto b/net/relayd/src/etc/inc/plugins.inc.d/relayd/tcp.proto deleted file mode 100644 index bb20afd89..000000000 --- a/net/relayd/src/etc/inc/plugins.inc.d/relayd/tcp.proto +++ /dev/null @@ -1,3 +0,0 @@ -protocol "tcp" { - tcp { nodelay, socket buffer 65536 } -} diff --git a/net/relayd/src/etc/rc.d/os-relayd b/net/relayd/src/etc/rc.d/os-relayd new file mode 100755 index 000000000..04dade24f --- /dev/null +++ b/net/relayd/src/etc/rc.d/os-relayd @@ -0,0 +1,113 @@ +#!/bin/sh +# +# $FreeBSD$ +# + +# PROVIDE: os-relayd +# REQUIRE: NETWORKING syslogd +# BEFORE: DAEMON +# KEYWORD: shutdown + +. /etc/rc.subr + +name="osrelayd" +rcvar="osrelayd_enable" + +load_rc_config $name + +: ${relayd_enable="NO"} + +command="/usr/local/sbin/relayd" +cmd_string="relayd: parent" +relayctl="/usr/local/sbin/relayctl" +pidfile="/var/run/osrelayd.pid" + + +relayd_start () { + relayd_status + if [ $? -eq 0 ]; then + debug "relayd_start: relayd ist already running" + return 0 + fi + debug "relayd_start: start relayd" + run_rc_command "start" + if [ $? -eq 0 ]; then + i=0 + status="nok" + # give relayd some time to start + while [ $i -ne 3 ]; do + ps_pid=`ps ax -o pid= -o command= | grep "$cmd_string" | grep -v grep | awk '{ print $1 }'` + if [ -z "$ps_pid" ]; then + status="Cannot get pid for $command" + else + status="ok" + break + fi + echo $status + sleep 1 + i=$(( $i + 1 )) + done + if [ $status != 'ok' ]; then + err 1 "$status" + fi + echo $ps_pid > $pidfile + return $? + fi + return 1 +} + +relayd_stop () { + relayd_status + if [ $? -eq 1 ]; then + return 0 + fi + run_rc_command "stop" + if [ $? -ne 0 ]; then + err 1 "Cannot stop relayd with pid from $pidfile" + fi + rm -f $pidfile + return $? +} + +relayd_restart () { + relayd_stop + if [ $? -ne 0 ]; then + return $? + fi + sleep 1 + relayd_start + return $? +} + +relayd_status () { + + run_rc_command "status" + return $? +} + +relayd_reload () { + $relayctl reload +} + +case $1 in + start) + relayd_start + exit $? + ;; + stop) + relayd_stop + exit $? + ;; + restart) + relayd_restart + exit $? + ;; + status) + relayd_status + exit $? + ;; + reload) + relayd_reload; + exit $? + ;; +esac diff --git a/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/Api/ServiceController.php b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/Api/ServiceController.php new file mode 100644 index 000000000..157510da3 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/Api/ServiceController.php @@ -0,0 +1,141 @@ +internalLockHandle, LOCK_UN); + fclose($this->internalLockHandle); + return true; + } + + $this->internalLockHandle = fopen("/tmp/relayd.lock", "w+"); + if ($this->internalLockHandle != null && flock($this->internalLockHandle, LOCK_EX)) { + return true; + } + return false; + } + + /** + * test relayd configuration + * @return array + */ + public function configtestAction() + { + if ($this->request->isPost()) { + $result['status'] = 'ok'; + $this->sessionClose(); + + $backend = new Backend(); + + $result['function'] = "configtest"; + $result['template'] = trim($backend->configdRun('template reload OPNsense/Relayd')); + if ($result['template'] != 'OK') { + $result['result'] = "Template error: " . $result['template']; + return $result; + } + $result['result'] = trim($backend->configdRun('relayd configtest')); + return $result; + } else { + return array('status' => 'failed'); + } + } + + /** + * reconfigure relayd + * @return array + */ + public function reconfigureAction() + { + if ($this->request->isPost()) { + if ($this->lock()) { + $this->sessionClose(); + $result['function'] = "reconfigure"; + $result['status'] = 'failed'; + $mdlRelayd = new Relayd(); + $backend = new Backend(); + $status = $this->statusAction(); + if ($mdlRelayd->general->enabled->__toString() == 1) { + $result = $this->configtestAction(); + if ($result['template'] == 'OK' && preg_match('/configuration OK$/', $result['result']) == 1) { + if ($status['status'] != 'running') { + $result['result'] = trim($backend->configdRun('relayd start')); + } else { + $result['result'] = trim($backend->configdRun('relayd reload')); + } + } else { + return $result; + } + } else { + if ($status['status'] == 'running') { + $result['result'] = trim($backend->configdRun('relayd stop')); + } + } + $this->lock(1); + $mdlRelayd = new Relayd(); + if ($mdlRelayd->configClean()) { + $result['status'] = 'ok'; + } + return $result; + } else { + throw new \Exception("Cannot get lock"); + } + } else { + return array('status' => 'failed'); + } + } + + /** + * avoid restarting Relayd on reconfigure + */ + protected function reconfigureForceRestart() + { + return 0; + } +} diff --git a/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/Api/SettingsController.php b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/Api/SettingsController.php new file mode 100644 index 000000000..04cd42736 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/Api/SettingsController.php @@ -0,0 +1,388 @@ +mdlRelayd = new Relayd(); + } + + /** + * check if changes to the relayd settings were made + * @return result array + */ + public function dirtyAction() + { + $result = array('status' => 'ok'); + $result['relayd']['dirty'] = $this->mdlRelayd->configChanged(); + return $result; + } + + /** + * query relayd settings + * @param $nodeType + * @param $uuid + * @return result array + */ + public function getAction($nodeType = null, $uuid = null) + { + $result = array("result" => "failed"); + if ($this->request->isGet() && $nodeType != null) { + $this->validateNodeType($nodeType); + if ($nodeType == 'general') { + $node = $this->mdlRelayd->getNodeByReference($nodeType); + } else { + if ($uuid != null) { + $node = $this->mdlRelayd->getNodeByReference($nodeType . '.' . $uuid); + } else { + $node = $this->mdlRelayd->$nodeType->Add(); + } + } + if ($node != null) { + $result['relayd'] = array($nodeType => $node->getNodes()); + $result['status'] = 'ok'; + } + } + return $result; + } + + /** + * set relayd properties + * @param $nodeType + * @param $uuid + * @param $action set or add node + * @return status array + */ + public function setAction($nodeType = null, $uuid = null) + { + $result = array('result' => 'failed', 'validations' => array()); + if ($this->request->isPost() && $this->request->hasPost('relayd') && $nodeType != null) { + $this->validateNodeType($nodeType); + if ($nodeType == 'general') { + $node = $this->mdlRelayd->getNodeByReference($nodeType); + } else { + if ($uuid != null) { + $node = $this->mdlRelayd->getNodeByReference($nodeType . '.' . $uuid); + } else { + $node = $this->mdlRelayd->$nodeType->Add(); + } + } + if ($node != null) { + $relaydInfo = $this->request->getPost('relayd'); + + // perform plugin specific validations + if ($nodeType == 'virtualserver') { + // preset defaults for validations + if (empty($relaydInfo[$nodeType]['type'])) { + $relaydInfo[$nodeType]['type'] = $node->type->__toString(); + } + if (empty($relaydInfo[$nodeType]['transport_tablemode'])) { + $relaydInfo[$nodeType]['transport_tablemode'] = $node->transport_tablemode->__toString(); + } + if (empty($relaydInfo[$nodeType]['backuptransport_tablemode'])) { + $relaydInfo[$nodeType]['backuptransport_tablemode'] = + $node->backuptransport_tablemode->__toString(); + } + + if ($relaydInfo[$nodeType]['type'] == 'redirect') { + if ($relaydInfo[$nodeType]['transport_tablemode'] != 'least-states' && + $relaydInfo[$nodeType]['transport_tablemode'] != 'roundrobin') { + $result['validations']['relayd.virtualserver.transport_tablemode'] = sprintf( + gettext('Scheduler "%s" not supported for redirects.'), + $relaydInfo[$nodeType]['transport_tablemode'] + ); + } + if ($relaydInfo[$nodeType]['backuptransport_tablemode'] != 'least-states' && + $relaydInfo[$nodeType]['backuptransport_tablemode'] != 'roundrobin') { + $result['validations']['relayd.virtualserver.backuptransport_tablemode'] = sprintf( + gettext('Scheduler "%s" not supported for redirects.'), + $relaydInfo[$nodeType]['backuptransport_tablemode'] + ); + } + } + if ($relaydInfo[$nodeType]['type'] == 'relay') { + if ($relaydInfo[$nodeType]['transport_tablemode'] == 'least-states') { + $result['validations']['relayd.virtualserver.transport_tablemode'] = sprintf( + gettext('Scheduler "%s" not supported for relays.'), + $relaydInfo[$nodeType]['transport_tablemode'] + ); + } + if ($relaydInfo[$nodeType]['backuptransport_tablemode'] == 'least-states') { + $result['validations']['relayd.virtualserver.backuptransport_tablemode'] = sprintf( + gettext('Scheduler "%s" not supported for relays.'), + $relaydInfo[$nodeType]['backuptransport_tablemode'] + ); + } + } + } elseif ($nodeType == 'tablecheck') { + switch ($relaydInfo[$nodeType]['type']) { + case 'send': + if (empty($relaydInfo[$nodeType]['expect'])) { + $result['validations']['relayd.tablecheck.expect'] = + gettext('Expect Pattern cannot be empty.'); + } + break; + case 'script': + if (empty($relaydInfo[$nodeType]['path'])) { + $result['validations']['relayd.tablecheck.path'] = + gettext('Script path cannot be empty.'); + } + break; + case 'http': + if (empty($relaydInfo[$nodeType]['path'])) { + $result['validations']['relayd.tablecheck.path'] = + gettext('Path cannot be empty.'); + } + if (empty($relaydInfo[$nodeType]['code']) && empty($relaydInfo[$nodeType]['digest'])) { + $result['validations']['relayd.tablecheck.code'] = + gettext('Provide one of Response Code or Message Digest.'); + $result['validations']['relayd.tablecheck.digest'] = + gettext('Provide one of Response Code or Message Digest.'); + } + break; + } + } + + $node->setNodes($relaydInfo[$nodeType]); + $valMsgs = $this->mdlRelayd->performValidation(); + foreach ($valMsgs as $field => $msg) { + $fieldnm = str_replace($node->__reference, "relayd." . $nodeType, $msg->getField()); + $result["validations"][$fieldnm] = $msg->getMessage(); + } + if (empty($result["validations"])) { + unset($result["validations"]); + $this->mdlRelayd->serializeToConfig(); + $cfgRelayd = Config::getInstance()->save(); + if ($this->mdlRelayd->configDirty()) { + $result['status'] = 'ok'; + } + } + } + } + return $result; + } + + /** + * delete relayd settings + * @param $nodeType + * @param $uuid + * @return status array + */ + public function delAction($nodeType = null, $uuid = null) + { + $result = array("result" => "failed"); + if ($nodeType != null) { + $this->validateNodeType($nodeType); + if ($uuid != null) { + $node = $this->mdlRelayd->getNodeByReference($nodeType . '.' . $uuid); + if ($node != null) { + $nodeName = $this->mdlRelayd->getNodeByReference($nodeType . '.' . $uuid . '.name')->__toString(); + if ($this->mdlRelayd->$nodeType->del($uuid) == true) { + // delete relations + switch ($nodeType) { + case 'host': + $this->deleteRelations( + 'table', + 'hosts', + $uuid, + 'host', + $nodeName, + $this->mdlRelayd + ); + break; + case 'tablecheck': + $this->deleteRelations( + 'virtualserver', + 'transport_tablecheck', + $uuid, + 'tablecheck', + $nodeName, + $this->mdlRelayd + ); + $this->deleteRelations( + 'virtualserver', + 'backuptransport_tablecheck', + $uuid, + 'tablecheck', + $nodeName, + $this->mdlRelayd + ); + break; + case 'table': + $this->deleteRelations( + 'virtualserver', + 'transport_table', + $uuid, + 'table', + $nodeName, + $this->mdlRelayd + ); + $this->deleteRelations( + 'virtualserver', + 'backuptransport_table', + $uuid, + 'table', + $nodeName, + $this->mdlRelayd + ); + break; + case 'protocol': + $this->deleteRelations( + 'virtualserver', + 