summaryrefslogtreecommitdiff
path: root/usr.sbin
diff options
context:
space:
mode:
authorReyk Floeter <reyk@cvs.openbsd.org>2011-04-12 12:37:23 +0000
committerReyk Floeter <reyk@cvs.openbsd.org>2011-04-12 12:37:23 +0000
commit7e34b8858905860813099bc43242445b9f7b9254 (patch)
tree945781f50161eb71ed91dd4cd0fbb6d8711e4322 /usr.sbin
parenta17985a64e402cbcd2a30570eab2d6e2b6919e67 (diff)
update flags and printing of flags in debug mode, handle splicing flag.
Diffstat (limited to 'usr.sbin')
-rw-r--r--usr.sbin/relayd/log.c38
-rw-r--r--usr.sbin/relayd/parse.y7
-rw-r--r--usr.sbin/relayd/relay.c15
-rw-r--r--usr.sbin/relayd/relayd.conf.510
-rw-r--r--usr.sbin/relayd/relayd.h19
5 files changed, 80 insertions, 9 deletions
diff --git a/usr.sbin/relayd/log.c b/usr.sbin/relayd/log.c
index 4da021fb0fa..e9cf0019cfc 100644
--- a/usr.sbin/relayd/log.c
+++ b/usr.sbin/relayd/log.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: log.c,v 1.16 2010/11/30 14:38:45 reyk Exp $ */
+/* $OpenBSD: log.c,v 1.17 2011/04/12 12:37:22 reyk Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
@@ -35,6 +35,7 @@
#include <syslog.h>
#include <event.h>
#include <netdb.h>
+#include <ctype.h>
#include <openssl/ssl.h>
@@ -417,3 +418,38 @@ print_httperror(u_int code)
return (httperr[i].ht_err);
return ("Unknown Error");
}
+
+const char *
+printb_flags(const u_int32_t v, const char *bits)
+{
+ static char buf[2][BUFSIZ];
+ static int idx = 0;
+ int i, any = 0;
+ char c, *p, *r;
+
+ p = r = buf[++idx % 2];
+ bzero(p, BUFSIZ);
+
+ if (bits) {
+ bits++;
+ while ((i = *bits++)) {
+ if (v & (1 << (i - 1))) {
+ if (any) {
+ *p++ = ',';
+ *p++ = ' ';
+ }
+ any = 1;
+ for (; (c = *bits) > 32; bits++) {
+ if (c == '_')
+ *p++ = ' ';
+ else
+ *p++ = tolower(c);
+ }
+ } else
+ for (; *bits > 32; bits++)
+ ;
+ }
+ }
+
+ return (r);
+}
diff --git a/usr.sbin/relayd/parse.y b/usr.sbin/relayd/parse.y
index f41bd721ab3..3c79f2a4ff7 100644
--- a/usr.sbin/relayd/parse.y
+++ b/usr.sbin/relayd/parse.y
@@ -1,4 +1,4 @@
-/* $OpenBSD: parse.y,v 1.150 2011/04/07 13:22:29 reyk Exp $ */
+/* $OpenBSD: parse.y,v 1.151 2011/04/12 12:37:22 reyk Exp $ */
/*
* Copyright (c) 2007, 2008 Reyk Floeter <reyk@openbsd.org>
@@ -147,7 +147,7 @@ typedef struct {
%token LOADBALANCE LOG LOOKUP MARK MARKED MODE NAT NO DESTINATION
%token NODELAY NOTHING ON PARENT PATH PORT PREFORK PROTO
%token QUERYSTR REAL REDIRECT RELAY REMOVE REQUEST RESPONSE RETRY
-%token RETURN ROUNDROBIN ROUTE SACK SCRIPT SEND SESSION SOCKET
+%token RETURN ROUNDROBIN ROUTE SACK SCRIPT SEND SESSION SOCKET SPLICE
%token SSL STICKYADDR STYLE TABLE TAG TCP TIMEOUT TO ROUTER RTLABEL
%token TRANSPARENT TRAP UPDATES URL VIRTUAL WITH TTL RTABLE MATCH
%token <v.string> STRING
