Intro, i looked at the relayd router code, because i'd like to change
some route given some conditions. Especially i'd like to change some
rules when the route is added , and flush this anchor when route is
removed (or flush read when changed).
I think about copying the ifstated mechanism to provide a bit more
flexibitily to relayd : void
external_exec(struct ifsd_external *external, int async)
1/ Strangeness in the code ( "grep > code coverage" )
# grep F_DOWN ./*
grep: ./obj: No such file or directory
./pfe.c: rdr->conf.flags &= ~(F_DOWN);
./pfe.c: rdr->conf.flags |= F_DOWN;
./pfe.c: if (rdr->conf.flags & F_DOWN) {
./pfe.c: rt->rt_conf.flags &= ~(F_DOWN);
./relayd.h:#define F_DOWN 0x00000008
./snmp.c: else if (rdr->conf.flags & F_DOWN)
AFAI Understand
./pfe.c: rt->rt_conf.flags &= ~(F_DOWN);
is completly useless
# grep F_DOWN ./* | grep rt
grep: ./obj: No such file or directory
./pfe.c: rt->rt_conf.flags &= ~(F_DOWN);
1.bis/
| DISABLE { rlay->rl_conf.flags |= F_DISABLE; }
is not in the man page, may be intentional
Index: relayd.conf.5
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/relayd.conf.5,v
retrieving revision 1.160
diff -u -p -r1.160 relayd.conf.5
--- relayd.conf.5 13 Jan 2015 09:24:20 -0000 1.160
+++ relayd.conf.5 5 Mar 2015 21:42:59 -0000
@@ -1396,6 +1396,8 @@ Add the routes to the kernel routing tab
Add the routes with the specified
.Ar label
to the kernel routing table.
+.It Ic disable
+Ignore this entry
.El
.Sh FILES
.Bl -tag -width Ds -compact
2/ actual ?problem?
Meanwhile in the status, routers are marked active whatever happen,
bad gw or failure to to route add
# cat /etc/relayd.conf
table <ok-gws> { 192.168.10.1 }
table <nok-gws> { 192.168.4.2 }
table <nnok-gws> { 8.8.8.8 }
router "good" {
forward to <ok-gws> check icmp
route 172.30.0.0/16
rtlabel "good"
}
router "bad" {
forward to <nok-gws> check icmp
route 172.30.0.0/16
rtlabel "gobadod"
}
router "baaad" {
forward to <nnok-gws> check icmp
route 172.40.0.0/16
rtlabel "gbaaaaadood"
}
# relayctl show hosts
Id Type Name Avlblty Status
1 table ok-gws:65535 active (1 hosts)
1 host 192.168.10.1 99.87% up
total: 7530/7540 checks
2 table nok-gws:65535 empty
2 host 192.168.4.2 0.00% down
total: 0/7540 checks, error: icmp read timeout
3 table nnok-gws:65535 active (1 hosts)
3 host 8.8.8.8 99.62% up
total: 7511/7540 checks
# relayctl show routers
Id Type Name Avlblty Status
1 router good active
rtlabel: good
route: 172.30.0.0/16
2 router bad active
rtlabel: gobadod
route: 172.30.0.0/16
3 router baaad active
rtlabel: gbaaaaadood
route: 172.40.0.0/16
3/ I am not an expert but maybe, i would put the flag removal in the
success case, ie before return 0, not before the sync_route call :
Index: pfe_route.c
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/pfe_route.c,v
retrieving revision 1.9
diff -u -p -r1.9 pfe_route.c
--- pfe_route.c 22 Jan 2015 17:42:09 -0000 1.9
+++ pfe_route.c 5 Mar 2015 21:53:27 -0000
@@ -222,6 +222,7 @@ pfe_route(struct relayd *env, struct ctl
return (0);
bad:
+ crt->rt.flags |= (F_DOWN);
log_debug("%s: failed to %s gateway %s: %d %s", __func__,
HOST_ISUP(crt->up) ? "add" : "delete", gwname,
errno, strerror(errno));
Footnotes:
Avlblty, vowels are too mainsteam :D
The only way i can modify pf conf is using route monitor or similar
and catch RTM_ADD with the root label, will you accept a bikeshed to
execute something in pfe_route.c ?
Or would you prefer a complete integration:
router "baaad" {
forward to <nnok-gws> check icmp
route 172.40.0.0/16
anchor "routers/baaad" pass on tunX proto tcp from ($int:network)
to 172.40.0.0/16 {for route-to <nnok-gws> come back next year }
#or another syntax for multiple rules
anchor "routers/baaad" pass on $int proto tcp from 172.40.0.0/16 to
($int:network)
rtlabel "gbaaaaadood"
}
Best regards,
---------------------------------------------------------------------------------------------------------------------
() ascii ribbon campaign - against html e-mail
/\