'protocol', + $uuid, + 'protocol', + $nodeName, + $this->mdlRelayd + ); + break; + } + $this->mdlRelayd->serializeToConfig(); + Config::getInstance()->save(); + if ($this->mdlRelayd->configDirty()) { + $result['status'] = 'ok'; + } + } + } + } + } + return $result; + } + + /** + * search relayd settings + * @param $nodeType + * @return result array + */ + public function searchAction($nodeType = null) + { + $this->sessionClose(); + if ($this->request->isPost() && $nodeType != null) { + $this->validateNodeType($nodeType); + $grid = new UIModelGrid($this->mdlRelayd->$nodeType); + $fields = array(); + switch ($nodeType) { + case 'host': + $fields = array('name', 'address'); + break; + case 'tablecheck': + $fields = array('name', 'type'); + break; + case 'table': + $fields = array('enabled', 'name'); + break; + case 'protocol': + $fields = array('name', 'type'); + break; + case 'virtualserver': + $fields = array('enabled', 'name', 'type'); + break; + } + $result = $grid->fetchBindRequest($this->request, $fields); + $result['dirty'] = $this->mdlRelayd->configChanged(); + return $result; + } + } + + /** + * validate nodeType + * @param $nodeType + * @throws \Exception + */ + private function validateNodeType($nodeType = null) + { + if (array_search($nodeType, $this->nodeTypes) === false) { + throw new \Exception('unknown nodeType: ' . $nodeType); + } + } + + /** + * delete relations + * @param $nodeType + * @param $uuid + * @param $relNodeType + * @param &$mdlRelayd + * @throws \Exception + */ + private function deleteRelations( + $nodeType = null, + $nodeField = null, + $relUuid = null, + $relNodeType = null, + $relNodeName = null + ) { + $nodes = $this->mdlRelayd->$nodeType->getNodes(); + // get nodes with relations + foreach ($nodes as $nodeUuid => $node) { + // get relation uuids + foreach ($node[$nodeField] as $fieldUuid => $field) { + // remove uuid from field + if ($fieldUuid == $relUuid) { + $refField = $nodeType . '.' . $nodeUuid . '.' . $nodeField; + $relNode = $this->mdlRelayd->getNodeByReference($refField); + $nodeRels = str_replace($relUuid, '', $relNode->__toString()); + $nodeRels = str_replace(',,', ',', $nodeRels); + $nodeRels = rtrim($nodeRels, ','); + $nodeRels = ltrim($nodeRels, ','); + $this->mdlRelayd->setNodeByReference($refField, $nodeRels); + if ($relNode->isEmptyAndRequired()) { + $nodeName = $this->mdlRelayd->getNodeByReference("{$nodeType}.{$nodeUuid}.name")->__toString(); + throw new \Exception("Cannot delete $relNodeType '$relNodeName' from $nodeType '$nodeName'"); + } + } + } + } + } +} diff --git a/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/Api/StatusController.php b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/Api/StatusController.php new file mode 100644 index 000000000..2435cfb7f --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/Api/StatusController.php @@ -0,0 +1,124 @@ + "failed"); + $backend = new Backend(); + $output = array(); + $output = explode("\n", trim($backend->configdRun('relayd summary'))); + if (empty($output[0])) { + return $result; + } + $result["result"] = 'ok'; + $virtualServerId = 0; + $virtualServerType = ''; + $tableId = 0; + $virtualserver = array(); + $rows = array(); + foreach ($output as $line) { + $words = explode("\t", $line); + $id = trim($words[0]); + $type = trim($words[1]); + if ($type == 'redirect' || $type == 'relay') { + // new virtual server id/type means new record + if (($id != $virtualServerId && $virtualServerId > 0) || + ($type != $virtualServerType && strlen($virtualServerType) > 5)) { + $rows[] = $virtualserver; + $virtualserver = array(); + } + $virtualServerId = $id; + $virtualServerType = $type; + $virtualserver['id'] = $id; + $virtualserver['type'] = $type; + $virtualserver['name'] = trim($words[2]); + $virtualserver['status'] = trim($words[4]); + } + if ($type == 'table') { + $tableId = $id; + $virtualserver['tables'][$tableId]['name'] = trim($words[2]); + $virtualserver['tables'][$tableId]['status'] = trim($words[4]); + } + if ($type == 'host') { + $hostId = trim($words[0]); + $virtualserver['tables'][$tableId]['hosts'][$hostId]['name'] = trim($words[2]); + $virtualserver['tables'][$tableId]['hosts'][$hostId]['avlblty'] = trim($words[3]); + $virtualserver['tables'][$tableId]['hosts'][$hostId]['status'] = trim($words[4]); + } + } + $rows[] = $virtualserver; + $result["rows"] = $rows; + return $result; + } + + /** + * enable/disable relayd objects + */ + public function toggleAction($nodeType = null, $id = null, $action = null) + { + if ($this->request->isPost()) { + $this->sessionClose(); + } + $result = array("result" => "failed", "function" => "toggle"); + if ($nodeType != null && + ($nodeType == 'redirect' || + $nodeType == 'table' || + $nodeType == 'host')) { + if ($action != null && + ($action == 'enable' || + $action == 'disable')) { + if ($id != null && $id > 0) { + $backend = new Backend(); + $result["output"] = $backend->configdRun("relayd toggle $nodeType $action $id"); + if (isset($result["output"])) { + $result["result"] = 'ok'; + } + $result["output"] = trim($result["output"]); + } + } + } + return $result; + } +} diff --git a/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/IndexController.php b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/IndexController.php new file mode 100644 index 000000000..9e9ecfa62 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/IndexController.php @@ -0,0 +1,53 @@ +view->formGeneralSettings = $this->getForm("general"); + $this->view->formDialogEditHost = $this->getForm("host"); + $this->view->formDialogEditTableCheck = $this->getForm("tablecheck"); + $this->view->formDialogEditTable = $this->getForm("table"); + $this->view->formDialogEditProtocol = $this->getForm("protocol"); + $this->view->formDialogEditVirtualServer = $this->getForm("virtualserver"); + $this->view->pick('OPNsense/Relayd/index'); + } +} diff --git a/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/StatusController.php b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/StatusController.php new file mode 100644 index 000000000..af76e120e --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/StatusController.php @@ -0,0 +1,47 @@ +view->pick('OPNsense/Relayd/status'); + } +} diff --git a/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/general.xml b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/general.xml new file mode 100644 index 000000000..7ef174f95 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/general.xml @@ -0,0 +1,45 @@ +
+ + relayd.general.enabled + + checkbox + + + + relayd.general.interval + + text + + The default interval is 10 seconds.]]> + + + + relayd.general.log + + dropdown + + log the updates to new states or log all state notifications,
+ even if the state didn't change.]]> + + + + relayd.general.prefork + + text + + handle relayed connections.]]> + + + + relayd.general.timeout + + text + + overridden by the timeout value in the table definitions.]]> + + +
diff --git a/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/host.xml b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/host.xml new file mode 100644 index 000000000..1c6967ae0 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/host.xml @@ -0,0 +1,46 @@ +
+ + relayd.host.name + + text + + + + relayd.host.address + + text + + + + + relayd.host.ipTTL + + text + + + true + + + relayd.host.priority + + text + + + true + + + relayd.host.retry + + text + + + true + +
diff --git a/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/protocol.xml b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/protocol.xml new file mode 100644 index 000000000..d5b3f067e --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/protocol.xml @@ -0,0 +1,25 @@ +
+ + relayd.protocol.name + + text + + + + relayd.protocol.type + + dropdown + + + + + relayd.protocol.options + + textbox + + + +
diff --git a/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/table.xml b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/table.xml new file mode 100644 index 000000000..ee45d4235 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/table.xml @@ -0,0 +1,25 @@ +
+ + relayd.table.name + + text + + + + relayd.table.enabled + + checkbox + + + + + relayd.table.hosts + + select_multiple + + + +
diff --git a/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/tablecheck.xml b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/tablecheck.xml new file mode 100644 index 000000000..b1d8763d9 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/tablecheck.xml @@ -0,0 +1,80 @@ +
+ + relayd.tablecheck.name + + text + + + + + relayd.tablecheck.type + + dropdown + +
  • ICMP - Ping hosts in this table to determine whether they are up or not.
    • +
  • TCP - Use a simple TCP connect to check that hosts are up.
    • +
  • SSL - Perform a complete SSL handshake with each host to check their availability.
    • +
  • SEND - Create a TCP connection, send data and check the response.
    • +
  • SCRIPT - Execute an external program to check the host state.
    • +
  • HTTP(S) - Check response code or message digest from a http(s) request.
    • + ]]> +     +     + + relayd.tablecheck.path + + text + + + + + relayd.tablecheck.host + + text + + + + + relayd.tablecheck.code + + text + + + + + relayd.tablecheck.digest + + text + + + + + relayd.tablecheck.data + + text + + + + + relayd.tablecheck.expect + + text + + + + + relayd.tablecheck.ssl + + checkbox + + + +
    diff --git a/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/virtualserver.xml b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/virtualserver.xml new file mode 100644 index 000000000..20d7a6c90 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/forms/virtualserver.xml @@ -0,0 +1,199 @@ +
    + + relayd.virtualserver.name + + text + + + + relayd.virtualserver.enabled + + checkbox + + + + + relayd.virtualserver.type + + dropdown + Redirections
    +    Redirections are translated to pf(4) rdr-to rules for stateful
    +    forwarding to a target host from a health-checked table on layer 3.

    + Relays
    +    Relays allow application layer load balancing, SSL acceleration,
    +    and general purpose TCP proxying on layer 7.]]> +     +     + + relayd.virtualserver.listen_address + + text + + + + + relayd.virtualserver.listen_startport + + text + + + + + relayd.virtualserver.listen_endport + + text + + + true + + + relayd.virtualserver.listen_interface + + dropdown + + + true + + + relayd.virtualserver.transport_type + + dropdown + Forward or Route packets to the backend hosts.]]> + + true + + + relayd.virtualserver.transport_table + + dropdown + + + + + relayd.virtualserver.transport_port + + text + + + true + + + relayd.virtualserver.transport_interval + + text + + + true + + + relayd.virtualserver.transport_timeout + + text + + + true + + + relayd.virtualserver.transport_tablemode + + dropdown + + + + + relayd.virtualserver.transport_tablecheck + + dropdown + + + + + relayd.virtualserver.backuptransport_table + + dropdown + + + true + + + relayd.virtualserver.backuptransport_interval + + text + + + true + + + relayd.virtualserver.backuptransport_timeout + + text + + + true + + + relayd.virtualserver.backuptransport_tablemode + + dropdown + + + true + + + relayd.virtualserver.backuptransport_tablecheck + + dropdown + + + true + + + relayd.virtualserver.sessiontimeout + + text + + redirections. The default timeout is 600 seconds (10 minutes).