@@ -875,6 +875,8 @@ tcpflags : SACK { proto->tcpflags |= TCPFLAG_SACK; }
| NO SACK { proto->tcpflags |= TCPFLAG_NSACK; }
| NODELAY { proto->tcpflags |= TCPFLAG_NODELAY; }
| NO NODELAY { proto->tcpflags |= TCPFLAG_NNODELAY; }
+ | SPLICE { /* default */ }
+ | NO SPLICE { proto->tcpflags |= TCPFLAG_NSPLICE; }
| BACKLOG NUMBER {
if ($2 < 0 || $2 > RELAY_MAX_SESSIONS) {
yyerror("invalid backlog: %d", $2);
@@ -1785,6 +1787,7 @@ lookup(char *s)
{ "send", SEND },
{ "session", SESSION },
{ "socket", SOCKET },
+ { "splice", SPLICE },
{ "ssl", SSL },
{ "sticky-address", STICKYADDR },
{ "style", STYLE },
diff --git a/usr.sbin/relayd/relay.c b/usr.sbin/relayd/relay.c
index c297e0473f9..b1886f49045 100644
--- a/usr.sbin/relayd/relay.c
+++ b/usr.sbin/relayd/relay.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: relay.c,v 1.132 2011/04/12 11:45:18 bluhm Exp $ */
+/* $OpenBSD: relay.c,v 1.133 2011/04/12 12:37:22 reyk Exp $ */
/*
* Copyright (c) 2006, 2007, 2008 Reyk Floeter <reyk@openbsd.org>
@@ -372,7 +372,15 @@ relay_protodebug(struct relay *rlay)
int i;
fprintf(stderr, "protocol %d: name %s\n", proto->id, proto->name);
- fprintf(stderr, "\tflags: 0x%04x\n", proto->flags);
+ fprintf(stderr, "\tflags: %s, relay flags: %s\n",
+ printb_flags(proto->flags, F_BITS),
+ printb_flags(rlay->rl_conf.flags, F_BITS));
+ if (proto->tcpflags)
+ fprintf(stderr, "\ttcp flags: %s\n",
+ printb_flags(proto->tcpflags, TCPFLAG_BITS));
+ if ((rlay->rl_conf.flags & (F_SSL|F_SSLCLIENT)) && proto->sslflags)
+ fprintf(stderr, "\tssl flags: %s\n",
+ printb_flags(proto->sslflags, SSLFLAG_BITS));
if (proto->cache != -1)
fprintf(stderr, "\tssl session cache: %d\n", proto->cache);
fprintf(stderr, "\ttype: ");
@@ -802,7 +810,8 @@ relay_connected(int fd, short sig, void *arg)
}
break;
case RELAY_PROTO_TCP:
- if (rlay->rl_conf.flags & (F_SSL|F_SSLCLIENT))
+ if ((proto->tcpflags & TCPFLAG_NSPLICE) ||
+ (rlay->rl_conf.flags & (F_SSL|F_SSLCLIENT)))
break;
if (setsockopt(con->se_in.s, SOL_SOCKET, SO_SPLICE,
&con->se_out.s, sizeof(int)) == -1) {
diff --git a/usr.sbin/relayd/relayd.conf.5 b/usr.sbin/relayd/relayd.conf.5
index d23ad1e2015..06521e22de9 100644
--- a/usr.sbin/relayd/relayd.conf.5
+++ b/usr.sbin/relayd/relayd.conf.5
@@ -1,4 +1,4 @@
-.\" $OpenBSD: relayd.conf.5,v 1.118 2011/04/07 14:57:45 jmc Exp $
+.\" $OpenBSD: relayd.conf.5,v 1.119 2011/04/12 12:37:22 reyk Exp $
.\"
.\" Copyright (c) 2006, 2007 Reyk Floeter <reyk@openbsd.org>
.\" Copyright (c) 2006, 2007 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -15,7 +15,7 @@
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
-.Dd $Mdocdate: April 7 2011 $
+.Dd $Mdocdate: April 12 2011 $
.Dt RELAYD.CONF 5
.Os
.Sh NAME
@@ -1062,6 +1062,12 @@ Use selective acknowledgements for this connection.
