relayd(8): more rdomain integration diff
Hi folks,
after trying forth and back to overcome some limitations in relayd along
multiple
"instances" and rdomain/rtable I decided to scrub some rust of my C/yacc
and
produced the following diffs against -current to relayd and relayctl.
Feats:
- relayd/relayctl: -s sockname; obviously and blatantly taken from
ospfd/ospfctl
- relayd: -a anchorname; overcome the problem that one stopping relayd
cleans
out everything below 'relayd/*' or not having any seperation
(includes) in first
place
- relayd.conf: add 'rtable' as a tableopt; reasoning for "only" there:
- route -T N exec will already put one into 'on rdomain N'
- 'listen' already has an 'interface' option to bound to a specific
rdomain (unless
I am mistaken here on the kernel/addressing side
- generally unsure if this has a real use case anyway
Tests done:
- running two relayd on different anchors, rdomains (via route exec) and
so on,
notable to me was the point of purging the main/final anchor in
flush_rulesets.
Caveats:
- didnt write C/yacc in some years, so esp. string-handling could need
some eyeballs
Patch-white-space-drama; if the patches have mangled WS, there are also
here:
https://github.com/double-p/smtf/tree/master/patches
Everybody coming, see you in Tokyo!
PS: iked lacks -s, ikectl doesnt... :)
--
pbIndex: relayctl.8
===
RCS file: /cvs/src/usr.sbin/relayctl/relayctl.8,v
retrieving revision 1.32
diff -u -p -r1.32 relayctl.8
--- relayctl.8 28 Nov 2015 01:22:44 - 1.32
+++ relayctl.8 28 Feb 2017 20:09:34 -
@@ -23,6 +23,7 @@
.Nd control the relay daemon
.Sh SYNOPSIS
.Nm
+.Op Fl s Ar socket
.Ar command
.Op Ar argument ...
.Sh DESCRIPTION
@@ -32,6 +33,17 @@ program controls the
.Xr relayd 8
daemon.
.Pp
+The following options are available:
+.Bl -tag -width Ds
+.It Fl s Ar socket
+Use
+.Ar socket
+instead of the default
+.Pa /var/run/relayd.sock
+to communicate with
+.Xr relayd 8 .
+.El
+.Pp
The following commands are available:
.Bl -tag -width Ds
.It Cm host disable Op Ar name | id
@@ -105,6 +117,7 @@ again.
.Sh FILES
.Bl -tag -width "/var/run/relayd.sockXX" -compact
.It Pa /var/run/relayd.sock
+Default
.Ux Ns -domain
socket used for communication with
.Xr relayd 8 .
Index: relayctl.c
===
RCS file: /cvs/src/usr.sbin/relayctl/relayctl.c,v
retrieving revision 1.57
diff -u -p -r1.57 relayctl.c
--- relayctl.c 3 Sep 2016 14:44:21 - 1.57
+++ relayctl.c 28 Feb 2017 20:09:34 -
@@ -88,7 +88,8 @@ usage(void)
{
extern char *__progname;
- fprintf(stderr, "usage: %s command [argument ...]\n", __progname);
+ fprintf(stderr, "usage: %s [-s socket] command [argument ...]\n",
+ __progname);
exit(1);
}
@@ -101,9 +102,25 @@ main(int argc, char *argv[])
int ctl_sock;
int done = 0;
int n, verbose = 0;
+ int ch;
+ char *sockname;
+
+ sockname = RELAYD_SOCKET;
+ while ((ch = getopt(argc, argv, "s:")) != -1) {
+ switch (ch) {
+ case 's':
+ sockname = optarg;
+ break;
+ default:
+ usage();
+ /* NOTREACHED */
+ }
+ }
+ argc -= optind;
+ argv += optind;
/* parse options */
- if ((res = parse(argc - 1, argv + 1)) == NULL)
+ if ((res = parse(argc, argv)) == NULL)
exit(1);
/* connect to relayd control socket */
@@ -112,7 +129,7 @@ main(int argc, char *argv[])
bzero(&sun, sizeof(sun));
sun.sun_family = AF_UNIX;
- (void)strlcpy(sun.sun_path, RELAYD_SOCKET, sizeof(sun.sun_path));
+ (void)strlcpy(sun.sun_path, sockname, sizeof(sun.sun_path));
reconnect:
if (connect(ctl_sock, (struct sockaddr *)&sun, sizeof(sun)) == -1) {
/* Keep retrying if running in monitor mode */
@@ -121,7 +138,7 @@ main(int argc, char *argv[])
usleep(100);
goto reconnect;
}
- err(1, "connect: %s", RELAYD_SOCKET);
+ err(1, "connect: %s", sockname);
}
if (pledge("stdio", NULL) == -1)
Index: parse.y
===
RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
retrieving revision 1.214
diff -u -p -r1.214 parse.y
--- parse.y 5 Jan 2017 13:53:09 - 1.214
+++ parse.y 1 Mar 2017 15:50:24 -
@@ -805,6 +805,13 @@ tableopts : CHECK tablecheck
break;
}
}
+ | RTABLE NUMBER {
+ if ($2 < 0 || $2 > RT_TABLEID_MAX) {
+yyerror("invalid rtable id %d", $2);
+YYERROR;
+ }
+ table->conf.rtable = $2;
+ }
;
/* should be in sync with sbin/pfctl/parse.y's hashkey */
Index: pfe_filter.c
===
RCS file: /cvs/src/usr.sbin/relayd/pfe_filter.c,v
retrieving revision 1.61
diff -u -p -r1.61 pfe_filter.c
--- pfe_filter.c 24 Jan 2017 10:49:14 - 1.61
+++ pfe_filter.c 1 Mar 2017 15:50:24 -
@@ -60,7 +60,7 @@ init_tables(struct relayd *env)
i = 0;
TAILQ_FOREACH(rdr, env->sc_rdrs, entry) {
- if (strlcpy(tables[i].pfrt_anchor, RELAYD_ANCHOR "/",
+ if (strlcpy(tables[i].pfrt_anchor, env->sc_baseanchor,
Re: relayd(8): more rdomain integration diff
Hi double-p!