    + The maximum is 2147483647 seconds (68 years).]]> +     + true +     + + relayd.virtualserver.stickyaddress + + checkbox + + from the same source are mapped to the same redirection address.]]> + + true + + + relayd.virtualserver.protocol + + dropdown + + + true + +
    diff --git a/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/ACL/ACL.xml b/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/ACL/ACL.xml index 305cf9b02..e0a3de073 100644 --- a/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/ACL/ACL.xml +++ b/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/ACL/ACL.xml @@ -1,62 +1,11 @@ - - Services: Load Balancer: Monitor: Edit - - load_balancer_monitor_edit.php* - - - - Services: Load Balancer: Monitors - - load_balancer_monitor.php* - - - - Services: Load Balancer: setting - - load_balancer_setting.php* - - - - Services: Load Balancer: Virtual Servers - - load_balancer_virtual_server.php* - - - - Status: Load Balancer: Pool - - status_lb_pool.php* - - - - Status: Load Balancer: Virtual Server - - status_lb_vs.php* - - - - Status: System logs: Load Balancer - - diag_logs_relayd.php* - - - - Load Balancer: Pool - - load_balancer_pool.php* - - - - Load Balancer: Pool: Edit - - load_balancer_pool_edit.php* - - - - Load Balancer: Virtual Server: Edit - - load_balancer_virtual_server_edit.php* - - + + Services: Relayd + Allow access to the 'Services: Relayd' page. + + ui/relayd/* + api/relayd/* + diag_logs_relayd.php* + + diff --git a/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/Menu/Menu.xml b/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/Menu/Menu.xml index bb37abba1..7e3c36adf 100644 --- a/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/Menu/Menu.xml +++ b/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/Menu/Menu.xml @@ -1,19 +1,9 @@ - - - - - - - - - - - - - - - - - + + + + + + + diff --git a/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/Migrations/M1_0_0.php b/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/Migrations/M1_0_0.php new file mode 100644 index 000000000..ca0eac5d1 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/Migrations/M1_0_0.php @@ -0,0 +1,241 @@ +object(); + + $hosts = array(); + $tableChecks = array(); + $tables = array(); + $protocols = array(); + $sticky = 0; + + /* load_balancer setting */ + if (!empty($cfgObj->load_balancer->setting->timeout)) { + $model->general->timeout = $cfgObj->load_balancer->setting->timeout; + } + if (!empty($cfgObj->load_balancer->setting->interval)) { + $model->general->interval = $cfgObj->load_balancer->setting->interval; + } + if (!empty($cfgObj->load_balancer->setting->prefork)) { + $model->general->prefork = $cfgObj->load_balancer->setting->prefork; + } + if (!empty($cfgObj->load_balancer->setting->lb_use_sticky)) { + $sticky = $cfgObj->load_balancer->setting->lb_use_sticky; + } + + /* load_balancer monitor_type */ + if (!empty($cfgObj->load_balancer->monitor_type) && count($cfgObj->load_balancer->monitor_type)) { + foreach ($cfgObj->load_balancer->monitor_type as $monitorType) { + if (!empty($monitorType->name)) { + $name = $monitorType->name->__toString(); + switch ($monitorType->type) { + case 'http': + case 'https': + if (!empty($monitorType->options->path) && + !empty($monitorType->options->code)) { + $setting = array( + 'name' => $name, + 'path' => $monitorType->options->path, + 'code' => $monitorType->options->code, + 'type' => 'http'); + if ($monitorType->type == 'https') { + $setting['ssl'] = 1; + } + if (!empty($monitorType->options->host)) { + $setting['host'] = $monitorType->options->host; + } + if (!empty($setting)) { + $node = $model->tablecheck->Add(); + $node->setNodes($setting); + $tableChecks[$name]['uuid'] = $node->getAttributes()['uuid']; + } + } + break; + case 'send': + if (!empty($monitorType->options->expect)) { + $setting = array( + 'name' => $name, + 'type' => 'send', + 'expect' => $monitorType->options->expect); + } + if (!empty($monitorType->options->data)) { + $setting['data'] = $monitorType->options->data; + } + if (!empty($setting)) { + $node = $model->tablecheck->Add(); + $node->setNodes($setting); + $tableChecks[$name]['uuid'] = $node->getAttributes()['uuid']; + } + break; + default: + $node = $model->tablecheck->Add(); + $node->setNodes(array('name' => $name, 'type' => $monitorType->type)); + $tableChecks[$name]['uuid'] = $node->getAttributes()['uuid']; + break; + } + } + } + } + + /* load_balancer lbpool */ + if (!empty($cfgObj->load_balancer->lbpool) && count($cfgObj->load_balancer->lbpool)) { + foreach ($cfgObj->load_balancer->lbpool as $lbpool) { + if (!empty($lbpool->name) && + !empty($lbpool->servers && + !empty($lbpool->monitor))) { + $name = $lbpool->name->__toString(); + $tableSetting = array( + 'enabled' => 1, + 'name' => $lbpool->name, + 'hosts' => '' + ); + /* cannot import 'serversdisabled' */ + foreach ($lbpool->servers as $server) { + $serverName = $server->__toString(); + /* add new host */ + if (empty($hosts) || !isset($hosts[$serverName])) { + $hostSetting = array( + 'name' => $serverName, + 'address' => $serverName); + if (!empty($lbpool->retry)) { + $hostSetting['retry'] = $lbpool->retry; + } + $hostNode = $model->host->Add(); + $hostNode->setNodes($hostSetting); + $hosts[$serverName]['uuid'] = $hostNode->getAttributes()['uuid']; + } + $tableSetting['hosts'] .= $hosts[$serverName]['uuid'] . ','; + } + $tableSetting['hosts'] = rtrim($tableSetting['hosts'], ','); + $tableNode = $model->table->Add(); + $tableNode->setNodes($tableSetting); + $tables[$name]['uuid'] = $tableNode->getAttributes()['uuid']; + if (!empty($lbpool->mode) && $lbpool->mode == 'loadbalance') { + $tables[$name]['mode'] = 'loadbalance'; + } + $monitor = $lbpool->monitor->__toString(); + $tables[$name]['monitor'] = $tableChecks[$monitor]['uuid']; + if (!empty($lbpool->port)) { + $tables[$name]['port'] = $lbpool->port; + } + } + } + } + + /* protocol definitions */ + $protocolDir = '/usr/local/etc/inc/plugins.inc.d/relayd'; + if (is_dir($protocolDir)) { + $protocolFiles = glob($protocolDir . '/*.proto'); + foreach ($protocolFiles as $protocolFile) { + $content = file_get_contents($protocolFile); + preg_match('/^([^\{]*)\{((.|\n|\r)*)\}((\s|\n|\r)*)$/', $content, $acontent); + if (preg_match('/^protocol\s+/', trim($acontent[1]))) { + preg_match('/^([^\s]*)\s+([^\s]*)/', trim($acontent[1]), $protocol); + } else { + preg_match('/^([^\s]*)\s+([^\s]*)\s+([^\s]*)/', trim($acontent[1]), $protocol); + } + $type = trim($protocol[1]); + if (count($protocol) == 3 && $type == 'protocol') { + $type = 'tcp'; + $name = trim($protocol[2]); + } else { + $name = trim($protocol[3]); + } + $name = trim($name, '"'); + $protocolSetting = array( + 'name' => $name, + 'type' => $type, + 'options' => trim($acontent[2]) + ); + $protocolNode = $model->protocol->Add(); + $protocolNode->setNodes($protocolSetting); + $protocols[$name]['uuid'] = $protocolNode->getAttributes()['uuid']; + } + } + + /* load_balancer virtual_server */ + if (!empty($cfgObj->load_balancer->virtual_server) && count($cfgObj->load_balancer->virtual_server)) { + foreach ($cfgObj->load_balancer->virtual_server as $virtual_server) { + if (!empty($virtual_server->name) && + !empty($virtual_server->ipaddr) && + !empty($virtual_server->port) && + !empty($virtual_server->poolname)) { + $poolname = $virtual_server->poolname->__toString(); + $vserverSetting = array( + 'enabled' => 1, + 'name' => $virtual_server->name, + 'listen_address' => $virtual_server->ipaddr, + 'listen_startport' => $virtual_server->port, + 'transport_type' => 'forward', + 'transport_table' => $tables[$poolname]['uuid'], + 'transport_tablecheck' => $tables[$poolname]['monitor'] + ); + if (!empty($virtual_server->mode)) { + $vserverSetting['type'] = $virtual_server->mode; + if (!empty($sticky) && $vserverSetting['type'] == 'redirect') { + $vserverSetting['stickyaddress'] = 1; + } + } + if (!empty($tables[$poolname]['port'])) { + $vserverSetting['transport_port'] = $tables[$poolname]['port']; + } + if (!empty($tables[$poolname]['mode'])) { + $vserverSetting['transport_tablemode'] = $tables[$poolname]['mode']; + } + if (!empty($virtual_server->sitedown)) { + $sitedown = $virtual_server->sitedown->__toString(); + $vserverSetting['backuptransport_table'] = $tables[$sitedown]['uuid']; + $vserverSetting['backuptransport_tablecheck'] = $vserverSetting['transport_tablecheck']; + if (!empty($vserverSetting['transport_tablemode'])) { + $vserverSetting['backuptransport_tablemode'] = $vserverSetting['transport_tablemode']; + } + } + if (!empty($virtual_server->sessiontimeout)) { + $vserverSetting['sessiontimeout'] = $virtual_server->sessiontimeout; + } + if (!empty($virtual_server->relay_protocol)) { + $relay_protocol = $virtual_server->relay_protocol->__toString(); + $vserverSetting['protocol'] = $protocols[$relay_protocol]['uuid']; + } + $vserverNode = $model->virtualserver->Add(); + $vserverNode->setNodes($vserverSetting); + } + } + } + } +} diff --git a/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/Relayd.php b/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/Relayd.php new file mode 100644 index 000000000..e80a832e0 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/models/OPNsense/Relayd/Relayd.php @@ -0,0 +1,67 @@ + + //OPNsense/relayd + 1.0.0 + Relayd settings + + + + 0 + Y + + + 10 + N + 1 + Check interval must be greater than 0 + + + N + + new states + all states + + + + 3 + N + 1 + Number of processes must be greater than 0 + + + 200 + N + 1 + The timeout must be greater than 0 + + + + + Y + /^([0-9a-zA-Z\._\- ]){1,255}$/u + Should be a string between 1 and 255 characters. Allowed characters are letters and numbers as well as underscore, minus, dot and space. + +
    + Y + /^([0-9a-zA-Z\.,_\-:]){0,1024}$/u + lower + Please specify a valid servername or IP address. +
    + + N + 1 + The IP TTL must be greater than 0 + + + N + 1 + The route priority must be greater than 0 + + + N + 1 + The number of retries must be greater than 0 + +     + + + Y + /^([0-9a-zA-Z\._\- ]){1,255}$/u + Should be a string between 1 and 255 characters. Allowed characters are letters and numbers as well as underscore, minus, dot and space. + + + 0 + Y + + + + + + Host not found + Y + Y + +
    + + + Y + /^([0-9a-zA-Z\._\- ]){1,255}$/u + Should be a string between 1 and 255 characters. Allowed characters are letters and numbers as well as underscore, minus, dot and space. + + + icmp + Y + + ICMP + TCP + SSL + SEND + + HTTP + + + + N + + + /^([0-9a-zA-Z\.,_\-:]){0,1024}$/u + lower + Please specify a valid servername or IP address. + N + + + N + Expected return code must be a number. + + + N + + + N + + + N + + + N + + + + + Y + /^([0-9a-zA-Z\._\- ]){1,255}$/u + Should be a string between 1 and 255 characters. Allowed characters are letters and numbers as well as underscore, minus, dot and space. + + + 0 + Y + + + relay + Y + + Relay + Redirection + + + + Y + /^([0-9a-zA-Z\.,_\-:]){0,1024}$/u + lower + Please specify a valid servername or IP address. + + + Y + 1 + 65535 + A valid Port number must be specified. + + + N + 1 + 65535 + A valid Port number must be specified. + + + N + N + + /^(?!0).*$/ + /^((?!dhcp).)*$/ + + + + forward + Y + + Forward + Route + + + + + + + Table not found + N + Y + + + N + 1 + 65535 + A valid Port number must be specified. + + + N + 2 + Check interval must be a multiple of the global interval. + + + N + 1 + The timeout must be greater than 0 + + + roundrobin + N + + Hash + Least States + Load Balance + Random + Round Robin + Source Hash + + + + + + + Table check not found + N + Y + + + + + + Table not found + N + N + + + N + 2 + Check interval must be a multiple of the global interval. + + + N + 1 + The timeout must be greater than 0 + + + + + + Table check not found + N + N + + + roundrobin + N + + Hash + Least States + Load Balance + Random + Round Robin + Source Hash + + + + 600 + N + 1 + 2147483647 + The timeout must be a number between 1 and 2147483647. + + + 0 + N + + + + + + Protocol not found + N + N + --> + + + + Y + /^([0-9a-zA-Z\._\- ]){1,255}$/u + Should be a string between 1 and 255 characters. Allowed characters are letters and numbers as well as underscore, minus, dot and space. + + + tcp + Y + + TCP + DNS + HTTP + + + + N + + +     + diff --git a/net/relayd/src/opnsense/mvc/app/views/OPNsense/Relayd/index.volt b/net/relayd/src/opnsense/mvc/app/views/OPNsense/Relayd/index.volt new file mode 100644 index 000000000..8b9f56056 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/views/OPNsense/Relayd/index.volt @@ -0,0 +1,359 @@ +{# + +Copyright © 2018 by EURO-LOG AG +All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, +this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, +this list of conditions and the following disclaimer in the documentation +and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, +OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +#} + + + + + + +
