summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--etc/Makefile5
-rw-r--r--etc/changelist3
-rw-r--r--etc/ftpusers3
-rw-r--r--etc/group1
-rw-r--r--etc/hoststated.conf39
-rw-r--r--etc/mail/aliases3
-rw-r--r--etc/master.passwd1
-rw-r--r--etc/rc6
-rw-r--r--etc/rc.conf3
-rw-r--r--etc/relayd.conf39
-rw-r--r--usr.sbin/Makefile5
11 files changed, 99 insertions, 9 deletions
diff --git a/etc/Makefile b/etc/Makefile
index 43d284a01cf..03c99a8d25b 100644
--- a/etc/Makefile
+++ b/etc/Makefile
@@ -1,4 +1,4 @@
-# $OpenBSD: Makefile,v 1.245 2006/12/14 18:49:44 kettenis Exp $
+# $OpenBSD: Makefile,v 1.246 2007/01/31 08:32:16 pyr Exp $
TZDIR= /usr/share/zoneinfo
LOCALTIME= Canada/Mountain
@@ -81,6 +81,7 @@ distribution-etc-root-var: distrib-dirs
${INSTALL} -c -o root -g wheel -m 600 pf.conf ${DESTDIR}/etc
${INSTALL} -c -o root -g wheel -m 600 chio.conf ${DESTDIR}/etc
${INSTALL} -c -o root -g wheel -m 600 hostapd.conf ${DESTDIR}/etc
+ ${INSTALL} -c -o root -g wheel -m 600 hoststated.conf ${DESTDIR}/etc
${INSTALL} -c -o root -g wheel -m 600 ipsec.conf ${DESTDIR}/etc
${INSTALL} -c -o ${BINOWN} -g ${BINGRP} -m 555 \
etc.${MACHINE}/MAKEDEV ${DESTDIR}/dev
@@ -339,7 +340,7 @@ distrib:
DHSIZE=1024 1536 2048 3072 4096
update-moduli:
( \
- echo '# $$OpenBSD: Makefile,v 1.245 2006/12/14 18:49:44 kettenis Exp $$'; \
+ echo '# $$OpenBSD: Makefile,v 1.246 2007/01/31 08:32:16 pyr Exp $$'; \
echo '# Time Type Tests Tries Size Generator Modulus'; \
( for i in ${DHSIZE}; do \
ssh-keygen -b $$i -G /dev/stdout; \
diff --git a/etc/changelist b/etc/changelist
index 7a3f3562f86..bbb67ccbc32 100644
--- a/etc/changelist
+++ b/etc/changelist
@@ -1,4 +1,4 @@
-# $OpenBSD: changelist,v 1.49 2006/12/27 23:32:49 msf Exp $
+# $OpenBSD: changelist,v 1.50 2007/01/31 08:32:16 pyr Exp $
#
# List of files which the security script backs up and checks
# for modifications.
@@ -39,6 +39,7 @@
/etc/gettytab
/etc/group
/etc/hostapd.conf
+/etc/hoststated.conf
/etc/hosts
/etc/hosts.allow
/etc/hosts.deny
diff --git a/etc/ftpusers b/etc/ftpusers
index c069a263279..3fe61a9a575 100644
--- a/etc/ftpusers
+++ b/etc/ftpusers
@@ -1,4 +1,4 @@
-# $OpenBSD: ftpusers,v 1.29 2006/10/29 18:58:57 norby Exp $
+# $OpenBSD: ftpusers,v 1.30 2007/01/31 08:32:16 pyr Exp $
#
# list of users disallowed any ftp access.
# read by ftpd(8).
@@ -40,3 +40,4 @@ _ospfd
_hostapd
_dvmrpd
_ripd
+_hoststated
diff --git a/etc/group b/etc/group
index 7ff0d796fae..7a640eadb69 100644
--- a/etc/group
+++ b/etc/group
@@ -53,6 +53,7 @@ _ospfd:*:85:
_hostapd:*:86:
_dvmrpd:*:87:
_ripd:*:88:
+_hoststated:*:89:
dialer:*:117:
nogroup:*:32766:
nobody:*:32767:
diff --git a/etc/hoststated.conf b/etc/hoststated.conf
new file mode 100644
index 00000000000..800ce69e4ea
--- /dev/null
+++ b/etc/hoststated.conf
@@ -0,0 +1,39 @@
+# $OpenBSD: hoststated.conf,v 1.1 2007/01/31 08:32:16 pyr Exp $
+#
+# Macros
+#
+webhost1="10.0.0.1"
+webhost2="10.0.0.2"
+
+#
+# Global Options
+#
+# interval 10
+# timeout 200
+
+#
+# Each table will be mapped to a pf table.
+#
+table webhosts {
+ check http "/" code 200
+ host webhost1
+ host webhost2
+}
+
+table fallback {
+ check icmp
+ host 127.0.0.1
+}
+
+#
+# Services will be mapped to a rdr rule.
