| Age | Commit message (Collapse) | Author |
|---|
|
arbitrary string in debugging mode, it will store an error code
(HCE_*) for each host. the error code can be translated to a string
(in log.c) for debugging but it will also be passed to relayctl via
the control socket.
from a user point of view, this will print a human-readable error
message in the "relayctl show hosts" output if a host is down because
the check failed. the relayctl(8) manpage includes detailed
explanations of the error messages including mitigations for the
most-common problems.
ok jmc@ (manpages)
ok phessler@
|
|
|
|
inet_pton/inet_ntop to allow specifing and printing the IPv6 scope
identifier. synced host_v6() with ntpd's version to use getaddrinfo()
instead of inet_pton() - host_v4, host_v6, and host_dns could all use
getaddrinfo in a single function by specifing different flags but this
would diverge from the other daemons using this common interface so we
keep this little overhead.
discussed with henning@
ok pyr@
|
|
what the daemon does - it is a relayer that pays attention to the status
of pools of hosts; not a status checkers that happens to do some relaying
|
|
|
|
meaningful message if a HTTP/HTTPS relay closes the connection for
some reason. for example, a "403 Forbidden" if the request was
rejected by a filter. this will be enabled with the "return error"
option and is disabled by default, the standard behaviour is to
silently drop the connection; the browser may display an empty page in
this case. the look+feel of the HTTP error page can be customized with
a CSS style sheet, but we do not intend to allow customization of the
error page contents (hoststated is not a webserver!).
ok pyr@
|
|
annoying debugging messages on the console by default. since we do
not want to see debugging messages unless specified by the "-d" flag,
add an extra debugging level "debug > 1" to be checked in log_debug().
|
|
|
|
|
|
for custom evaluations.
pyr agrees to put it in now but to do some improvements of the timeout
handling later.
|
|
loadbalancing, SSL acceleration, general-purpose TCP relaying, and
transparent proxying.
see hoststated.conf(5) and my upcoming article on undeadly.org for
details.
ok to commit deraadt@ pyr@
|
|
notifications after completed host checks. either only log the
"updates" to new states or log "all" state notifications, even if the
state didn't change. the log messages will be reported to syslog or to
stderr if the daemon is running in foreground mode.
ok claudio@ pyr@
|
|
|
|
remote hosts and dynamically alter pf(4) tables and redirection rules
for active server load balancing. The daemon has been written by
Pierre-Yves Ritschard (pyr at spootnik.org) and was formerly known as
"slbd".
The daemon is fully functional but it still needs some work and
cleanup so we don't link it to the build yet. Some TODOs are a
partial rewrite of the check_* routines (use libevent whenever we
can), improvement of the manpages, and general knf and cleanup.
ok deraadt@ claudio@
|
