Hi,
I'm experiencing something very peculiar with relayd. I have relayd
for quite sometime in production and I'm observing on a long term that
relayd starts to trunk http responses and I don't seem to know why.
When I restart relayd everything starts working again. Can anyone
point to me a direction to where I can start looking to debug this
issue, eventually resolve it ?
Here is my relayd.conf
relayd_addr="192.168.172.77"
https_port="443"
http_port="80"
table <web_hosts> { 192.168.223.58 }
interval 10
timeout 1000
prefork 5
log all
http protocol "httpssl" {
ssl { sslv3, tlsv1, ciphers "MEDIUM:!ADH", no sslv2 }
header append "$REMOTE_ADDR" to "X-Forwarded-For"
}
http protocol "httpsimple" {
header append "$REMOTE_ADDR" to "X-Forwarded-For"
}
relay https-proxy {
listen on $relayd_addr port $https_port ssl
protocol httpssl
forward to <web_hosts> port $http_port mode loadbalance check
http "/" code 200
}
relay http-proxy {
listen on $relayd_addr port $http_port
protocol httpsimple
forward to <web_hosts> port $http_port mode loadbalance check
http "/" code 200
}
Here is my pf.conf:
ext_if = "vic0"
int_if = "vic1"
ext_ip = "192.168.172.77"
ftp_ip = "192.168.223.58"
nat-anchor "ftp-proxy/*"
nat on $ext_if inet from $int_if -> ($ext_if)
rdr-anchor "relayd/*"
rdr-anchor "ftp-proxy/*"
pass in on $ext_if inet proto tcp to $ext_ip port 21 flags S/SA keep state
pass out on $int_if inet proto tcp to $ftp_ip port 21 user proxy flags
S/SA keep state
pass in log (all, to pflog1) on $ext_if inet proto tcp to $ext_if port
21 keep state
anchor "relayd/*"
anchor "ftp-proxy/*"
UM
