Otto Moerbeek wrote:
> On Sat, Oct 21, 2023 at 10:40:45PM +0300, Kapetanakis Giannis wrote:
>
> > On 21/10/2023 20:39, Florian Obser wrote:
> > > Which was 8 years ago. I don't understand why you see a change in 7.4.
> > >
> > > Anyway, we decided to not clean up control sockets in any of our
>
On Sat, Oct 21, 2023 at 10:40:45PM +0300, Kapetanakis Giannis wrote:
> On 21/10/2023 20:39, Florian Obser wrote:
> > Which was 8 years ago. I don't understand why you see a change in 7.4.
> >
> > Anyway, we decided to not clean up control sockets in any of our
> > privsep daemons because leaving
On 21/10/2023 20:39, Florian Obser wrote:
Which was 8 years ago. I don't understand why you see a change in 7.4.
Anyway, we decided to not clean up control sockets in any of our
privsep daemons because leaving them behind does not cause any issues.
I just noticed it today when I tried to use t
no@
>
Which was 8 years ago. I don't understand why you see a change in 7.4.
Anyway, we decided to not clean up control sockets in any of our
privsep daemons because leaving them behind does not cause any issues.
> G
>
>
> On 21/10/2023 14:41, Kapetanakis Giannis wrote:
>
Rev 1.140 by florian@ seems to have changed that.
Do not try to unlink the control socket in an unprivileged child
process on shutdown.
Found while working ontame(2) <http://man.openbsd.org/tame.2>.
OK benno@
G
On 21/10/2023 14:41, Kapetanakis Giannis wrote:
After 7.4 relayd does not
After 7.4 relayd does not unlink it's socket
I've added the following but it's probably not enough. unveil?
G
Index: relayd.c
===
RCS file: /cvs/src/usr.sbin/relayd/relayd.c,v
retrieving revision 1.191
diff -u -p -
Hi,
After 6.9 packets passed by "route-to" started to be evaluated when
output. As the result, states are created for output direction,
because it is not considered about "direct server return", has some
problems (eg. the state is deleted because the state tracking is
failed.
On Tue, Aug 01, 2023 at 01:50:52AM +0200, Alexandr Nedvedicky wrote:
> OK to commit?
OK bluhm@
> 8<---8<---8<--8<
> diff --git a/sys/net/pf_table.c b/sys/net/pf_table.c
> index 6f23a6f795d..c862c804f84 100644
> --- a/sys/net/pf_table.c
> +++
Just for the record, I'm running that pf_table patch for almost a month now
without any negative impact on my load balancers.
pfsync/carp/relayd
It also solved my problem with relayd.
However I believe some care should also be taken on relayd part
- do not check statistics on dis
Hello,
the issue has been reported by Gianni Kapetanakis month ago [1]. It took
several emails to figure out relayd(8) exists after hosts got disabled
by 'relayctl host dis ...'
The thing is that relayd(8) relies on pf(4) to create persistent
tables (PFR_TFLAG_PERSIST) as relayd req
I for one welcome our new relayd maintainer!
On 2023/07/13 05:44:03 +0200, Theo Buehler wrote:
> This is analogous to the change that op committed to smtpd a few days
> ago. Instead of using ENGINE to make RSA use privsep via imsg, create
> an RSA method that has custom priv_enc/priv_dec methods, replace the
> default RSA method. Ditch numer
tobhe@
>
> Index: ca.c
> ===
> RCS file: /cvs/src/usr.sbin/relayd/ca.c,v
> retrieving revision 1.42
> diff -u -p -r1.42 ca.c
> --- ca.c 11 Jun 2023 10:30:26 - 1.42
> +++ ca.c 11 Jul 2023 18:21:47
only to add a log call.
This removes a lot of boilerplate and shows more clearly where the
actual magic happens. Regress exercises this code and passes.
Index: ca.c
===
RCS file: /cvs/src/usr.sbin/relayd/ca.c,v
retrieving revision 1.42
Hello,
I have a problem with relayd and redirects. If I disable a table, redirect
stays down only for a while.
