Hi,
the following diff adds support for source-hash and random modes to
relayd's redirections. It depends on the latest pf change.
Example:
---snip---
redirect foo {
listen on 0.0.0.0 port 8080
forward to <foo> check tcp port 80 mode source-hash
# forward to <foo> check tcp port 80 mode source-hash "my-fixed-key"
}
---snap---
Reyk
Index: usr.sbin/relayd/parse.y
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/parse.y,v
retrieving revision 1.197
diff -u -p -u -p -r1.197 parse.y
--- usr.sbin/relayd/parse.y 18 Dec 2014 20:55:01 -0000 1.197
+++ usr.sbin/relayd/parse.y 19 Dec 2014 13:45:45 -0000
@@ -493,6 +493,9 @@ rdropts_l : rdropts_l rdroptsl nl
rdroptsl : forwardmode TO tablespec interface {
if (hashkey != NULL) {
+ memcpy(&rdr->conf.key,
+ hashkey, sizeof(rdr->conf.key));
+ rdr->conf.flags |= F_HASHKEY;
free(hashkey);
hashkey = NULL;
}
@@ -776,15 +779,15 @@ tableopts : CHECK tablecheck
switch ($2) {
case RELAY_DSTMODE_LOADBALANCE:
case RELAY_DSTMODE_HASH:
- case RELAY_DSTMODE_RANDOM:
- case RELAY_DSTMODE_SRCHASH:
if (rdr != NULL) {
yyerror("mode not supported "
"for redirections");
YYERROR;
}
/* FALLTHROUGH */
+ case RELAY_DSTMODE_RANDOM:
case RELAY_DSTMODE_ROUNDROBIN:
+ case RELAY_DSTMODE_SRCHASH:
dstmode = $2;
break;
case RELAY_DSTMODE_LEASTSTATES:
Index: usr.sbin/relayd/pfe_filter.c
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/pfe_filter.c,v
retrieving revision 1.53
diff -u -p -u -p -r1.53 pfe_filter.c
--- usr.sbin/relayd/pfe_filter.c 27 Apr 2013 16:39:30 -0000 1.53
+++ usr.sbin/relayd/pfe_filter.c 19 Dec 2014 13:45:45 -0000
@@ -485,9 +485,15 @@ sync_ruleset(struct relayd *env, struct
}
switch (rdr->conf.mode) {
+ case RELAY_DSTMODE_RANDOM:
+ rio.rule.rdr.opts = PF_POOL_RANDOM;
+ break;
case RELAY_DSTMODE_ROUNDROBIN:
rio.rule.rdr.opts = PF_POOL_ROUNDROBIN;
break;
+ case RELAY_DSTMODE_SRCHASH:
+ rio.rule.rdr.opts = PF_POOL_SRCHASH;
+ break;
case RELAY_DSTMODE_LEASTSTATES:
rio.rule.rdr.opts = PF_POOL_LEASTSTATES;
break;
@@ -497,6 +503,9 @@ sync_ruleset(struct relayd *env, struct
}
if (rdr->conf.flags & F_STICKY)
rio.rule.rdr.opts |= PF_POOL_STICKYADDR;
+ if (rdr->conf.flags & F_HASHKEY)
+ memcpy(rio.rule.rdr.key.key32, rdr->conf.key.data,
+ sizeof(rio.rule.rdr.key.key32));
if (rio.rule.rt == PF_ROUTETO) {
memcpy(&rio.rule.route, &rio.rule.rdr,
Index: usr.sbin/relayd/relayd.conf.5
===================================================================
RCS file: /cvs/src/usr.sbin/relayd/relayd.conf.5,v
retrieving revision 1.155
diff -u -p -u -p -r1.155 relayd.conf.5
--- usr.sbin/relayd/relayd.conf.5 18 Dec 2014 21:26:09 -0000 1.155
+++ usr.sbin/relayd/relayd.conf.5 19 Dec 2014 13:45:45 -0000
@@ -413,7 +413,7 @@ the source IP address of the client, and
This mode is only supported by relays.
.It Ic mode random
Distributes the outgoing connections randomly through all active hosts.
-This mode is only supported by relays.
+This mode is supported by redirections and relays.
.It Ic mode roundrobin
Distributes the outgoing connections using a round-robin scheduler
through all active hosts.
@@ -423,7 +423,7 @@ This mode is supported by redirections a
Balances the outgoing connections across the active hosts based on the
.Ar key
and the source IP address of the client.
-This mode is only supported by relays.
+This mode is supported by redirections and relays.
.El
.Pp
The optional
