diff options
| author | Reyk Floeter <reyk@cvs.openbsd.org> | 2007-11-21 20:24:29 +0000 |
|---|---|---|
| committer | Reyk Floeter <reyk@cvs.openbsd.org> | 2007-11-21 20:24:29 +0000 |
| commit | 87b816799b817d1ee87d68c2650e2f9ba477f88b (patch) | |
| tree | 6fe8153d0a0c156a23d0ed77a6334393a38d0868 | |
| parent | 4f6f111953d49f763adfc382ca85d496fa69bf61 (diff) | |
extend action grammar with "filter value" and "expect value" as a
short form for "filter * from value" or "expect * from value".
| -rw-r--r-- | usr.sbin/hoststated/hoststated.conf.5 | 34 | ||||
| -rw-r--r-- | usr.sbin/hoststated/parse.y | 20 | ||||
| -rw-r--r-- | usr.sbin/relayd/parse.y | 20 | ||||
| -rw-r--r-- | usr.sbin/relayd/relayd.conf.5 | 34 |
4 files changed, 98 insertions, 10 deletions
diff --git a/usr.sbin/hoststated/hoststated.conf.5 b/usr.sbin/hoststated/hoststated.conf.5 index 16e1f08327f..bda91f7e68d 100644 --- a/usr.sbin/hoststated/hoststated.conf.5 +++ b/usr.sbin/hoststated/hoststated.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: hoststated.conf.5,v 1.61 2007/11/21 14:25:44 jmc Exp $ +.\" $OpenBSD: hoststated.conf.5,v 1.62 2007/11/21 20:24:28 reyk Exp $ .\" .\" Copyright (c) 2006, 2007 Reyk Floeter <reyk@openbsd.org> .\" Copyright (c) 2006, 2007 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -595,14 +595,40 @@ set to .It Ic remove Ar key Remove the entity with the selected name. .It Ic expect Ar value Ic from Ar key -Expect an entity with the specified value. +Expect an entity +.Ar key +and match against +.Ar value +using shell globbing rules. If the entity is not present or the value doesn't match, the connection will be dropped. +.It Xo +.Ic expect +.Ar key +.Xc +Expect an entity +.Ar key +with any possible value. +This is the short form of +.Ic expect Ar * Ic from Ar key . .It Ic filter Ar value Ic from Ar key Like the +.Ic expect Ar .. Ic from +directive above, but drop any connections with the specified entity +.Ar key +and a matching +.Ar value . +.It Xo +.Ic filter +.Ar key +.Xc +Like the .Ic expect directive above, but drop any connections with the specified entity -and value. +.Ar key +and any possible value. +This is the short form of +.Ic filter Ar * Ic from Ar key . .It Ic hash Ar key Feed the value of the selected entity into the load balancing hash to select the target host. @@ -807,7 +833,7 @@ protocol http_ssl { header append "$REMOTE_ADDR" to "X-Forwarded-For" header append "$SERVER_ADDR:$SERVER_PORT" to "X-Forwarded-By" header change "Keep-Alive" to "$TIMEOUT" - url hash "sessid" + query hash "sessid" cookie hash "sessid" path filter "*command=*" from "/cgi-bin/index.cgi" diff --git a/usr.sbin/hoststated/parse.y b/usr.sbin/hoststated/parse.y index c3233753fd7..9f14563acb3 100644 --- a/usr.sbin/hoststated/parse.y +++ b/usr.sbin/hoststated/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.90 2007/11/21 20:13:20 reyk Exp $ */ +/* $OpenBSD: parse.y,v 1.91 2007/11/21 20:24:28 reyk Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -896,6 +896,15 @@ protonode : nodetype APPEND STRING TO STRING marked { free($3); proto->lateconnect++; } + | nodetype EXPECT STRING mark { + node.action = NODE_ACTION_EXPECT; + node.key = strdup($3); + node.value = strdup("*"); + if (node.key == NULL || node.value == NULL) + fatal("out of memory"); + free($3); + proto->lateconnect++; + } | nodetype FILTER STRING FROM STRING mark { node.action = NODE_ACTION_FILTER; node.key = strdup($5); @@ -906,6 +915,15 @@ protonode : nodetype APPEND STRING TO STRING marked { free($3); proto->lateconnect++; } + | nodetype FILTER STRING mark { + node.action = NODE_ACTION_FILTER; + node.key = strdup($3); + node.value = strdup("*"); + if (node.key == NULL || node.value == NULL) + fatal("out of memory"); + free($3); + proto->lateconnect++; + } | nodetype HASH STRING marked { node.action = NODE_ACTION_HASH; node.key = strdup($3); diff --git a/usr.sbin/relayd/parse.y b/usr.sbin/relayd/parse.y index c3233753fd7..9f14563acb3 100644 --- a/usr.sbin/relayd/parse.y +++ b/usr.sbin/relayd/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.90 2007/11/21 20:13:20 reyk Exp $ */ +/* $OpenBSD: parse.y,v 1.91 2007/11/21 20:24:28 reyk Exp $ */ /* * Copyright (c) 2006 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -896,6 +896,15 @@ protonode : nodetype APPEND STRING TO STRING marked { free($3); proto->lateconnect++; } + | nodetype EXPECT STRING mark { + node.action = NODE_ACTION_EXPECT; + node.key = strdup($3); + node.value = strdup("*"); + if (node.key == NULL || node.value == NULL) + fatal("out of memory"); + free($3); + proto->lateconnect++; + } | nodetype FILTER STRING FROM STRING mark { node.action = NODE_ACTION_FILTER; node.key = strdup($5); @@ -906,6 +915,15 @@ protonode : nodetype APPEND STRING TO STRING marked { free($3); proto->lateconnect++; } + | nodetype FILTER STRING mark { + node.action = NODE_ACTION_FILTER; + node.key = strdup($3); + node.value = strdup("*"); + if (node.key == NULL || node.value == NULL) + fatal("out of memory"); + free($3); + proto->lateconnect++; + } | nodetype HASH STRING marked { node.action = NODE_ACTION_HASH; node.key = strdup($3); diff --git a/usr.sbin/relayd/relayd.conf.5 b/usr.sbin/relayd/relayd.conf.5 index b274f8542c3..844e92c0fd9 100644 --- a/usr.sbin/relayd/relayd.conf.5 +++ b/usr.sbin/relayd/relayd.conf.5 @@ -1,4 +1,4 @@ -.\" $OpenBSD: relayd.conf.5,v 1.61 2007/11/21 14:25:44 jmc Exp $ +.\" $OpenBSD: relayd.conf.5,v 1.62 2007/11/21 20:24:28 reyk Exp $ .\" .\" Copyright (c) 2006, 2007 Reyk Floeter <reyk@openbsd.org> .\" Copyright (c) 2006, 2007 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -595,14 +595,40 @@ set to .It Ic remove Ar key Remove the entity with the selected name. .It Ic expect Ar value Ic from Ar key -Expect an entity with the specified value. +Expect an entity +.Ar key +and match against +.Ar value +using shell globbing rules. If the entity is not present or the value doesn't match, the connection will be dropped. +.It Xo +.Ic expect +.Ar key +.Xc +Expect an entity +.Ar key +with any possible value. +This is the short form of +.Ic expect Ar * Ic from Ar key . .It Ic filter Ar value Ic from Ar key Like the +.Ic expect Ar .. Ic from +directive above, but drop any connections with the specified entity +.Ar key +and a matching +.Ar value . +.It Xo +.Ic filter +.Ar key +.Xc +Like the .Ic expect directive above, but drop any connections with the specified entity -and value. +.Ar key +and any possible value. +This is the short form of +.Ic filter Ar * Ic from Ar key . .It Ic hash Ar key Feed the value of the selected entity into the load balancing hash to select the target host. @@ -807,7 +833,7 @@ protocol http_ssl { header append "$REMOTE_ADDR" to "X-Forwarded-For" header append "$SERVER_ADDR:$SERVER_PORT" to "X-Forwarded-By" header change "Keep-Alive" to "$TIMEOUT" - url hash "sessid" + query hash "sessid" cookie hash "sessid" path filter "*command=*" from "/cgi-bin/index.cgi" |