After a few seconds, redirect gets active again and forwards to the disabled
table.
Same happens for redirect with a backup forward table.
Redirect points momentarily to backup table
Hi,
I've send a bug report in bugs@ with subject "relayd crashing some times"
After I disable all hosts from a redirect, I get random fatal() error
from check_tables() like the one bellow:
pfe: check_table: cannot get table stats for dir-sieve@relayd/dir-sieve:
No such fi
On Mon, Jul 03, 2023 at 11:26:34AM +0200, Claudio Jeker wrote:
> This is just some additional ibuf cleanup in relayd.
> Mostly use ibuf_data() instead of direct access to ibuf->buf.
ok tb
>
> --
> :wq Claudio
>
This is just some additional ibuf cleanup in relayd.
Mostly use ibuf_data() instead of direct access to ibuf->buf.
--
:wq Claudio
Index: check_tcp.c
===
RCS file: /cvs/src/usr.sbin/relayd/check_tcp.c,v
retrieving revision 1.60
d
On 2023-06-29 15:03 +02, Claudio Jeker wrote:
> Once again struct sockaddr_in6 causes 64bit systems to cry. This time in
> relayd. You can not statically setup a route message and think it will
> work. All our routing daemons switched to iov for building the route
> message ou
On Thu, Jun 29, 2023 at 03:03:12PM +0200, Claudio Jeker wrote:
> Once again struct sockaddr_in6 causes 64bit systems to cry. This time in
> relayd. You can not statically setup a route message and think it will
> work. All our routing daemons switched to iov for building the route
> me
Once again struct sockaddr_in6 causes 64bit systems to cry. This time in
relayd. You can not statically setup a route message and think it will
work. All our routing daemons switched to iov for building the route
message out of various components. This diff does the same for relayd.
With this it
dy done automatically by libcrypto at runtime, and judging by the
> > implementation of the called functions there's no need to actually
> > force the initialization.
> >
> > There is similar code in relayd and iked, so apply the same treatment.
> >
> > I&
ation of the called functions there's no need to actually
> force the initialization.
>
> There is similar code in relayd and iked, so apply the same treatment.
>
> I've tested smtpd and it works just as fine as before, don't use
> relayd but the regression suite i
ation.
There is similar code in relayd and iked, so apply the same treatment.
I've tested smtpd and it works just as fine as before, don't use
relayd but the regression suite is happy. I don't use iked, so some
testing with it is welcomed. Not that I expect any sort of breakage,
> On 20 Jun 2023, at 18:16, Claudio Jeker wrote:
>
> On Tue, Jun 20, 2023 at 03:35:11PM +0200, Theo Buehler wrote:
>>> On Tue, Jun 20, 2023 at 02:17:06PM +0200, Claudio Jeker wrote:
>>> Ok, this went overboard. I just wanted to clean up a bit more in
>>> check_tcp.c but noticed check_send_expe
On Tue, Jun 20, 2023 at 03:35:11PM +0200, Theo Buehler wrote:
> On Tue, Jun 20, 2023 at 02:17:06PM +0200, Claudio Jeker wrote:
> > Ok, this went overboard. I just wanted to clean up a bit more in
> > check_tcp.c but noticed check_send_expect and CHECK_BINSEND_EXPECT.
> >
> > This code is not very
On Tue, Jun 20, 2023 at 02:17:06PM +0200, Claudio Jeker wrote:
> Ok, this went overboard. I just wanted to clean up a bit more in
> check_tcp.c but noticed check_send_expect and CHECK_BINSEND_EXPECT.
>
> This code is not very consitent in the differnt ways the strings are
> encoded. Especially che
/relayd/check_tcp.c,v
retrieving revision 1.59
diff -u -p -r1.59 check_tcp.c
--- check_tcp.c 20 Jun 2023 09:54:57 - 1.59
+++ check_tcp.c 20 Jun 2023 10:55:12 -
@@ -183,10 +183,6 @@ tcp_host_up(struct ctl_tcp_event *cte)
return;
}
- if (cte->table->s
On Tue, Jun 20, 2023 at 11:34:22AM +0200, Claudio Jeker wrote:
> Instead of ibuf_reserve() just use ibuf_add_zero(buf, 1) to add a
> NUL byte to the buffer.
ok tb
Instead of ibuf_reserve() just use ibuf_add_zero(buf, 1) to add a
NUL byte to the buffer.