Set the socket-level buffer size for input and output for this
connection.
This will affect the TCP window size.
+.It Xo
+.Op Ic no
+.Ic splice
+.Xc
+Use socket splicing for zero-copy data transfer.
+This option is enabled by default.
.El
.El
.Sh ROUTERS
diff --git a/usr.sbin/relayd/relayd.h b/usr.sbin/relayd/relayd.h
index fb9b8f629d5..cd6b484884c 100644
--- a/usr.sbin/relayd/relayd.h
+++ b/usr.sbin/relayd/relayd.h
@@ -1,4 +1,4 @@
-/* $OpenBSD: relayd.h,v 1.142 2011/04/12 11:45:18 bluhm Exp $ */
+/* $OpenBSD: relayd.h,v 1.143 2011/04/12 12:37:22 reyk Exp $ */
/*
* Copyright (c) 2006, 2007 Pierre-Yves Ritschard <pyr@openbsd.org>
@@ -252,6 +252,13 @@ TAILQ_HEAD(addresslist, address);
#define F_MATCH 0x00800000
#define F_DIVERT 0x01000000
+#define F_BITS \
+ "\10\01DISABLE\02BACKUP\03USED\04DOWN\05ADD\06DEL\07CHANGED" \
+ "\10STICKY-ADDRESS\11CHECK_DONE\12ACTIVE_RULESET\13CHECK_SENT" \
+ "\14SSL\15NAT_LOOKUP\16DEMOTE\17LOOKUP_PATH\20DEMOTED\21UDP" \
+ "\22RETURN\23TRAP\24NEEDPF\25PORT\26SSL_CLIENT\27NEEDRT" \
+ "\30MATCH\31DIVERT"
+
enum forwardmode {
FWD_NORMAL = 0,
FWD_ROUTE,
@@ -490,14 +497,22 @@ enum prototype {
#define TCPFLAG_BUFSIZ 0x10
#define TCPFLAG_IPTTL 0x20
#define TCPFLAG_IPMINTTL 0x40
+#define TCPFLAG_NSPLICE 0x80
#define TCPFLAG_DEFAULT 0x00
+#define TCPFLAG_BITS \
+ "\10\01NODELAY\02NO_NODELAY\03SACK\04NO_SACK" \
+ "\05SOCKET_BUFFER_SIZE\06IP_TTL\07IP_MINTTL\10NO_SPLICE"
+
#define SSLFLAG_SSLV2 0x01
#define SSLFLAG_SSLV3 0x02
#define SSLFLAG_TLSV1 0x04
#define SSLFLAG_VERSION 0x07
#define SSLFLAG_DEFAULT (SSLFLAG_SSLV3|SSLFLAG_TLSV1)
+#define SSLFLAG_BITS \
+ "\10\01sslv2\02sslv3\03tlsv1\04version"
+
#define SSLCIPHERS_DEFAULT "HIGH:!ADH"
struct protocol {
@@ -806,6 +821,8 @@ const char *print_availability(u_long, u_long);
const char *print_host(struct sockaddr_storage *, char *, size_t);
const char *print_time(struct timeval *, struct timeval *, char *, size_t);
const char *print_httperror(u_int);
+const char *printb_flags(const u_int32_t, const char *);
+
/* pfe.c */
pid_t pfe(struct relayd *, int [2], int [2], int [RELAY_MAXPROC][2],