    +
    + {{ partial("layout_partials/base_form",['fields':formGeneralSettings,'id':'frm_GeneralSettings'])}} +
    + + + + +
    + +
    +
    +
    +
    + + + + + + + + + + + + + + + + + +
    {{ lang._('Name') }}{{ lang._('Address') }}{{ lang._('ID') }}{{ lang._('Edit') }} | {{ lang._('Delete') }}
    + + +
    +
    +
    + + + + + + + + + + + + + + + + + +
    {{ lang._('Name') }}{{ lang._('Type') }}{{ lang._('ID') }}{{ lang._('Edit') }} | {{ lang._('Delete') }}
    + + +
    +
    +
    + + + + + + + + + + + + + + + + + +
    {{ lang._('Enabled') }}{{ lang._('Name') }}{{ lang._('ID') }}{{ lang._('Edit') }} | {{ lang._('Delete') }}
    + + +
    +
    +
    + + + + + + + + + + + + + + + + + +
    {{ lang._('Name') }}{{ lang._('Type') }}{{ lang._('ID') }}{{ lang._('Edit') }} | {{ lang._('Delete') }}
    + + +
    +
    +
    + + + + + + + + + + + + + + + + + + +
    {{ lang._('Enabled') }}{{ lang._('Name') }}{{ lang._('Type') }}{{ lang._('ID') }}{{ lang._('Edit') }} | {{ lang._('Delete') }}
    + + +
    +
    + +
    +{# include dialogs #} +{{ partial("layout_partials/base_dialog",['fields':formDialogEditHost, 'id':'DialogEditHost', 'label':'Edit Host'])}} +{{ partial("layout_partials/base_dialog",['fields':formDialogEditTableCheck, 'id':'DialogEditTableCheck', 'label':'Edit Table Check'])}} +{{ partial("layout_partials/base_dialog",['fields':formDialogEditTable, 'id':'DialogEditTable', 'label':'Edit Table'])}} +{{ partial("layout_partials/base_dialog",['fields':formDialogEditProtocol, 'id':'DialogEditProtocol', 'label':'Edit Protocol'])}} +{{ partial("layout_partials/base_dialog",['fields':formDialogEditVirtualServer,'id':'DialogEditVirtualServer', 'label':'Edit Virtual Server'])}} diff --git a/net/relayd/src/opnsense/mvc/app/views/OPNsense/Relayd/status.volt b/net/relayd/src/opnsense/mvc/app/views/OPNsense/Relayd/status.volt new file mode 100644 index 000000000..0bcee42f7 --- /dev/null +++ b/net/relayd/src/opnsense/mvc/app/views/OPNsense/Relayd/status.volt @@ -0,0 +1,154 @@ +{# + +Copyright © 2018 by EURO-LOG AG +All rights reserved. + +Redistribution and use in source and binary forms, with or without modification, +are permitted provided that the following conditions are met: + +1. Redistributions of source code must retain the above copyright notice, +this list of conditions and the following disclaimer. + +2. Redistributions in binary form must reproduce the above copyright notice, +this list of conditions and the following disclaimer in the documentation +and/or other materials provided with the distribution. + +THIS SOFTWARE IS PROVIDED “AS IS” AND ANY EXPRESS OR IMPLIED WARRANTIES, +INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY +AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE +AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, +OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF +SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS +INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN +CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) +ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE +POSSIBILITY OF SUCH DAMAGE. + +#} + + + +
    + + + +
    {{ lang._('Virtual Server') }}{{ lang._('Table') }}{{ lang._('Host') }}
    +
    +
    + + + + +
    +
    + +
    +
    +
    +
    +
    diff --git a/net/relayd/src/opnsense/mvc/tests/app/compound/OPNsense/Relayd/RelaydTest.php b/net/relayd/src/opnsense/mvc/tests/app/compound/OPNsense/Relayd/RelaydTest.php new file mode 100644 index 000000000..91bf054ac --- /dev/null +++ b/net/relayd/src/opnsense/mvc/tests/app/compound/OPNsense/Relayd/RelaydTest.php @@ -0,0 +1,469 @@ +mdlRelayd->$nodeType->getNodes(); + foreach ($nodes as $nodeUuid => $node) { + self::$setRelayd->mdlRelayd->$nodeType->del($nodeUuid); + } + } + + /** + * test getAction + */ + public function testGet() + { + $this->assertInstanceOf('\OPNsense\Relayd\Api\SettingsController', self::$setRelayd); + $this->expectException(\Exception::class); + $response = self::$setRelayd->getAction('wrong_node_type'); + $testConfig = []; + $response = self::$setRelayd->getAction('general'); + $testConfig['general'] = $response['relayd']['general']; + + $this->assertEquals($response['status'], 'ok'); + $this->assertArrayHasKey('enabled', $response['relayd']['general']); + + return $testConfig; + } + + /** + * test searchAction + * @depends testGet + */ + public function testSearch($testConfig) + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + $_POST = array('current' => '1', 'rowCount' => '7'); + + foreach ($this->nodeTypes as $nodeType) { + $response = self::$setRelayd->searchAction($nodeType); + $this->assertArrayHasKey('total', $response); + $testConfig[$nodeType] = $response['rows']; + } + + return $testConfig; + } + + /** + * test delAction + * not really a test if the config is empty, but we will delete something later + * @depends testSearch + */ + public function testReset($testConfig) + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + foreach (array_reverse($this->nodeTypes) as $nodeType) { + foreach ($testConfig[$nodeType] as $node) { + $response = self::$setRelayd->delAction($nodeType, $node['uuid']); + $this->assertEquals($response['status'], 'ok'); + } + } + // need an assertion here to succeed this test on empty config + $this->assertTrue(true); + } + + /** + * test setAction general + * @depends testReset + */ + public function testSetGeneral() + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + + // interval too small + $_POST = array('relayd' => ['general' => ['interval' => '0']]); + $response = self::$setRelayd->setAction('general'); + $this->assertCount(1, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.general.interval']); + + // set correct interval and incorrect timeout (s. testServiceController) + $_POST = array('relayd' => ['general' => ['interval' => '10', 'timeout' => 86400, 'enabled' => '0']]); + $response = self::$setRelayd->setAction('general'); + $this->assertEquals($response['status'], 'ok'); + } + + /** + * test dirtyAction + * @depends testSetGeneral + */ + public function testDirtyAction() + { + $this->assertInstanceOf('\OPNsense\Relayd\Api\SettingsController', self::$setRelayd); + $response = self::$setRelayd->dirtyAction(); + $this->assertEquals($response['status'], 'ok'); + $this->assertEquals($response['relayd']['dirty'], true); + } + + /** + * test setAction for hosts + * @depends testReset + */ + public function testSetHost() + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + + // empty host name + $_POST = array('relayd' => ['host' => ['address' => '127.0.0.1']]); + $response = self::$setRelayd->setAction('host'); + $this->assertCount(1, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.host.name']); + $this->cleanupNodes('host'); + + // check mask + $_POST = array('relayd' => ['host' => ['name' => 'test$Host', 'address' => '127.0.0.$']]); + $response = self::$setRelayd->setAction('host'); + $this->assertCount(2, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.host.name']); + $this->assertNotEmpty($response['validations']['relayd.host.address']); + $this->cleanupNodes('host'); + + // create host for ServiceControllerTest + $_POST = array('relayd' => ['host' => ['name' => 'testHost', 'address' => '127.0.0.1']]); + $response = self::$setRelayd->setAction('host'); + $this->assertEquals($response['status'], 'ok'); + } + + /** + * test setAction for tables + * @depends testSetHost + */ + public function testSetTable() + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + + // check mask and missing host + $_POST = array('relayd' => ['table' => ['name' => 'test$Table', 'hosts' => 'aaa-111-bbb-222']]); + $response = self::$setRelayd->setAction('table'); + $this->assertCount(2, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.table.name']); + $this->assertNotEmpty($response['validations']['relayd.table.hosts']); + $this->cleanupNodes('table'); + + // create table for ServiceControllerTest + $_POST = array('current' => '1', 'rowCount' => '7', 'searchPhrase' => 'testHost'); + $response = self::$setRelayd->searchAction('host'); + $this->assertArrayHasKey('total', $response); + $_POST = array('relayd' => [ + 'table' => ['name' => 'testTable', 'enabled' => 1, 'hosts' => $response['rows'][0]['uuid']] + ]); + $response = self::$setRelayd->setAction('table'); + } + + /** + * test setAction for tablechecks + * @depends testSearch + * @depends testReset + */ + public function testSetTableCheck() + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + + // wrong option + $_POST = array('relayd' => ['tablecheck' => ['name' => 'test$Check', 'type' => 'ABCXYZ']]); + $response = self::$setRelayd->setAction('tablecheck'); + $this->assertCount(2, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.tablecheck.name']); + $this->assertNotEmpty($response['validations']['relayd.tablecheck.type']); + $this->cleanupNodes('tablecheck'); + + // type 'send' without 'expect' + $_POST = array('relayd' => ['tablecheck' => ['name' => 'testSend', 'type' => 'send']]); + $response = self::$setRelayd->setAction('tablecheck'); + $this->assertCount(1, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.tablecheck.expect']); + $this->cleanupNodes('tablecheck'); + + // type 'script' without 'path' + $_POST = array('relayd' => ['tablecheck' => ['name' => 'testScript', 'type' => 'script']]); + $response = self::$setRelayd->setAction('tablecheck'); + $this->assertCount(1, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.tablecheck.path']); + $this->cleanupNodes('tablecheck'); + + // type 'http' without 'code' and 'digest' + $_POST = array('relayd' => [ + 'tablecheck' => ['name' => 'testTableCheck', 'type' => 'http', 'path' => 'http://www.example.com'] + ]); + $response = self::$setRelayd->setAction('tablecheck'); + $this->assertCount(2, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.tablecheck.code']); + $this->assertNotEmpty($response['validations']['relayd.tablecheck.digest']); + $this->cleanupNodes('tablecheck'); + + // create tablecheck for ServiceControllerTest + $_POST = array('relayd' => [ + 'tablecheck' => [ + 'name' => 'testTableCheck', + 'type' => 'http', + 'path' => '/', + 'host' => 'localhost', + 'code' => '403', + 'ssl' => '1']]); + $response = self::$setRelayd->setAction('tablecheck'); + $this->assertEquals($response['status'], 'ok'); + } + + /** + * test setAction for protocols + * @depends testSearch + * @depends testReset + */ + public function testSetProtocol() + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + + // missing 'name' wrong 'type' + $_POST = array('relayd' => ['protocol' => ['name' => 'test$Protocol', 'type' => 'ABCXYZ']]); + $response = self::$setRelayd->setAction('protocol'); + $this->assertCount(2, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.protocol.name']); + $this->assertNotEmpty($response['validations']['relayd.protocol.type']); + $this->cleanupNodes('protocol'); + + // create protocol for ServiceControllerTest + $_POST = array('relayd' => [ + 'protocol' => ['name' => 'testProtocol', 'type' => 'tcp', 'options' => 'nodelay, socket buffer 65536'] + ]); + $response = self::$setRelayd->setAction('protocol'); + $this->assertEquals($response['status'], 'ok'); + } + + /** + * test setAction for virtualservers + * @depends testSearch + * @depends testReset + */ + public function testSetVirtualServer() + { + $_SERVER['REQUEST_METHOD'] = 'POST'; + + // search table and tablecheck + $_POST = array('current' => '1', 'rowCount' => '7', 'searchPhrase' => 'testTable'); + $response = self::$setRelayd->searchAction('table'); + $this->assertArrayHasKey('total', $response); + $tableUuid = $response['rows'][0]['uuid']; + $_POST = array('current' => '1', 'rowCount' => '7', 'searchPhrase' => 'testTableCheck'); + $response = self::$setRelayd->searchAction('tablecheck'); + $this->assertArrayHasKey('total', $response); + $tableCheckUuid = $response['rows'][0]['uuid']; + $_POST = array('current' => '1', 'rowCount' => '7', 'searchPhrase' => 'testProtocol'); + $response = self::$setRelayd->searchAction('protocol'); + $this->assertArrayHasKey('total', $response); + $protocolUuid = $response['rows'][0]['uuid']; + + // check mask, misisng table, tablecheck, wrong/missing listen port/address + $_POST = array('relayd' => [ + 'virtualserver' => [ + 'name' => 'test{}VirtualServer', + 'listen_startport' => '123456', + ]]); + $response = self::$setRelayd->setAction('virtualserver'); + $this->assertCount(5, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.virtualserver.name']); + $this->assertNotEmpty($response['validations']['relayd.virtualserver.listen_address']); + $this->assertNotEmpty($response['validations']['relayd.virtualserver.listen_startport']); + $this->assertNotEmpty($response['validations']['relayd.virtualserver.transport_table']); + $this->assertNotEmpty($response['validations']['relayd.virtualserver.transport_tablecheck']); + $this->cleanupNodes('virtualserver'); + + // wrong tablemodes, missing ModelRelationField targets + $_POST = array('relayd' => [ + 'virtualserver' => [ + 'name' => 'testVirtualServer', + 'listen_address' => '127.0.0.1', + 'listen_startport' => '444', + 'transport_table' => $tableUuid, + 'transport_tablemode' => 'least-states', + 'transport_tablecheck' => $tableCheckUuid, + ]]); + $response = self::$setRelayd->setAction('virtualserver'); + $this->assertCount(1, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.virtualserver.transport_tablemode']); + $this->cleanupNodes('virtualserver'); + + // wron scheduler, missing protocol + $_POST = array('relayd' => [ + 'virtualserver' => [ + 'name' => 'testVirtualServer', + 'type' => 'redirect', + 'listen_address' => '127.0.0.1', + 'listen_startport' => '444', + 'transport_table' => $tableUuid, + 'transport_tablemode' => 'least-states', + 'transport_tablecheck' => $tableCheckUuid, + 'backuptransport_table' => $tableUuid, + 'backuptransport_tablemode' => 'random', + 'backuptransport_tablecheck' => $tableCheckUuid, + 'protocol' => 'aaa-bbb-123-456' + ]]); + $response = self::$setRelayd->setAction('virtualserver'); + $this->assertCount(2, $response['validations']); + $this->assertEquals($response['result'], 'failed'); + $this->assertNotEmpty($response['validations']['relayd.virtualserver.backuptransport_tablemode']); + $this->assertNotEmpty($response['validations']['relayd.virtualserver.protocol']); + $this->cleanupNodes('virtualserver'); + + // create virtualserver for ServiceControllerTest + $_POST = array('relayd' => [ + 'virtualserver' => [ + 'name' => 'testVirtualServer', + 'enabled' => '1', + 'listen_address' => '127.0.0.1', + 'listen_startport' => '444', + 'transport_table' => $tableUuid, + 'transport_port' => '443', + 'transport_tablecheck' => $tableCheckUuid, + 'protocol' => $protocolUuid + ]]); + $response = self::$setRelayd->setAction('virtualserver'); + $this->assertEquals($response['status'], 'ok'); + } + + /** + * ServiceControllerTest + * @depends testSetGeneral + * @depends testSetHost + * @depends testSetTable + * @depends testSetTableCheck + * @depends testSetProtocol + * @depends testSetVirtualServer + */ + public function testServiceController() + { + $svcRelayd = new \OPNsense\Relayd\Api\ServiceController; + $_SERVER['REQUEST_METHOD'] = 'POST'; + + // stop possibly running service + $response = $svcRelayd->stopAction(); + $this->assertEquals($response['response'], "OK\n\n"); + + // generate template and test it by Relayd + $response = $svcRelayd->configtestAction(); + $this->assertEquals($response['template'], 'OK'); + $this->assertEquals( + $response['result'], + "global timeout exceeds interval\ntable timeout exceeds interval: testTable:443" + ); + $_POST = array('relayd' => ['general' => ['timeout' => '200']]); + $response = self::$setRelayd->setAction('general'); + $this->assertEquals($response['status'], 'ok'); + $response = $svcRelayd->configtestAction(); + $this->assertEquals($response['template'], 'OK'); + $this->assertEquals($response['result'], 'configuration OK'); + + // status + $response = $svcRelayd->statusAction(); + $this->assertEquals($response['status'], 'disabled'); + + // enable + $_POST = array('relayd' => ['general' => ['enabled' => '1']]); + $response = self::$setRelayd->setAction('general'); + $this->assertEquals($response['status'], 'ok'); + + // reconfigure + $response = $svcRelayd->reconfigureAction(); + $this->assertEquals($response['status'], 'ok'); + + // status + $response = $svcRelayd->statusAction(); + $this->assertEquals($response['status'], 'running'); + } + + /** + * StatusControllerTest + * @depends testServiceController + */ + public function testStatusController() + { + $statRelayd = new \OPNsense\Relayd\Api\StatusController; + $response = $statRelayd->sumAction(); + $this->assertEquals($response['result'], 'ok'); + $this->assertEquals($response['rows'][0]['type'], 'relay'); + $this->assertEquals($response['rows'][0]['name'], 'testVirtualServer'); + $this->assertEquals($response['rows'][0]['tables'][1]['name'], 'testTable:443'); + $this->assertEquals($response['rows'][0]['tables'][1]['status'], 'active (1 hosts)'); + $this->assertEquals($response['rows'][0]['tables'][1]['hosts'][1]['name'], '127.0.0.1'); + + $response = $statRelayd->toggleAction('table', 1, 'disable'); + $this->assertEquals($response['result'], 'ok'); + $this->assertEquals($response['output'], 'command succeeded'); + } + + /** + * cleanup config + * @depends testStatusController + */ + public function testCleanup() + { + $svcRelayd = new \OPNsense\Relayd\Api\ServiceController; + $response = $svcRelayd->stopAction(); + $this->assertEquals($response['response'], "OK\n\n"); + + foreach (array_reverse($this->nodeTypes) as $nodeType) { + $this->cleanupNodes($nodeType); + } + + $general = self::$setRelayd->mdlRelayd->getNodeByReference('general'); + $general->setNodes(array('enabled' => '0')); + + self::$setRelayd->mdlRelayd->serializeToConfig(); + Config::getInstance()->save(); + $this->assertTrue(true); + } +} diff --git a/net/relayd/src/opnsense/service/conf/actions.d/actions_relayd.conf b/net/relayd/src/opnsense/service/conf/actions.d/actions_relayd.conf new file mode 100644 index 000000000..3dae3b034 --- /dev/null +++ b/net/relayd/src/opnsense/service/conf/actions.d/actions_relayd.conf @@ -0,0 +1,38 @@ +[start] +command:/usr/local/etc/rc.d/os-relayd start +type:script +message:starting relayd + +[stop] +command:/usr/local/etc/rc.d/os-relayd stop +type:script +message:stopping relayd + +[status] +command:/usr/local/etc/rc.d/os-relayd status; exit 0 +type:script_output +message:get relayd status + +[restart] +command:/usr/local/etc/rc.d/os-relayd restart +type:script +message:restarting relayd + +[reload] +command:/usr/local/etc/rc.d/os-relayd reload +type:script +message:reload relayd configuration + +[configtest] +command: /usr/local/sbin/relayd -n 2>&1; exit 0 +type:script_output +message:testing relayd configuration + +[summary] +command: /usr/local/sbin/relayctl show summary; exit 0 +type:script_output + +[toggle] +command: /usr/local/sbin/relayctl +parameters:%s %s %s +type:script_output diff --git a/net/relayd/src/opnsense/service/templates/OPNsense/Relayd/+TARGETS b/net/relayd/src/opnsense/service/templates/OPNsense/Relayd/+TARGETS new file mode 100644 index 000000000..e9e0416b5 --- /dev/null +++ b/net/relayd/src/opnsense/service/templates/OPNsense/Relayd/+TARGETS @@ -0,0 +1,2 @@ +relayd.conf:/usr/local/etc/relayd.conf +rc.conf.d:/etc/rc.conf.d/osrelayd diff --git a/net/relayd/src/opnsense/service/templates/OPNsense/Relayd/rc.conf.d b/net/relayd/src/opnsense/service/templates/OPNsense/Relayd/rc.conf.d new file mode 100644 index 000000000..22aa1e2a9 --- /dev/null +++ b/net/relayd/src/opnsense/service/templates/OPNsense/Relayd/rc.conf.d @@ -0,0 +1,6 @@ +# DO NOT EDIT THIS FILE -- OPNsense auto-generated file +{% if helpers.exists('OPNsense.relayd.general.enabled') and OPNsense.relayd.general.enabled|default("0") == "1" %} +osrelayd_enable="YES" +{% else %} +osrelayd_enable="NO" +{% endif %} diff --git a/net/relayd/src/opnsense/service/templates/OPNsense/Relayd/relayd.conf b/net/relayd/src/opnsense/service/templates/OPNsense/Relayd/relayd.conf new file mode 100644 index 000000000..f2af21fe1 --- /dev/null +++ b/net/relayd/src/opnsense/service/templates/OPNsense/Relayd/relayd.conf @@ -0,0 +1,157 @@ +# DO NOT EDIT THIS FILE -- OPNsense auto-generated file + +{% from 'OPNsense/Macros/interface.macro' import physical_interface %} +{% if helpers.exists('OPNsense.relayd.general') %} +{% if helpers.exists('OPNsense.relayd.general.interval') %} +interval {{ OPNsense.relayd.general.interval }} +{% endif %} +{% if helpers.exists('OPNsense.relayd.general.log') %} +log {{ OPNsense.relayd.general.log }} +{% endif %} +{% if helpers.exists('OPNsense.relayd.general.prefork') %} +prefork {{ OPNsense.relayd.general.prefork }} +{% endif %} +{% if helpers.exists('OPNsense.relayd.general.timeout') %} +timeout {{ OPNsense.relayd.general.timeout }} +{% endif %} +{% endif %} + +{% if helpers.exists('OPNsense.relayd.table') %} +{% for table in helpers.toList('OPNsense.relayd.table') %} +{% set name = table.name %} +{% set disable = '' %} +{% set hosts = '' %} +{% if table.enabled|default('1') == '0' %} +{% set disable = ' disable' %} +{% endif %} +table <{{ name }}>{{ disable }} { +{% for host in table.hosts.split(",") %} +{% set host = helpers.getUUID(host) %} +{% set ipTTL = " ip ttl " ~ host.ipTTL if host.ipTTL is defined %} +{% set priority = " priority " ~ host.priority if host.priority is defined %} +{% set retry = " retry " ~ host.retry if host.retry is defined %} +{{ host.address }}{{ ipTTL }}{{ priority }}{{ retry }} +{% endfor %} +} +{% endfor %} +{% endif %} + +{% if helpers.exists('OPNsense.relayd.protocol') %} +{% for protocol in helpers.toList('OPNsense.relayd.protocol') %} +protocol "{{protocol.name}}" { +{{ protocol.type }} { {{ protocol.options }} } +} +{% endfor %} +{% endif %} + +{% if helpers.exists('OPNsense.relayd.virtualserver') %} +{% for virtualserver in helpers.toList('OPNsense.relayd.virtualserver') %} +{{ virtualserver.type }} "{{virtualserver.name}}" { +{% if virtualserver.enabled|default('1') == '0' %} +disable +{% endif %} +{% set listen = "listen on " ~ virtualserver.listen_address %} +{% if virtualserver.listen_startport is defined %} +{% set listen = listen ~ " port " ~ virtualserver.listen_startport %} +{% if virtualserver.listen_endport is defined and virtualserver.type == 'redirect'%} +{% set listen = listen ~ ":" ~ virtualserver.listen_endport %} +{% endif %} +{% endif %} +{% if virtualserver.listen_interface is defined and virtualserver.type == 'redirect' %} +{% set listen = listen ~ " interface " ~ physical_interface(virtualserver.listen_interface) %} +{% endif %} +{{ listen }} +{% set transport_type = 'forward' %} +{% if virtualserver.type == 'redirect' %} +{% set transport_type = virtualserver.transport_type %} +{% endif %} +{% set table = helpers.getUUID(virtualserver.transport_table) %} +{% set tablecheck = helpers.getUUID(virtualserver.transport_tablecheck) %} +{% set _tablecheck = '' %} +{% if tablecheck.type == 'http' %} +{% if tablecheck.path is defined %} +{% if tablecheck.ssl|default('0') == '1' %} +{% set _tablecheck = 'check ' ~ tablecheck.type ~ 's' %} +{% endif %} +{% set _tablecheck = _tablecheck ~ ' "' ~ tablecheck.path ~ '"' %} +{% if tablecheck.host is defined %} +{% set _tablecheck = _tablecheck ~ ' host ' ~ tablecheck.host %} +{% endif %} +{% if tablecheck.code is defined %} +{% set _tablecheck = _tablecheck ~ ' code ' ~ tablecheck.code %} +{% elif tablecheck.digest is defined %} +{% set _tablecheck = _tablecheck ~ ' digest "' ~ tablecheck.digest ~ '"' %} +{% else %} +{% set _tablecheck = '' %} +{% endif %} +{% endif %} +{% elif tablecheck.type == 'script' %} +{% if tablecheck.path is defined %} +{% set _tablecheck = 'check ' ~ tablecheck.type ~ ' "' ~ tablecheck.path ~ '"' %} +{% endif %} +{% elif tablecheck.type == 'send' %} +{% if tablecheck.expect is defined %} +{% set _tablecheck = 'check ' ~ tablecheck.type ~ ' "' ~ tablecheck.data ~ '" expect "' ~ tablecheck.expect ~ '"' %} +{% if tablecheck.ssl|default('0') == '1' %} +{% set _tablecheck = _tablecheck ~ ' ssl' %} +{% endif %} +{% endif %} +{% else %} +{% set _tablecheck = 'check ' ~ tablecheck.type %} +{% endif %} +{% set port = " port " ~ virtualserver.transport_port if virtualserver.transport_port is defined %} +{% set timeout = " timeout " ~ virtualserver.transport_timeout if virtualserver.transport_timeout is defined %} +{% set interval = " interval " ~ virtualserver.transport_interval if virtualserver.transport_interval is defined %} +{{ transport_type }} to <{{ table.name }}>{{ port }} mode {{ virtualserver.transport_tablemode }}{{ timeout }} {{ interval }} {{ _tablecheck }} +{% if virtualserver.backuptransport_table is defined and virtualserver.transport_type == 'forward' %} +{% set backuptable = helpers.getUUID(virtualserver.backuptransport_table) %} +{% set backuptablecheck = helpers.getUUID(virtualserver.backuptransport_tablecheck) if virtualserver.backuptransport_tablecheck is defined %} +{% set _backuptablecheck = '' %} +{% if backuptablecheck.type == 'http' %} +{% if backuptablecheck.path is defined %} +{% if backuptablecheck.ssl|default('0') == '1' %} +{% set _backuptablecheck = 'check ' ~ backuptablecheck.type ~ 's' %} +{% endif %} +{% set _backuptablecheck = _backuptablecheck ~ ' "' ~ backuptablecheck.path ~ '"' %} +{% if backuptablecheck.host is defined %} +{% set _backuptablecheck = _backuptablecheck ~ ' host ' ~ backuptablecheck.host %} +{% endif %} +{% if backuptablecheck.code is defined %} +{% set _backuptablecheck = _backuptablecheck ~ ' code ' ~ backuptablecheck.code %} +{% elif backuptablecheck.digest is defined %} +{% set _backuptablecheck = _backuptablecheck ~ ' digest "' ~ backuptablecheck.digest ~ '"' %} +{% else %} +{% set _backuptablecheck = '' %} +{% endif %} +{% endif %} +{% elif backuptablecheck.type == 'script' %} +{% if backuptablecheck.path is defined %} +{% set _backuptablecheck = 'check ' ~ backuptablecheck.type ~ ' "' ~ backuptablecheck.path ~ '"' %} +{% endif %} +{% elif backuptablecheck.type == 'send' %} +{% if backuptablecheck.expect is defined %} +{% set _backuptablecheck = 'check ' ~ backuptablecheck.type ~ ' "' ~ backuptablecheck.data ~ '" expect "' ~ backuptablecheck.expect ~ '"' %} +{% if backuptablecheck.ssl|default('0') == '1' %} +{% set _backuptablecheck = _backuptablecheck ~ ' ssl' %} +{% endif %} +{% endif %} +{% else %} +{% set _backuptablecheck = 'check ' ~ backuptablecheck.type %} +{% endif %} +{% set backuptimeout = " timeout " ~ virtualserver.backuptransport_timeout if virtualserver.backuptransport_timeout is defined %} +{% set backupinterval = " interval " ~ virtualserver.backuptransport_interval if virtualserver.backuptransport_interval is defined %} +{{ transport_type }} to <{{ backuptable.name }}>{{ port }} mode {{ virtualserver.transport_tablemode }}{{ backuptimeout }} {{ backupinterval }} {{ _backuptablecheck }} +{% endif %} +{% if virtualserver.sessiontimeout is defined %} +session timeout {{ virtualserver.sessiontimeout }} +{% endif %} +{% if virtualserver.stickyaddress|default('0') == '1' and virtualserver.type == 'redirect' %} +sticky-address +{% endif %} +{% if virtualserver.protocol is defined and virtualserver.type == 'relay' %} +{% set protocol = helpers.getUUID(virtualserver.protocol) %} +protocol "{{ protocol.name }}" +{% endif %} +} +{% endfor %} +{% endif %} diff --git a/net/relayd/src/www/diag_logs_relayd.php b/net/relayd/src/www/diag_logs_relayd.php index 4bb293dec..638402307 100644 --- a/net/relayd/src/www/diag_logs_relayd.php +++ b/net/relayd/src/www/diag_logs_relayd.php @@ -3,4 +3,6 @@ $logfile = '/var/log/relayd.log'; $logclog = true; +$service_hook = 'relayd'; + require_once 'diag_logs_template.inc'; diff --git a/net/relayd/src/www/load_balancer_monitor.php b/net/relayd/src/www/load_balancer_monitor.php deleted file mode 100644 index 252fa376f..000000000 --- a/net/relayd/src/www/load_balancer_monitor.php +++ /dev/null @@ -1,165 +0,0 @@ -. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("filter.inc"); -require_once("services.inc"); -require_once("plugins.inc.d/relayd.inc"); -require_once("interfaces.inc"); - -$a_monitor = &config_read_array('load_balancer', 'monitor_type'); - -if ($_SERVER['REQUEST_METHOD'] === 'POST') { - if (isset($_POST['act']) && $_POST['act'] == "del") { - if (isset($_POST['id']) && !empty($a_monitor[$_POST['id']])){ - $input_errors = array(); - /* make sure no pools reference this entry */ - if (is_array($config['load_balancer']['lbpool'])) { - foreach ($config['load_balancer']['lbpool'] as $pool) { - if ($pool['monitor'] == $a_monitor[$_GET['id']]['name']) { - $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by at least one pool."); - break; - } - } - } - if (count($input_errors) == 0) { - unset($a_monitor[$_POST['id']]); - write_config(); - mark_subsystem_dirty('loadbalancer'); - } else { - echo implode('\n', $input_errors); - } - } - exit; - } elseif (!empty($_POST['apply'])) { - relayd_configure_do(); - filter_configure(); - clear_subsystem_dirty('loadbalancer'); - header(url_safe('Location: /load_balancer_monitor.php')); - exit; - } -} - -$service_hook = 'relayd'; - -include("head.inc"); -legacy_html_escape_form_data($a_monitor); -$main_buttons = array( - array('label'=>gettext('Add'), 'href'=>'load_balancer_monitor_edit.php'), -); - -?> - - - - - -
    -
    -
    -
    - " . gettext("You must apply the changes in order for them to take effect."));?>
    - -
    -
    -
    - - - - - - - - - - - - - - - - - - - -
    - - - - - - -
    -
    -
    -
    -
    -
    - diff --git a/net/relayd/src/www/load_balancer_monitor_edit.php b/net/relayd/src/www/load_balancer_monitor_edit.php deleted file mode 100644 index dbfaa8996..000000000 --- a/net/relayd/src/www/load_balancer_monitor_edit.php +++ /dev/null @@ -1,336 +0,0 @@ -. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("services.inc"); -require_once("interfaces.inc"); - -$rfc2616 = array( - 100 => "100 Continue", - 101 => "101 Switching Protocols", - 200 => "200 OK", - 201 => "201 Created", - 202 => "202 Accepted", - 203 => "203 Non-Authoritative Information", - 204 => "204 No Content", - 205 => "205 Reset Content", - 206 => "206 Partial Content", - 300 => "300 Multiple Choices", - 301 => "301 Moved Permanently", - 302 => "302 Found", - 303 => "303 See Other", - 304 => "304 Not Modified", - 305 => "305 Use Proxy", - 306 => "306 (Unused)", - 307 => "307 Temporary Redirect", - 400 => "400 Bad Request", - 401 => "401 Unauthorized", - 402 => "402 Payment Required", - 403 => "403 Forbidden", - 404 => "404 Not Found", - 405 => "405 Method Not Allowed", - 406 => "406 Not Acceptable", - 407 => "407 Proxy Authentication Required", - 408 => "408 Request Timeout", - 409 => "409 Conflict", - 410 => "410 Gone", - 411 => "411 Length Required", - 412 => "412 Precondition Failed", - 413 => "413 Request Entity Too Large", - 414 => "414 Request-URI Too Long", - 415 => "415 Unsupported Media Type", - 416 => "416 Requested Range Not Satisfiable", - 417 => "417 Expectation Failed", - 500 => "500 Internal Server Error", - 501 => "501 Not Implemented", - 502 => "502 Bad Gateway", - 503 => "503 Service Unavailable", - 504 => "504 Gateway Timeout", - 505 => "505 HTTP Version Not Supported" -); - -$a_monitor = &config_read_array('load_balancer', 'monitor_type'); - - -if ($_SERVER['REQUEST_METHOD'] === 'GET') { - if (isset($_GET['id']) && !empty($a_monitor[$_GET['id']])) { - $id = $_GET['id']; - } - $pconfig = array(); - foreach (array('name', 'type', 'descr') as $fieldname) { - if (isset($id) && isset($a_monitor[$id][$fieldname])) { - $pconfig[$fieldname] = $a_monitor[$id][$fieldname]; - } else { - $pconfig[$fieldname] = null; - } - } - if (isset($id)) { - $pconfig['options_send'] = isset($a_monitor[$id]['options']['send']) ? $a_monitor[$id]['options']['send'] : null; - $pconfig['options_expect'] = isset($a_monitor[$id]['options']['expect']) ? $a_monitor[$id]['options']['expect'] : null; - $pconfig['options_path'] = isset($a_monitor[$id]['options']['path']) ? $a_monitor[$id]['options']['path'] : null; - $pconfig['options_host'] = isset($a_monitor[$id]['options']['host']) ? $a_monitor[$id]['options']['host'] : null; - $pconfig['options_code'] = isset($a_monitor[$id]['options']['code']) ? $a_monitor[$id]['options']['code'] : null; - } else { - /* option defaults */ - $pconfig['options_send'] = null; - $pconfig['options_expect'] = null; - $pconfig['options_path'] = '/'; - $pconfig['options_code'] = 200; - $pconfig['options_host'] = null; - } -} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') { - if (isset($_POST['id']) && !empty($a_monitor[$_POST['id']])) { - $id = $_POST['id']; - } - $pconfig = $_POST; - $input_errors = array(); - - /* input validation */ - $reqdfields = explode(" ", "name type descr"); - $reqdfieldsn = array(gettext("Name"),gettext("Type"),gettext("Description")); - - do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors); - /* Ensure that our monitor names are unique */ - for ($i=0; isset($config['load_balancer']['monitor_type'][$i]); $i++) { - if ($pconfig['name'] == $config['load_balancer']['monitor_type'][$i]['name'] && $i != $id) { - $input_errors[] = gettext("This monitor name has already been used. Monitor names must be unique."); - } - } - - if (strpos($pconfig['name'], " ") !== false) { - $input_errors[] = gettext("You cannot use spaces in the 'name' field."); - } - switch($pconfig['type']) { - case 'icmp': - case 'tcp': - break; - case 'http': - case 'https': - if (!empty($pconfig['options_host']) && !is_hostname($pconfig['options_host'])) { - $input_errors[] = gettext("The hostname can only contain the characters A-Z, 0-9 and '-'."); - } - if (!empty($pconfig['options_code']) && !isset($rfc2616[$pconfig['options_code']])) { - $input_errors[] = gettext("HTTP(S) codes must be from RFC 2616."); - } - if (empty($pconfig['options_path'])) { - $input_errors[] = gettext("The path to monitor must be set."); - } - break; - case 'send': - break; - } - - if (count($input_errors) == 0) { - $monent = array(); - $monent['name'] = $pconfig['name']; - $monent['type'] = $pconfig['type']; - $monent['descr'] = $pconfig['descr']; - $monent['options'] = array(); - if($pconfig['type'] == "http" || $pconfig['type'] == "https") { - $monent['options']['path'] = $pconfig['options_path']; - $monent['options']['host'] = $pconfig['options_host']; - $monent['options']['code'] = $pconfig['options_code']; - } elseif ($pconfig['type'] == "send") { - $monent['options']['send'] = $pconfig['options_send']; - $monent['options']['expect'] = $pconfig['options_expect']; - } - - if (isset($id)) { - /* modify all pools with this name */ - for ($i = 0; isset($config['load_balancer']['lbpool'][$i]); $i++) { - if ($config['load_balancer']['lbpool'][$i]['monitor'] == $a_monitor[$id]['name']) { - $config['load_balancer']['lbpool'][$i]['monitor'] = $monent['name']; - } - } - $a_monitor[$id] = $monent; - } else { - $a_monitor[] = $monent; - } - - mark_subsystem_dirty('loadbalancer'); - write_config(); - header(url_safe('Location: /load_balancer_monitor.php')); - exit; - } -} - -$service_hook = 'relayd'; - -include("head.inc"); -legacy_html_escape_form_data($pconfig); -$types = array("icmp" => gettext("ICMP"), "tcp" => gettext("TCP"), "http" => gettext("HTTP"), "https" => gettext("HTTPS"), "send" => gettext("Send/Expect")); -?> - - - - - -