There is more needed in here but lets start small.
--
:wq Claudio
Index: check_tcp.c
===
RCS file: /cvs/src/usr.sbin/relayd/check_tcp.c,v
);
> > > fatalx("%s: %s", __func__, errstr);
> > > Found by codechecker.
> > >
> > > OK?
> >
> > Needs more braces
>
> Indeed.
> Is this OK?
of course. thanks
>
> Index: ca.c
> ==
gt; Found by codechecker.
> >
> > OK?
>
> Needs more braces
Indeed.
Is this OK?
Index: ca.c
===
RCS file: /cvs/src/usr.sbin/relayd/ca.c,v
retrieving revision 1.39
diff -u -p -r1.39 ca.c
--- ca.c20 Jan 2022 17:56:
es
> mbuhl
>
> Index: ca.c
> =======
> RCS file: /cvs/src/usr.sbin/relayd/ca.c,v
> retrieving revision 1.39
> diff -u -p -r1.39 ca.c
> --- ca.c 20 Jan 2022 17:56:35 - 1.39
> +++ ca.c 10 Nov 2022 00:06:20 -
&g
errstr is never set but fail does:
RSA_meth_free(rsae_method);
fatalx("%s: %s", __func__, errstr);
Found by codechecker.
OK?
mbuhl
Index: ca.c
===
RCS file: /cvs/src/usr.sbin/relayd/ca.c,v
retrieving rev
Yes, OK millert@
- todd
: usr.sbin/relayd/relayd.c
===
RCS file: /cvs/src/usr.sbin/relayd/relayd.c,v
retrieving revision 1.189
diff -u -p -r1.189 relayd.c
--- usr.sbin/relayd/relayd.c3 Sep 2022 20:07:31 - 1.189
+++ usr.sbin/relayd/relayd.c9 N
uld probably get committed.
>>>
>>>
>>> On 2022/06/01 09:16, Alexandr Nedvedicky wrote:
>>>> Hello,
>>>>
>>>>
>>>>> r420-1# rcctl -f start relayd
>>>>> relayd(ok)
>>>>> r420-1# uvm_fault(0
Sun, Jun 05, 2022 at 09:44:45AM +0100, Stuart Henderson wrote:
> > I don't know this code well enough to give a meaningful OK, but this
> > should probably get committed.
> >
> >
> > On 2022/06/01 09:16, Alexandr Nedvedicky wrote:
> > > Hello,
> >
this
> should probably get committed.
>
>
> On 2022/06/01 09:16, Alexandr Nedvedicky wrote:
> > Hello,
> >
> >
> > > r420-1# rcctl -f start relayd
> > > relayd(ok)
> > > r420-1# uvm_fault(0xfd862f82f990, 0x0, 0, 1) -> e
> > &g
.
Index: ca.c
===
RCS file: /cvs/src/usr.sbin/relayd/ca.c,v
retrieving revision 1.37
diff -u -p -r1.37 ca.c
--- ca.c8 Dec 2021 03:40:44 - 1.37
+++ ca.c9 Jan 2022 18:40:12 -
@@ -220,10 +220,10
eated from this keypair
- the user has a keypair and submits their public key for certification (to
being signed by the CA)
- the server (relayd) has the CA certificate configured as 'client ca
"/path/to/ca.pem"'
- the user provides their certificate when connecting, the pro
at 4:25 PM, rivo nurges wrote:
>>
>> Hi!
>>
>> Here comes the support for relayd client certificate validation.
>> Full certificate chain, subject and issuer can be passed over in http
>> headers.
>> It supports mandatory validation and optional validation(
optional from a relay service.
> On Dec 16, 2021, at 4:25 PM, rivo nurges wrote:
>
> Hi!
>
> Here comes the support for relayd client certificate validation.