+#
+service www {
+ virtual ip www.example.com port http interface trunk0
+
+ # tag every packet that goes thru the rdr rule with HOSTSTATED
+ tag HOSTSTATED
+
+ table webhosts
+ backup table fallback
+}
diff --git a/etc/mail/aliases b/etc/mail/aliases
index 14bf547fff8..864101c5787 100644
--- a/etc/mail/aliases
+++ b/etc/mail/aliases
@@ -1,5 +1,5 @@
#
-# $OpenBSD: aliases,v 1.20 2006/10/29 18:58:57 norby Exp $
+# $OpenBSD: aliases,v 1.21 2007/01/31 08:32:16 pyr Exp $
#
# Aliases in this file will NOT be expanded in the header from
# Mail, but WILL be visible over networks or from /usr/libexec/mail.local.
@@ -28,6 +28,7 @@ _dvmrpd: /dev/null
_fingerd: /dev/null
_ftp: /dev/null
_hostapd: /dev/null
+_hoststated: /dev/null
_identd: /dev/null
_isakmpd: /dev/null
_kadmin: /dev/null
diff --git a/etc/master.passwd b/etc/master.passwd
index 9baa7dbbce4..89afebd5658 100644
--- a/etc/master.passwd
+++ b/etc/master.passwd
@@ -35,4 +35,5 @@ _ospfd:*:85:85::0:0:OSPF Daemon:/var/empty:/sbin/nologin
_hostapd:*:86:86::0:0:HostAP Daemon:/var/empty:/sbin/nologin
_dvmrpd:*:87:87::0:0:DVMRP Daemon:/var/empty:/sbin/nologin
_ripd:*:88:88::0:0:RIP Daemon:/var/empty:/sbin/nologin
+_hoststated:*:89:89::0:0:HostState Daemon:/var/empty:/sbin/nologin
nobody:*:32767:32767::0:0:Unprivileged user:/nonexistent:/sbin/nologin
diff --git a/etc/rc b/etc/rc
index 1e2b14f6dba..06f0463161d 100644
--- a/etc/rc
+++ b/etc/rc
@@ -1,4 +1,4 @@
-# $OpenBSD: rc,v 1.296 2007/01/06 12:00:06 matthieu Exp $
+# $OpenBSD: rc,v 1.297 2007/01/31 08:32:16 pyr Exp $
# System startup script run by init on autoboot
# or after single-user.
@@ -583,6 +583,10 @@ if [ X"${ifstated_flags}" != X"NO" ]; then
echo -n ' ifstated'; ifstated $ifstated_flags
fi
+if [ X"${hoststated_flags}" != X"NO" ]; then
+ echo -n ' hoststated'; /usr/sbin/hoststated $hoststated_flags
+fi
+
if [ X"${dhcpd_flags}" != X"NO" -a -f /etc/dhcpd.conf ]; then
touch /var/db/dhcpd.leases
if [ -f /etc/dhcpd.interfaces ]; then
diff --git a/etc/rc.conf b/etc/rc.conf
index ef6f715641f..a07a34a6f56 100644
--- a/etc/rc.conf
+++ b/etc/rc.conf
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $OpenBSD: rc.conf,v 1.119 2007/01/06 12:00:06 matthieu Exp $
+# $OpenBSD: rc.conf,v 1.120 2007/01/31 08:32:16 pyr Exp $
# set these to "NO" to turn them off. otherwise, they're used as flags
routed_flags=NO # for normal use: "-q"
@@ -38,6 +38,7 @@ watchdogd_flags=NO # for normal use: ""
ftpproxy_flags=NO # for normal use: ""
hostapd_flags=NO # for normal use: ""
ifstated_flags=NO # for normal use: ""
+hoststated_flags=NO # for normal use: ""
# use -u to disable chroot, see httpd(8)
httpd_flags=NO # for normal use: "" (or "-DSSL" after reading ssl(8))
diff --git a/etc/relayd.conf b/etc/relayd.conf
new file mode 100644
index 00000000000..99193237233
--- /dev/null
+++ b/etc/relayd.conf
@@ -0,0 +1,39 @@
+# $OpenBSD: relayd.conf,v 1.1 2007/01/31 08:32:16 pyr Exp $
+#
+# Macros
+#
+webhost1="10.0.0.1"
+webhost2="10.0.0.2"
+
+#
+# Global Options
+#
+# interval 10
+# timeout 200
+
+#
+# Each table will be mapped to a pf table.
+#
+table webhosts {
+ check http "/" code 200
+ host webhost1
+ host webhost2
+}
+
+table fallback {
+ check icmp
+ host 127.0.0.1
+}
+
+#
+# Services will be mapped to a rdr rule.
+#
+service www {
+ virtual ip www.example.com port http interface trunk0
+
+ # tag every packet that goes thru the rdr rule with HOSTSTATED
+ tag HOSTSTATED
+
+ table webhosts
+ backup table fallback
+}
diff --git a/usr.sbin/Makefile b/usr.sbin/Makefile
index e5f46ae5f6c..2ca865d5a2b 100644
--- a/usr.sbin/Makefile
+++ b/usr.sbin/Makefile
@@ -1,11 +1,12 @@
-# $OpenBSD: Makefile,v 1.132 2006/12/18 19:07:44 deraadt Exp $
+# $OpenBSD: Makefile,v 1.133 2007/01/31 08:32:16 pyr Exp $
.include <bsd.own.mk>
SUBDIR= ac accton acpidump adduser amd apm apmd arp authpf \
bgpctl bgpd bind chroot config cron dev_mkdb dhcpd dhcrelay \
dvmrpctl dvmrpd \
- edquota eeprom fdformat ftp-proxy gpioctl hostapd hotplugd httpd \
+ edquota eeprom fdformat ftp-proxy gpioctl hostapd \
+ hoststatectl hoststated hotplugd httpd \
ifstated inetd iostat kgmon kvm_mkdb lpr mailwrapper map-mbone \
memconfig mopd mrinfo mrouted mtrace mtree netgroup_mkdb ntpd \
openssl ospfctl ospfd pkg_add popa3d portmap ppp pppd pppoe procmap \