    -
    -
    - 0) print_input_errors($input_errors); ?> -
    -
    -
    -
    - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - -
    - -
    - -
    - -
      - " /> - " onclick="window.location.href='/load_balancer_monitor.php'" /> - - - -
    -
    -
    -
    -
    -
    -
    -
    - diff --git a/net/relayd/src/www/load_balancer_pool.php b/net/relayd/src/www/load_balancer_pool.php deleted file mode 100644 index 28b64c044..000000000 --- a/net/relayd/src/www/load_balancer_pool.php +++ /dev/null @@ -1,193 +0,0 @@ -. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("filter.inc"); -require_once("services.inc"); -require_once("plugins.inc.d/relayd.inc"); -require_once("interfaces.inc"); - -$a_pool = &config_read_array('load_balancer', 'lbpool'); - -if ($_SERVER['REQUEST_METHOD'] === 'POST') { - if (isset($_POST['act']) && $_POST['act'] == "del") { - if (isset($_POST['id']) && !empty($a_pool[$_POST['id']])){ - $input_errors = array(); - /* make sure no virtual servers reference this entry */ - if (is_array($config['load_balancer']['virtual_server'])) { - foreach ($config['load_balancer']['virtual_server'] as $vs) { - if ($vs['poolname'] == $a_pool[$_POST['id']]['name']) { - $input_errors[] = gettext("This entry cannot be deleted because it is still referenced by at least one virtual server."); - break; - } - } - } - if (count($input_errors) == 0) { - unset($a_pool[$_POST['id']]); - write_config(); - mark_subsystem_dirty('loadbalancer'); - } else { - echo implode('\n', $input_errors); - } - } - exit; - } elseif (!empty($_POST['apply'])) { - relayd_configure_do(); - filter_configure(); - clear_subsystem_dirty('loadbalancer'); - header(url_safe('Location: /load_balancer_monitor.php')); - exit; - } -} - -/* Index monitor_type array for easy hyperlinking */ -$mondex = array(); -for ($i = 0; isset($config['load_balancer']['monitor_type'][$i]); $i++) { - $mondex[$config['load_balancer']['monitor_type'][$i]['name']] = $i; -} - - -$service_hook = 'relayd'; - -include("head.inc"); -legacy_html_escape_form_data($a_pool); -$main_buttons = array( - array('label'=>gettext('Add'), 'href'=>'load_balancer_pool_edit.php'), -); - -?> - - - - - -
    -
    -
    -
    - "));?>
    - -
    -
    -
    -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    ', $pool['servers']) : '' ?> - - - - - - - - - "> - - -
    - ', ''); ?> -
    -
    -
    -
    -
    -
    -
    -
    - diff --git a/net/relayd/src/www/load_balancer_pool_edit.php b/net/relayd/src/www/load_balancer_pool_edit.php deleted file mode 100644 index e5d8f58d7..000000000 --- a/net/relayd/src/www/load_balancer_pool_edit.php +++ /dev/null @@ -1,386 +0,0 @@ -. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("services.inc"); -require_once("interfaces.inc"); - - -$a_pool = &config_read_array('load_balancer', 'lbpool'); - - -$copy_fields = array('name', 'mode', 'descr', 'port', 'retry', 'monitor', 'servers', 'serversdisabled'); -if ($_SERVER['REQUEST_METHOD'] === 'GET') { - if (isset($_GET['id']) && !empty($a_pool[$_GET['id']])) { - $id = $_GET['id']; - } - $pconfig = array(); - - // copy fields - foreach ($copy_fields as $fieldname) { - if (isset($id) && isset($a_pool[$id][$fieldname])) { - $pconfig[$fieldname] = $a_pool[$id][$fieldname]; - } else { - $pconfig[$fieldname] = null; - } - } - - // init arrays - $pconfig['servers'] = is_array($pconfig['servers']) ? $pconfig['servers'] : array(); - $pconfig['serversdisabled'] = is_array($pconfig['serversdisabled']) ? $pconfig['serversdisabled'] : array(); -} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') { - if (isset($_POST['id']) && !empty($a_pool[$_POST['id']])) { - $id = $_POST['id']; - } - $pconfig = $_POST; - $input_errors = array(); - /* input validation */ - $reqdfields = explode(" ", "name mode port monitor servers"); - $reqdfieldsn = array(gettext("Name"),gettext("Mode"),gettext("Port"),gettext("Monitor"),gettext("Server List")); - - do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors); - - /* Ensure that our pool names are unique */ - for ($i=0; isset($config['load_balancer']['lbpool'][$i]); $i++) { - if ($pconfig['name'] == $config['load_balancer']['lbpool'][$i]['name'] && $i != $id) { - $input_errors[] = gettext("This pool name has already been used. Pool names must be unique."); - } - } - - if (strpos($pconfig['name'], " ") !== false) { - $input_errors[] = gettext("You cannot use spaces in the 'name' field."); - } - - if (in_array($pconfig['name'], $reserved_table_names)) { - $input_errors[] = sprintf(gettext("The name '%s' is a reserved word and cannot be used."), $_POST['name']); - } - - if (is_alias($pconfig['name'])) { - $input_errors[] = sprintf(gettext("Sorry, an alias is already named %s."), $_POST['name']); - } - - if (!is_portoralias($pconfig['port'])) { - $input_errors[] = gettext("The port must be an integer between 1 and 65535, or a port alias."); - } - - // May as well use is_port as we want a positive integer and such. - if (!empty($pconfig['retry']) && !is_port($pconfig['retry'])) { - $input_errors[] = gettext("The retry value must be an integer between 1 and 65535."); - } - - if (is_array($pconfig['servers'])) { - foreach($pconfig['servers'] as $svrent) { - if (!is_ipaddr($svrent) && !is_subnetv4($svrent)) { - $input_errors[] = sprintf(gettext("%s is not a valid IP address or IPv4 subnet (in \"enabled\" list)."), $svrent); - } elseif (is_subnetv4($svrent) && subnet_size($svrent) > 64) { - $input_errors[] = sprintf(gettext("%s is a subnet containing more than 64 IP addresses (in \"enabled\" list)."), $svrent); - } - } - } - if (is_array($pconfig['serversdisabled'])) { - foreach($pconfig['serversdisabled'] as $svrent) { - if (!is_ipaddr($svrent) && !is_subnetv4($svrent)) { - $input_errors[] = sprintf(gettext("%s is not a valid IP address or IPv4 subnet (in \"disabled\" list)."), $svrent); - } elseif (is_subnetv4($svrent) && subnet_size($svrent) > 64) { - $input_errors[] = sprintf(gettext("%s is a subnet containing more than 64 IP addresses (in \"disabled\" list)."), $svrent); - } - } - } - $m = array(); - for ($i=0; isset($config['load_balancer']['monitor_type'][$i]); $i++) { - $m[$config['load_balancer']['monitor_type'][$i]['name']] = $config['load_balancer']['monitor_type'][$i]; - } - if (!isset($m[$pconfig['monitor']])) { - $input_errors[] = gettext("Invalid monitor chosen."); - } - if (count($input_errors) == 0) { - $poolent = array(); - foreach ($copy_fields as $fieldname) { - $poolent[$fieldname] = $pconfig[$fieldname]; - } - - if (isset($id)) { - /* modify all virtual servers with this name */ - for ($i = 0; isset($config['load_balancer']['virtual_server'][$i]); $i++) { - if ($config['load_balancer']['virtual_server'][$i]['lbpool'] == $a_pool[$id]['name']) { - $config['load_balancer']['virtual_server'][$i]['lbpool'] = $poolent['name']; - } - } - $a_pool[$id] = $poolent; - } else { - $a_pool[] = $poolent; - } - - mark_subsystem_dirty('loadbalancer'); - write_config(); - header(url_safe('Location: /load_balancer_pool.php')); - exit; - } -} - -$service_hook = 'relayd'; -legacy_html_escape_form_data($pconfig); - -include("head.inc"); - -?> - - - - - - - -
    -
    -
    - 0) print_input_errors($input_errors); ?> -
    -
    -
    -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - - - -
    - -
    - -
    - size="64" /> -
    - - -
    - - -
    - -
    -
    - - - - -
    -
    - - - - - - - - - - - - - - - -
    - -
    - -     		-
    - -     		- -
    - -
    -
      -
    - "/> - " onclick="window.location.href='/load_balancer_pool.php'" /> - - - -
    -
    -
    -
    -
    -
    -
    -
    - - diff --git a/net/relayd/src/www/load_balancer_setting.php b/net/relayd/src/www/load_balancer_setting.php deleted file mode 100644 index f654e6916..000000000 --- a/net/relayd/src/www/load_balancer_setting.php +++ /dev/null @@ -1,178 +0,0 @@ - - Copyright (C) 2012 Pierre POMES - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("filter.inc"); -require_once("services.inc"); -require_once("plugins.inc.d/relayd.inc"); -require_once("interfaces.inc"); - -config_read_array('load_balancer', 'setting'); - -if ($_SERVER['REQUEST_METHOD'] === 'GET') { - $pconfig = array(); - $pconfig['timeout'] = !empty($config['load_balancer']['setting']['timeout']) ? $config['load_balancer']['setting']['timeout'] : null; - $pconfig['interval'] = !empty($config['load_balancer']['setting']['interval']) ? $config['load_balancer']['setting']['interval'] : null; - $pconfig['prefork'] = !empty($config['load_balancer']['setting']['prefork']) ? $config['load_balancer']['setting']['prefork'] : null; - $pconfig['lb_use_sticky'] = isset($config['load_balancer']['setting']['lb_use_sticky']); -} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') { - $pconfig = $_POST; - $input_errors = array(); - if (!empty($pconfig['apply'])) { - relayd_configure_do(); - filter_configure(); - clear_subsystem_dirty('loadbalancer'); - header(url_safe('Location: /load_balancer_setting.php')); - exit; - } else { - /* input validation */ - if (!empty($pconfig['timeout']) && !is_numeric($pconfig['timeout'])) { - $input_errors[] = gettext("Timeout must be a numeric value"); - } - - if (!empty($pconfig['interval']) && !is_numeric($pconfig['interval'])) { - $input_errors[] = gettext("Interval must be a numeric value"); - } - - if (!empty($pconfig['prefork'])) { - if (!is_numeric($pconfig['prefork'])) { - $input_errors[] = gettext("Prefork must be a numeric value"); - } elseif ($pconfig['prefork']<=0 || $pconfig['prefork']>32) { - $input_errors[] = gettext("Prefork value must be between 1 and 32"); - } - } - if (count($input_errors) == 0) { - $config['load_balancer']['setting']['timeout'] = $pconfig['timeout']; - $config['load_balancer']['setting']['interval'] = $pconfig['interval']; - $config['load_balancer']['setting']['prefork'] = $pconfig['prefork']; - - if (!empty($pconfig['lb_use_sticky'])) { - $config['load_balancer']['setting']['lb_use_sticky'] = true; - } elseif (isset($config['load_balancer']['setting']['lb_use_sticky'])) { - unset($config['load_balancer']['setting']['lb_use_sticky']); - } - - write_config(); - mark_subsystem_dirty('loadbalancer'); - header(url_safe('Location: /load_balancer_setting.php')); - exit; - } - } -} - -$service_hook = 'relayd'; -legacy_html_escape_form_data($pconfig); - -include("head.inc"); - -?> - - -
    -
    -
    - 0) print_input_errors($input_errors); ?> -
    - " . gettext("You must apply the changes in order for them to take effect."));?>
    - -
    -
    -
    -
    - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - - - -
    - - -
    - - -
    - - -
    - /> -
    - -
      - " /> -
    -
    -
    - -
    -
    -
    -
    -
    - - diff --git a/net/relayd/src/www/load_balancer_virtual_server.php b/net/relayd/src/www/load_balancer_virtual_server.php deleted file mode 100644 index 08d61641e..000000000 --- a/net/relayd/src/www/load_balancer_virtual_server.php +++ /dev/null @@ -1,178 +0,0 @@ -. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("filter.inc"); -require_once("plugins.inc.d/relayd.inc"); -require_once("services.inc"); -require_once("interfaces.inc"); - -$a_vs = &config_read_array('load_balancer', 'virtual_server'); - -if ($_SERVER['REQUEST_METHOD'] === 'POST') { - if (isset($_POST['act']) && $_POST['act'] == "del") { - if (isset($_POST['id']) && !empty($a_vs[$_POST['id']])){ - relayd_cleanup_lb_mark_anchor($a_vs[$_POST['id']]['name']); - unset($a_vs[$_POST['id']]); - write_config(); - mark_subsystem_dirty('loadbalancer'); - } - exit; - } elseif (!empty($_POST['apply'])) { - relayd_configure_do(); - filter_configure(); - /* Wipe out old relayd anchors no longer in use. */ - relayd_cleanup_lb_marked(); - clear_subsystem_dirty('loadbalancer'); - header(url_safe('Location: /load_balancer_virtual_server.php')); - exit; - } -} - -/* Index lbpool array for easy hyperlinking */ -$poodex = array(); -for ($i = 0; isset($config['load_balancer']['lbpool'][$i]); $i++) { - $poodex[$config['load_balancer']['lbpool'][$i]['name']] = $i; -} - - -$service_hook = 'relayd'; - -include("head.inc"); -legacy_html_escape_form_data($a_vs); -$main_buttons = array( - array('label'=>gettext('Add'), 'href'=>'load_balancer_virtual_server_edit.php'), -); -?> - - - - - -
    -
    -
    -
    - " . gettext("You must apply the changes in order for them to take effect."));?>
    - -
    -
    -
    -
    - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - - - - - - - - - - - - - - - - - - "> - - -
    -
    -
    -
    -
    -
    -
    -
    - - diff --git a/net/relayd/src/www/load_balancer_virtual_server_edit.php b/net/relayd/src/www/load_balancer_virtual_server_edit.php deleted file mode 100644 index dd4f6d2ca..000000000 --- a/net/relayd/src/www/load_balancer_virtual_server_edit.php +++ /dev/null @@ -1,356 +0,0 @@ -. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("services.inc"); -require_once("plugins.inc.d/relayd.inc"); -require_once("interfaces.inc"); - -$a_vs = &config_read_array('load_balancer', 'virtual_server'); - - -$copy_fields=array('name', 'descr', 'poolname', 'port', 'sitedown', 'ipaddr', 'mode', 'relay_protocol', 'sessiontimeout'); -if ($_SERVER['REQUEST_METHOD'] === 'GET') { - if (isset($_GET['id']) && !empty($a_vs[$_GET['id']])) { - $id = $_GET['id']; - } - $pconfig = array(); - // copy fields - foreach ($copy_fields as $fieldname) { - if (isset($id) && isset($a_vs[$id][$fieldname])) { - $pconfig[$fieldname] = $a_vs[$id][$fieldname]; - } else { - $pconfig[$fieldname] = null; - } - } -} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') { - if (isset($_POST['id']) && !empty($a_vs[$_POST['id']])) { - $id = $_POST['id']; - } - $pconfig = $_POST; - $input_errors = array(); - - /* input validation */ - switch($pconfig['mode']) { - case "redirect": - $reqdfields = explode(" ", "ipaddr name mode"); - $reqdfieldsn = array(gettext("IP Address"),gettext("Name"),gettext("Mode")); - break; - case "relay": - $reqdfields = explode(" ", "ipaddr name mode relay_protocol"); - $reqdfieldsn = array(gettext("IP Address"),gettext("Name"),gettext("Relay Protocol")); - break; - } - - do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors); - - for ($i=0; isset($config['load_balancer']['virtual_server'][$i]); $i++) { - if (($pconfig['name'] == $config['load_balancer']['virtual_server'][$i]['name']) && ($i != $id)) { - $input_errors[] = gettext("This virtual server name has already been used. Virtual server names must be unique."); - } - } - - if (preg_match('/[ \/]/', $pconfig['name'])) { - $input_errors[] = gettext("You cannot use spaces or slashes in the 'name' field."); - } - - if ($pconfig['port'] != "" && !is_portoralias($pconfig['port'])) { - $input_errors[] = gettext("The port must be an integer between 1 and 65535, a port alias, or left blank."); - } - - if (!is_ipaddroralias($pconfig['ipaddr']) && !is_subnetv4($pconfig['ipaddr'])) { - $input_errors[] = sprintf(gettext("%s is not a valid IP address, IPv4 subnet, or alias."), $_POST['ipaddr']); - } elseif (is_subnetv4($pconfig['ipaddr']) && subnet_size($pconfig['ipaddr']) > 64) { - $input_errors[] = sprintf(gettext("%s is a subnet containing more than 64 IP addresses."), $pconfig['ipaddr']); - } - - if ((strtolower($pconfig['relay_protocol']) == "dns") && !empty($pconfig['sitedown'])) { - $input_errors[] = gettext("You cannot select a Fall Back Pool when using the DNS relay protocol."); - } - - if (isset($pconfig['sessiontimeout']) && $pconfig['sessiontimeout'] !== '' && - ((string)((int)$pconfig['sessiontimeout']) != $pconfig['sessiontimeout'] || - $pconfig['sessiontimeout'] < 1 || $pconfig['sessiontimeout'] > 2147483647)) { - $input_errors[] = gettext('The session timeout must be a number greater than zero or left blank.'); - } - - if (count($input_errors) == 0) { - $vsent = array(); - foreach ($copy_fields as $fieldname) { - $vsent[$fieldname] = $pconfig[$fieldname]; - } - if ($vsent['sitedown'] == '') { - unset($vsent['sitedown']); - } - if ($vsent['sessiontimeout'] == '') { - unset($vsent['sessiontimeout']); - } else { - $vsent['sessiontimeout'] = (int)$vsent['sessiontimeout']; - } - if ($vsent['mode'] != 'relay'){ - /* relay protocol only applies to relay */ - unset($vsent['relay_protocol']); - } - - if (isset($id)) { - if ($a_vs[$id]['name'] != $pconfig['name']) { - /* Because the VS name changed, mark the old name for cleanup. */ - relayd_cleanup_lb_mark_anchor($a_vs[$id]['name']); - } - $a_vs[$id] = $vsent; - } else { - $a_vs[] = $vsent; - } - - mark_subsystem_dirty('loadbalancer'); - write_config(); - - header(url_safe('Location: /load_balancer_virtual_server.php')); - exit; - } -} - -$service_hook = 'relayd'; -legacy_html_escape_form_data($pconfig); - -include("head.inc"); - -?> - - - - - - -
    -
    -
    - 0) print_input_errors($input_errors); ?> -
    -
    -
    -
    - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
    - - - - -
    - -
    - -
    - - -
    - - -
    - - - - - -
    - - - - - - -
    - - -
    - -
    - - -
      - " /> - " onclick="window.location.href='/load_balancer_virtual_server.php'" /> - - - -
    - - -
    -
    -
    -
    -
    -
    -
    -
    - diff --git a/net/relayd/src/www/status_lb_pool.php b/net/relayd/src/www/status_lb_pool.php deleted file mode 100644 index 5e82ff741..000000000 --- a/net/relayd/src/www/status_lb_pool.php +++ /dev/null @@ -1,173 +0,0 @@ -. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("filter.inc"); -require_once("plugins.inc.d/relayd.inc"); -require_once("services.inc"); -require_once("interfaces.inc"); - -$a_pool = &config_read_array('load_balancer', 'lbpool'); - - -if ($_SERVER['REQUEST_METHOD'] === 'POST') { - if (!empty($_POST['apply'])) { - relayd_configure_do(); - filter_configure(); - clear_subsystem_dirty('loadbalancer'); - header(url_safe('Location: /status_lb_pool.php')); - exit; - } else { - // change pool configuration (enabled/disabled servers) - $pconfig = $_POST; - if (!empty($pconfig['pools'])) { - foreach ($pconfig['pools'] as $form_pool) { - foreach ($a_pool as & $pool) { - if ($pool['name'] == $form_pool) { - $all_ips = array_merge((array) $pool['servers'], (array) $pool['serversdisabled']); - $new_disabled = array_diff($all_ips, (array)$pconfig[$form_pool]); - $new_enabled = (array)$pconfig[$form_pool]; - $pool['servers'] = $new_enabled; - $pool['serversdisabled'] = $new_disabled; - } - } - } - mark_subsystem_dirty('loadbalancer'); - write_config("Updated load balancer pools via status screen."); - } - header(url_safe('Location: /status_lb_pool.php')); - exit; - } -} - -$service_hook = 'relayd'; -include("head.inc"); - -$relay_hosts = relayd_get_lb_summary(); -legacy_html_escape_form_data($a_pool); -legacy_html_escape_form_data($relay_hosts); - -?> - - -
    -
    -
    -
    - "));?> - -
    -
    -
    -
    - - - - - - - - - - - - - - - - - - - - - - - - -
    - - - - - - - - - - - - -
    - " - name="[]" value="" - - /> -
    -
    - " /> -
    -
    -
    -
    -
    -
    -
    -
    - diff --git a/net/relayd/src/www/status_lb_vs.php b/net/relayd/src/www/status_lb_vs.php deleted file mode 100644 index 42d79d6f8..000000000 --- a/net/relayd/src/www/status_lb_vs.php +++ /dev/null @@ -1,134 +0,0 @@ -. - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("filter.inc"); -require_once("services.inc"); -require_once("plugins.inc.d/relayd.inc"); - -$a_pool = &config_read_array('load_balancer', 'lbpool'); -$a_vs = &config_read_array('load_balancer', 'virtual_server'); - -if ($_SERVER['REQUEST_METHOD'] === 'POST') { - if (!empty($_POST['apply'])) { - relayd_configure_do(); - filter_configure(); - clear_subsystem_dirty('loadbalancer'); - header(url_safe('Location: /status_lb_vs.php')); - exit; - } -} - -$rdr_a = relayd_get_lb_redirects(); - -$service_hook = 'relayd'; -legacy_html_escape_form_data($a_vs); -legacy_html_escape_form_data($a_pool); -legacy_html_escape_form_data($rdr_a); -include("head.inc"); - -?> - - - - - -
    -
    -
    -
    - "));?> - -
    -
    -
    - - - - - - - - - - - - - - - - - - - - - - -
    - - - ',$vipent['servers']);?> - - - - -
    - - Last: {$rdr_a[$vsent['name']]['last']}" : "";?> - Average: {$rdr_a[$vsent['name']]['average']}" : "";?> -
    -
    -
    -
    -
    -
    -
    - diff --git a/net/relayd/src/www/widgets/include/load_balancer.inc b/net/relayd/src/www/widgets/include/load_balancer.inc deleted file mode 100644 index 5dfeabbbf..000000000 --- a/net/relayd/src/www/widgets/include/load_balancer.inc +++ /dev/null @@ -1,4 +0,0 @@ - - Copyright (C) 2010 Seth Mos - Copyright (C) 2005-2008 Bill Marquette - Copyright (C) 2004-2005 T. Lechat - Copyright (C) 2004-2005 Manuel Kasper - Copyright (C) 2004-2005 Jonathan Watt - All rights reserved. - - Redistribution and use in source and binary forms, with or without - modification, are permitted provided that the following conditions are met: - - 1. Redistributions of source code must retain the above copyright notice, - this list of conditions and the following disclaimer. - - 2. Redistributions in binary form must reproduce the above copyright - notice, this list of conditions and the following disclaimer in the - documentation and/or other materials provided with the distribution. - - THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, - INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY - AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, - OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF - SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS - INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN - CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE - POSSIBILITY OF SUCH DAMAGE. -*/ - -require_once("guiconfig.inc"); -require_once("filter.inc"); -require_once("plugins.inc.d/relayd.inc"); - -$now = time(); -$year = date("Y"); - -$a_vs = &config_read_array('load_balancer', 'virtual_server'); -$a_pool = &config_read_array('load_balancer', 'lbpool'); -$rdr_a = relayd_get_lb_redirects(); -$relay_hosts = relayd_get_lb_summary(); - -$lb_logfile = '/var/log/relayd.log'; - -$nentries = isset($config['syslog']['nentries']) ? $config['syslog']['nentries'] : 50; - -?> - - - - - - - - - - - - - - - - -
    -
    - -
    -     		- - "; - echo ""; - } - } - } - } - ?> -
     {$server['ip']['addr']}:{$pool['port']}  "; - if ($server['ip']['avail']) { - echo " ({$server['ip']['avail']}) "; - } - echo " 
    -     		- -