> Full certificate chain, subject and issuer can be passed over in http headers.
> It supports mandatory va
Hi!
Here comes the support for relayd client certificate validation.
Full certificate chain, subject and issuer can be passed over in http headers.
It supports mandatory validation and optional validation(if client chooses to
provide certificate it will be validated).
Part of my sample config
On Wed, Dec 08, 2021 at 04:59:36AM +0100, Theo Buehler wrote:
> BIO_new_mem_buf has had const since 2018, so this workaround is no
> longer needed.
OK bluhm@
> Index: ssl.c
> ===
> RCS file: /cvs/src/usr.sbin
BIO_new_mem_buf has had const since 2018, so this workaround is no
longer needed.
Index: ssl.c
===
RCS file: /cvs/src/usr.sbin/relayd/ssl.c,v
retrieving revision 1.35
diff -u -p -r1.35 ssl.c
--- ssl.c 27 Jan 2021 20:33:05 -
On Tue, Nov 09, 2021 at 07:13:13PM +, Stuart Henderson wrote:
> What's the status of this diff?
After discussion with jan@ we came to the conclusion that this fix
is in the wrong layer. It is better to have a clever algorithm in
TCP output to send window updates. jan@ is working on this.
bl
What's the status of this diff?
On 2021/09/21 17:30, Alexander Bluhm wrote:
> On Sat, Sep 18, 2021 at 02:35:20PM +0200, Jan Klemkow wrote:
> > The following diff removes the every 2nd ACK feature again and ensures
> > that we send out an ACK if soreceive() empties the receive buffer.
>
> Looks go
; > > > > https://marc.info/?m=16135019371
> > > > >
> > > > > reyk@ removed from CC: on purpose:
> > > > > https://twitter.com/reykfloeter/status/1284868070901776384
> > > > >
> > > > > Marcus
> > &
t; >
> > > > https://marc.info/?m=161349608614743
> > > > https://marc.info/?m=16135019371
> > > >
> > > > reyk@ removed from CC: on purpose:
> > > > https://twitter.com/reykfloeter/status/1284868070901776384
> >
t; > >
> > > reyk@ removed from CC: on purpose:
> > > https://twitter.com/reykfloeter/status/1284868070901776384
> > >
> > > Marcus
> > >
> > > jonathon.fletc...@gmail.com (Jonathon Fletcher), 2021.03.06 (Sat) 21:02
> > > (CET):
&g
ng the
>> >> > crash). A snip from /var/log/daemon is reproduced below. There are no
>> >> > other log messages in any logs around the same time frame as the relayd
>> >> > shutdown. Also, that fd passing failed for https is concerning. Any
>>
ow. There are no other log
> >> > messages in any logs around the same time frame as the relayd shutdown.
> >> > Also, that fd passing failed for https is concerning. Any suggestions in
> >> > debugging this? OpenBSD 6.9, dmesg at bottom.
> >&g
I couldn't follow what the code in ca.c is
>> > actually doing (what the hash belongs to that is triggering the crash). A
>> > snip from /var/log/daemon is reproduced below. There are no other log
>> > messages in any logs around the same time frame as the
(what the hash belongs to that is triggering the crash). A
> > snip from /var/log/daemon is reproduced below. There are no other log
> > messages in any logs around the same time frame as the relayd shutdown.
> > Also, that fd passing failed for https is concerning. Any sugge
ip from
> /var/log/daemon is reproduced below. There are no other log messages in any
> logs around the same time frame as the relayd shutdown. Also, that fd passing
> failed for https is concerning. Any suggestions in debugging this? OpenBSD
> 6.9, dmesg at bottom.
>
>
>
other log messages in any
logs around the same time frame as the relayd shutdown. Also, that fd passing
failed for https is concerning. Any suggestions in debugging this? OpenBSD 6.9,
dmesg at bottom.
grep relayd /var/log/daemon
876:Sep 30 15:07:39 mnetic relayd[222]: adding 1 hosts from table
ax
On Sat, Sep 18, 2021 at 02:35:20PM +0200, Jan Klemkow wrote:
> The following diff removes the every 2nd ACK feature again and ensures
> that we send out an ACK if soreceive() empties the receive buffer.