On Wed, Mar 01, 2017 at 08:00:30PM +0100, Philipp Buehler wrote:
> Hi folks,
>
> after trying forth and back to overcome some limitations in relayd along
> multiple
> "instances" and rdomain/rtable I decided to scrub some rust of my C/yacc and
> produced the following diffs against -current to relayd and relayctl.
>
Nice.
> Feats:
> - relayd/relayctl: -s sockname; obviously and blatantly taken from
> ospfd/ospfctl
Regarding the -s:
There is inconsistency across our daemons.
I think it all started with bgpd, where we once had -s and -r options
in the daemon, but replaced them with a config option "socket path
NAME". This was supposed to be the model for other daemons as well,
but they either didn't adopt it or implemented the "old" -s option (it
remains in the *ctl, of course). AFAIK, I only have it in snmpd and
this would be a reference for relayd (except the agentx part in it).
Recently I saw somebody adding a -s to a newer daemon (I forgot which
one), but I forgot to cry out.
---snip---
Author: claudio
Date: Sun Jun 27 19:53:34 2010 +
Instead of specifying the control sockets on the command line have them
in bgpd.conf. This allows to add/modify restricted control sockets on
runtime.
Feature request by a few people how often forgot to add -r path when
restarting
bgpd (including myself).
NOTE: this removes the -s and -r arguments from bgpd so pay attention when
updateing.
jajaja sthen@, OK henning@
---snap---
> - relayd: -a anchorname; overcome the problem that one stopping relayd
> cleans
> out everything below 'relayd/*' or not having any seperation (includes) in
> first
> place
OK, setting the anchorname is fine. I have to look at the "cleaning" part.
> - relayd.conf: add 'rtable' as a tableopt; reasoning for "only" there:
> - route -T N exec will already put one into 'on rdomain N'
> - 'listen' already has an 'interface' option to bound to a specific rdomain
> (unless
> I am mistaken here on the kernel/addressing side
> - generally unsure if this has a real use case anyway
>
I do think that this has a use case and inter-rdomain is a feature
that was requested before (some people run it in bigger rdomain
setups).
Make sure that the rtable table option doesn't only alter the rules'
rtable, it should also be used for the health checks (check_*.c)
accordingly or you end up testing hosts in the wrong rdomain.
> Tests done:
> - running two relayd on different anchors, rdomains (via route exec) and so
> on,
> notable to me was the point of purging the main/final anchor in
> flush_rulesets.
>
> Caveats:
> - didnt write C/yacc in some years, so esp. string-handling could need some
> eyeballs
>
The parse.y part is small and looks fine.
But you should brush up your style(9) / KNF (at least in the anchor
part below) ;)
> Patch-white-space-drama; if the patches have mangled WS, there are also
> here:
> https://github.com/double-p/smtf/tree/master/patches
>
> Everybody coming, see you in Tokyo!
>
Bummer, I'm not there, it would be nice to meet you again.
Everyone: double-p was the first person who invited me into OpenBSD! \o/
> PS: iked lacks -s, ikectl doesnt... :)
Yes, I probably intended to put it in iked.conf as well ...
Reyk
> --
> pb
> Index: relayctl.8
> ===
> RCS file: /cvs/src/usr.sbin/relayctl/relayctl.8,v
> retrieving revision 1.32
> diff -u -p -r1.32 relayctl.8
> --- relayctl.828 Nov 2015 01:22:44 - 1.32
> +++ relayctl.828 Feb 2017 20:09:34 -
> @@ -23,6 +23,7 @@
> .Nd control the relay daemon
> .Sh SYNOPSIS
> .Nm
> +.Op Fl s Ar socket
> .Ar command
> .Op Ar argument ...
> .Sh DESCRIPTION
> @@ -32,6 +33,17 @@ program controls the
> .Xr relayd 8
> daemon.
> .Pp
> +The following options are available:
> +.Bl -tag -width Ds
> +.It Fl s Ar socket
> +Use
> +.Ar socket
> +instead of the default
> +.Pa /var/run/relayd.sock
> +to communicate with
> +.Xr relayd 8 .
> +.El
> +.Pp
> The following commands are available:
> .Bl -tag -width Ds
> .It Cm host disable Op Ar name | id
> @@ -105,6 +117,7 @@ again.
> .Sh FILES
> .Bl -tag -width "/var/run/relayd.sockXX" -compact
> .It Pa /var/run/relayd.sock
> +Default
> .Ux Ns -domain
> socket used for communication with
> .Xr relayd 8 .
> Index: relayctl.c
> ===
> RCS file: /cvs/src/usr.sbin/relayctl/relayctl.c,v
> retrieving revision 1.57
> diff -u -p -r1.57 relayctl.c
> --- relayctl.c3 Sep 2016 14:44:21 - 1.57
> +++ relayctl.c28 Feb 2017 20:09:34 -
> @@ -88,7 +88,8 @@ usage(void)
> {
> extern char *__progname;
>
> - fprintf(stderr, "usage: %s command [argument ...]\n", __progname);
> + fprintf(stderr, "usage: %s [-s socket] command [argument ...]\n",
> + __progname);
> exit(1);
> }
>
> @@ -101,9 +102,25 @@ main(int argc, char *argv[])
> int
