On Thu, Mar 5, 2015 at 5:02 PM, sven falempin <sven.falem...@gmail.com> wrote:
> Intro, i looked at the relayd router code, because i'd like to change
> some route given some conditions. Especially i'd like to change some
> rules when the route is added , and flush this anchor when route is
> removed (or flush read when changed).
>
> I think about copying the ifstated mechanism to provide a bit more
> flexibitily to relayd : void
> external_exec(struct ifsd_external *external, int async)
>
> 1/ Strangeness in the code ( "grep > code coverage" )
>
>
> # grep F_DOWN ./*
> grep: ./obj: No such file or directory
> ./pfe.c: rdr->conf.flags &= ~(F_DOWN);
> ./pfe.c: rdr->conf.flags |= F_DOWN;
> ./pfe.c: if (rdr->conf.flags & F_DOWN) {
> ./pfe.c: rt->rt_conf.flags &= ~(F_DOWN);
> ./relayd.h:#define F_DOWN 0x00000008
> ./snmp.c: else if (rdr->conf.flags & F_DOWN)
>
> AFAI Understand
>
> ./pfe.c: rt->rt_conf.flags &= ~(F_DOWN);
> is completly useless
> # grep F_DOWN ./* | grep rt
> grep: ./obj: No such file or directory
> ./pfe.c: rt->rt_conf.flags &= ~(F_DOWN);
>
> 1.bis/
>
> | DISABLE { rlay->rl_conf.flags |= F_DISABLE; }
>
> is not in the man page, may be intentional
>
> Index: relayd.conf.5
> ===================================================================
> RCS file: /cvs/src/usr.sbin/relayd/relayd.conf.5,v
> retrieving revision 1.160
> diff -u -p -r1.160 relayd.conf.5
> --- relayd.conf.5 13 Jan 2015 09:24:20 -0000 1.160
> +++ relayd.conf.5 5 Mar 2015 21:42:59 -0000
> @@ -1396,6 +1396,8 @@ Add the routes to the kernel routing tab
> Add the routes with the specified
> .Ar label
> to the kernel routing table.
> +.It Ic disable
> +Ignore this entry
> .El
> .Sh FILES
> .Bl -tag -width Ds -compact
>
>
> 2/ actual ?problem?
> Meanwhile in the status, routers are marked active whatever happen,
> bad gw or failure to to route add
>
>
> # cat /etc/relayd.conf
>
> table <ok-gws> { 192.168.10.1 }
> table <nok-gws> { 192.168.4.2 }
> table <nnok-gws> { 8.8.8.8 }
>
> router "good" {
> forward to <ok-gws> check icmp
> route 172.30.0.0/16
> rtlabel "good"
> }
>
> router "bad" {
> forward to <nok-gws> check icmp
> route 172.30.0.0/16
> rtlabel "gobadod"
> }
>
> router "baaad" {
> forward to <nnok-gws> check icmp
> route 172.40.0.0/16
> rtlabel "gbaaaaadood"
> }
>
> # relayctl show hosts
> Id Type Name Avlblty Status
> 1 table ok-gws:65535 active (1
> hosts)
> 1 host 192.168.10.1 99.87% up
> total: 7530/7540 checks
> 2 table nok-gws:65535 empty
> 2 host 192.168.4.2 0.00% down
> total: 0/7540 checks, error: icmp read timeout
> 3 table nnok-gws:65535 active (1
> hosts)
> 3 host 8.8.8.8 99.62% up
> total: 7511/7540 checks
>
> # relayctl show routers
> Id Type Name Avlblty Status
> 1 router good active
> rtlabel: good
> route: 172.30.0.0/16
> 2 router bad active
> rtlabel: gobadod
> route: 172.30.0.0/16
> 3 router baaad active
> rtlabel: gbaaaaadood
> route: 172.40.0.0/16
>
>
> 3/ I am not an expert but maybe, i would put the flag removal in the
> success case, ie before return 0, not before the sync_route call :
>
> Index: pfe_route.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/relayd/pfe_route.c,v
> retrieving revision 1.9
> diff -u -p -r1.9 pfe_route.c
> --- pfe_route.c 22 Jan 2015 17:42:09 -0000 1.9
> +++ pfe_route.c 5 Mar 2015 21:53:27 -0000
> @@ -222,6 +222,7 @@ pfe_route(struct relayd *env, struct ctl
> return (0);
> bad:
> + crt->rt.flags |= (F_DOWN);
So the only way would to imsg back the information ?
In which process the routers are stored ?
TAILQ_FOREACH(rt, env->sc_rts, rt_entry) {
printf("o IDs %d\n",rt->rt_conf.id );
}
> log_debug("%s: failed to %s gateway %s: %d %s", __func__,
> HOST_ISUP(crt->up) ? "add" : "delete", gwname,
> errno, strerror(errno));
>
>
> Footnotes:
>
> Avlblty, vowels are too mainsteam :D
> The only way i can modify pf conf is using route monitor or similar
> and catch RTM_ADD with the root label, will you accept a bikeshed to
> execute something in pfe_route.c ?
> Or would you prefer a complete integration:
>
> router "baaad" {
> forward to <nnok-gws> check icmp
> route 172.40.0.0/16
> anchor "routers/baaad" pass on tunX proto tcp from ($int:network)
> to 172.40.0.0/16 {for route-to <nnok-gws> come back next year }
> #or another syntax for multiple rules
> anchor "routers/baaad" pass on $int proto tcp from 172.40.0.0/16 to
> ($int:network)
> rtlabel "gbaaaaadood"
> }
>
> Best regards,
>
>
> ---------------------------------------------------------------------------------------------------------------------
> () ascii ribbon campaign - against html e-mail
> /\
--
---------------------------------------------------------------------------------------------------------------------
() ascii ribbon campaign - against html e-mail
/\