Looks good in my perform tests, 22% tcp throughput increase.
http://bluhm.genua.de/perform/res
On Thu, Apr 15, 2021 at 08:43:02PM +0200, Alexander Bluhm wrote:
> I found another regression with Jan's TCP diff that sends less ACK
> packets. relayd run-args-http-slow-consumer.pl fails on i386 due
> to his commit. This test writes a lot of data from the http server,
> but b
extra guard so that we don't accidentally free it
> twice.
maybe thats not needed, agentx_free() just returns if the argument is NULL.
> OK?
ok
>
> martijn@
>
> Index: agentx_control.c
> =======
> RCS f
rtijn@
Index: agentx_control.c
===
RCS file: /cvs/src/usr.sbin/relayd/agentx_control.c,v
retrieving revision 1.4
diff -u -p -r1.4 agentx_control.c
--- agentx_control.c27 Oct 2020 18:48:07 - 1.4
+++ agentx_control.c30 Aug 2021 10:49:49 -
@@ -124,7 +
Sebastian Benoit writes:
> An errata patch for the relayd application layer gateway daemon has
> been released for OpenBSD 6.9.
>
> relayd(8), when using the the http protocol strip filter directive or http
> protocol macro expansion, processes format strings.
>
> Binary
An errata patch for the relayd application layer gateway daemon has
been released for OpenBSD 6.9.
relayd(8), when using the the http protocol strip filter directive or http
protocol macro expansion, processes format strings.
Binary updates for the amd64, i386, and arm64 platform are available
Hi!
Here comes the support for relayd client certificate validation.
Full certificate chain, subject and issuer can be passed over in http headers.
It supports mandatory validation, optional validation(if client chooses to
provide certificate it will be validated) and no validation(cert is
gt; > Marcus
> >
> > jonathon.fletc...@gmail.com (Jonathon Fletcher), 2021.03.06 (Sat) 21:02
> > (CET):
> > > When relayd relays a connection upgrade to a websocket, it relays
> > > the outbound "Connection: Upgrade" header from the interal serve
On Fri, Apr 16, 2021 at 08:30:46AM +0200, Claudio Jeker wrote:
> Wonder if something else is still amiss.
What you see in this graph is the single connection TCP througput
during 6.8 development. The tcpbench output of the sender has been
measured.
http://bluhm.genua.de/perform/results/gnuplot/6
On Thu, Apr 15, 2021 at 08:43:02PM +0200, Alexander Bluhm wrote:
> Hi,
>
> I found another regression with Jan's TCP diff that sends less ACK
> packets. relayd run-args-http-slow-consumer.pl fails on i386 due
> to his commit. This test writes a lot of data from the http
ith Jan's TCP diff that sends less ACK
> packets. relayd run-args-http-slow-consumer.pl fails on i386 due
> to his commit. This test writes a lot of data from the http server,
> but blocks receive for 2 seconds in the client. Relayd between
> these machines should handle the dela
> Should we back it out for release? Diff below.
I think so.
Hi,
I found another regression with Jan's TCP diff that sends less ACK
packets. relayd run-args-http-slow-consumer.pl fails on i386 due
to his commit. This test writes a lot of data from the http server,
but blocks receive for 2 seconds in the client. Relayd between
these machines s
; https://marc.info/?m=16135019371
>
> reyk@ removed from CC: on purpose:
> https://twitter.com/reykfloeter/status/1284868070901776384
>
> Marcus
>
> jonathon.fletc...@gmail.com (Jonathon Fletcher), 2021.03.06 (Sat) 21:02 (CET):
> > When relayd relays a conn
/status/1284868070901776384
Marcus
jonathon.fletc...@gmail.com (Jonathon Fletcher), 2021.03.06 (Sat) 21:02 (CET):
> When relayd relays a connection upgrade to a websocket, it relays
> the outbound "Connection: Upgrade" header from the interal server.
>
> It also tags on a "C
When relayd relays a connection upgrade to a websocket, it relays
the outbound "Connection: Upgrade" header from the interal server.
It also tags on a "Connection: close" header to the outbound
response - ie the response goes out with two "Connection"
header li
On Mon, Feb 15, 2021 at 12:03:42PM +1000, Jonathan Matthew wrote:
> It's fairly easy to accidentally configure relayd to try to run check scripts
> faster than they finish, for example if you have a check interval of one
> second and the check script makes a tcp connection to a hos
On Mon, Feb 15, 2021 at 12:03:42PM +1000, Jonathan Matthew wrote:
> It's fairly easy to accidentally configure relayd to try to run check scripts
> faster than they finish, for example if you have a check interval of one
> second and the check script makes a tcp connection to a hos
do I maintain a system running relayd any
more. I believe there are some others looking to make it happen.
Best,
Asherah
Hi
On Thu, Oct 15, 2020 at 05:52:40PM +1100, Ashe Connor wrote:
> Hi there,
>
> A year or two ago I submitted a patch for adding TLS client certificate
> validation to relayd. At the time it didn't make it in, and I stopped
> pursuing it further.
> (https://marc
On 2021/02/16 20:12, Franz Bettag wrote:
> My point, the protocol after HTTP 1.0 encourages keep-alives anyway.
> Close is only default in 1.0 so basically you wouldn’t have lingering
> dead sockets on your server.
If you want a full featured HTTP implementation then perhaps relayd
i
aking very minimal use of relayd and IIRC not with relay_http,
but the thing this makes me wonder about is, what is the "Connection:
close" for? If it's there to prevent clients from smuggling a follow-on
request past relayd to the server without going through the filter rules
t
gt; Marcus
>
> Index: relay_http.c
> ===
> RCS file: /cvs/src/usr.sbin/relayd/relay_http.c,v
> retrieving revision 1.80
> diff -u -p -u -r1.80 relay_http.c
> --- relay_http.c9 Jan 2021 08:53:58 -1.80
> +
It's fairly easy to accidentally configure relayd to try to run check scripts
faster than they finish, for example if you have a check interval of one
second and the check script makes a tcp connection to a host that doesn't
exist any more.
In this situation, the hce process will ke
Another month has passed, another friendly bump...
patch against -current attached, for convenience...
Marcus
Index: relay_http.c
===
RCS file: /cvs/src/usr.sbin/relayd/relay_http.c,v
retrieving revision 1.80
diff -u -p -u -r1.80
On Thu, Jan 07, 2021 at 04:56:14PM +0100, Denis Fondras wrote:
> Le Thu, Jan 07, 2021 at 12:03:54PM +0100, Hiltjo Posthuma a écrit :
> > Hi Denis,
> >
> > I like this feature. For example it would be useful for using relayd as a
> > reverse-proxy to forward it to an
Le Thu, Jan 07, 2021 at 12:03:54PM +0100, Hiltjo Posthuma a écrit :
> Hi Denis,
>
> I like this feature. For example it would be useful for using relayd as a
> reverse-proxy to forward it to an internal network running a httpd with some
> service. Then the path can be stripped wi
Denis!
> >
>
> Here is an up to date diff, looking for OKs.
>
Hi Denis,
I like this feature. For example it would be useful for using relayd as a
reverse-proxy to forward it to an internal network running a httpd with some
service. Then the path can be stripped without having t
One month has passed, this is just a friendly ping...
Marcus
mcmer-open...@tor.at (Marcus MERIGHI), 2020.12.04 (Fri) 14:18 (CET):
> This patch wasn't commited and not discussed (publicly).
>
> It lets me use relayd as a front-end to the mattermost-server.
>
> @franz
By no means an official OK, but would love to see this in relayd!
Mischa
> On 3 Jan 2021, at 11:40, Denis Fondras wrote:
>
> Le Fri, Dec 11, 2020 at 10:53:56AM +, Olivier Cherrier a écrit :
>>
>> Hello tech@,
>>
>> Is there any interest for this fea
s.
Index: parse.y
===
RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
retrieving revision 1.250
diff -u -p -r1.250 parse.y
--- parse.y 29 Dec 2020 19:48:06 - 1.250
+++ parse.y 3 Jan 2021 10:38:26 -
@@ -175,7 +175,7 @@ typedef struct {
%token LOOKUP
100
> From: Denis Fondras
> To: Hiltjo Posthuma
> Cc: tech@openbsd.org
> Subject: Re: Port httpd(8) 'strip' directive to relayd(8)
>
> Previous one had a typo... :/
>
> On Sat, Oct 24, 2020 at 08:01:36PM +0200, Hiltjo Posthuma wrote:
> > Thanks for worki
thanks for bringing it up again, i always have to patch multiple relayds after
upgrades. -.-
Sent from my iPad
> On 4. Dec 2020, at 14:18, Marcus MERIGHI wrote:
>
> Hello!
>
> This patch wasn't commited and not discussed (publicly).
>
> It lets me use re
Hello!
This patch wasn't commited and not discussed (publicly).
It lets me use relayd as a front-end to the mattermost-server.
Just a friendly reminder...
@franz: Thank you!
Marcus
fr...@bett.ag (Franz Bettag), 2020.03.04 (Wed) 17:52 (CET):
> After migrating my home setup from nginx
Hi!
> I have patch on top of this which allows to pass remote certificate
> and/or parts of it to backend hosts via http headers.
Did this patch ever arrive and would it also make sense inside httpd
(in addition to relayd)?
--
Markus Läll
Index: relayd.conf.5
> ===
> RCS file: /cvs/src/usr.sbin/relayd/relayd.conf.5,v
> retrieving revision 1.201
> diff -u -p -r1.201 relayd.conf.5
> --- relayd.conf.5 22 Oct 2020 08:00:24 - 1.201
> +++ relayd.conf.5 30 Oct 2020 08:48:23 -00
ok benno@
and yes, add a line to current.html.
Denis Fondras(open...@ledeuns.net) on 2020.10.30 10:13:56 +0100:
> On Thu, Oct 29, 2020 at 03:51:24PM +0100, Martijn van Duren wrote:
> > 6.8 is out in the wild. I guess this is as good a time as any to remove
> > the old snmp keyword.
> >
> > OK?
>
Index: relayd.conf.5
> ===
> RCS file: /cvs/src/usr.sbin/relayd/relayd.conf.5,v
> retrieving revision 1.201
> diff -u -p -r1.201 relayd.conf.5
> --- relayd.conf.5 22 Oct 2020 08:00:24 - 1.201
> +++ relayd.conf.5
On Thu, Oct 29, 2020 at 03:51:24PM +0100, Martijn van Duren wrote:
> 6.8 is out in the wild. I guess this is as good a time as any to remove
> the old snmp keyword.
>
> OK?
>
OK denis@
And while it is fresh, is this the right time to update plus.html and
current.html ?
I think metrics is a better word than statistics and it might help
people if they knew where to query for these metrics.
OK?
martijn@
Index: relayd.conf.5
===
RCS file: /cvs/src/usr.sbin/relayd/relayd.conf.5,v
retrieving revision
6.8 is out in the wild. I guess this is as good a time as any to remove
the old snmp keyword.
OK?
martijn@
Index: parse.y
===
RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
retrieving revision 1.248
diff -u -p -r1.248 parse.y
With this config :
---
relay "proxy" {
listen on {{publicip}} port 443 tls
protocol "httpproxy"
forward with tls to port 443
forward to port 10100
}
---
relayd(8) will currently use TLS for all backends.
This diff will use TLS only if 'with tls' is used
w)
> Index: agentx_control.c
> ===
> RCS file: /cvs/src/usr.sbin/relayd/agentx_control.c,v
> retrieving revision 1.2
> diff -u -p -r1.2 agentx_control.c
> --- agentx_control.c 25 Oct 2020 10:17:49 - 1.2
> +++ agentx_control.c 26 Oct 2020 16:19:09 -
> @@
1 - 100 of 505 matches
Mail list logo
