summaryrefslogtreecommitdiffstats
path: root/usr.sbin/hoststated (follow)
Commit message (Collapse)AuthorAgeFilesLines
* hoststated/hoststatectl get repository copied (and de-tagged) intoderaadt2007-12-0722-13315/+0
| | | | | | | relayd/relayctl. This is a more suitable place for a daemon that has grown out of it's initial roots of "monitoring and redirecting services at various layers", into one that is "a full featured proxy, which happens to know what is up/down"
* fix fd/ssl leak in hoststated ssl checksreyk2007-12-051-1/+2
| | | | From Przemyslaw Frasunek, closes PR 5671
* bump the current file descriptor resource limit (openfiles-cur) to thereyk2007-11-281-1/+15
| | | | | | | | | | maximum number of file descriptors for this login class (openfiles-max) of the relay child processes. this will allow 1024 instead of just 128 open file descriptors in the default configuration (class daemon), use the openfiles-max capability and the sysctl kern.maxfiles to adjust the value. ok gilles@ pyr@
* typosreyk2007-11-281-3/+3
|
* unref the label when free'ing a protocol nodereyk2007-11-281-1/+3
|
* allow to add labels to protocol actions, they will be printed in httpreyk2007-11-266-31/+253
| | | | | | error pages and can be used to refer to additional information. ok pyr@
* "canonicalized hostname" instead of just "hostname" for the url actionreyk2007-11-251-3/+4
|
* in addition to IPv4/6 addresses, canonicalize the hostname for "url",reyk2007-11-251-5/+39
| | | | | | | for example ".www...Example.com." will be translated to "www.example.com". ok gilles@
* new sentence, new line;jmc2007-11-241-2/+3
|
* tweak for hostnames without dots (like "localhost")reyk2007-11-241-1/+3
|
* sort includes, adjust to style(9)reyk2007-11-2417-53/+53
|
* extend the url lookup algorithm to match the full URL and differentreyk2007-11-244-20/+146
| | | | | | | possible suffix/prefix combinations by stripping subdomains, path components, and the query args. ok and tested by gilles@
* fix goto to jump to the right placereyk2007-11-241-2/+2
|
* - use either "host name" or "hostname", i decided to use "hostname" everywherereyk2007-11-231-5/+5
| | | | | | - a URL instead of an URL (a "you-are-el") suggested by jmc@
* re-implement the "mark" action and document it in the manpage:reyk2007-11-234-43/+108
| | | | | | | | | it is possible to attach a mark to a session based on matching an entity (header, url, cookie, ...) and add conditional action for this mark. it works a bit like the tag/tagged keywords in pf, but i decided to pick a different name to avoid confusion. ok pyr@ gilles@
* add cvs idsthen2007-11-231-0/+2
| | | | ok pyr@
* fix typosthen2007-11-231-2/+2
| | | | ok pyr@
* shuffle some structure elements; avoid using enums in *_config structs.reyk2007-11-221-3/+3
|
* Fix relay roundrobin mode to work correctly when multiple hosts in areyk2007-11-222-3/+7
| | | | | | | table are down. Thanks to Preston Norvell at serialssolutions dot com for reporting the problem.
* add (new) "url" protocol action, this can be used to match/filter URLreyk2007-11-224-10/+162
| | | | | | suffix/prefix expressions like "example.com/index.html?args". a digest mode allows to match against anonymized SHA1/MD5 digests of suffix/prefix expressions.
* move HTTP cookie and query lookup code from the into separate functionsreyk2007-11-211-93/+120
| | | | (the if () else if () block was getting very big).
* spacingreyk2007-11-212-9/+9
|
* extend action grammar with "filter value" and "expect value" as areyk2007-11-212-5/+49
| | | | short form for "filter * from value" or "expect * from value".
* move digest string handling into an extra function.reyk2007-11-214-34/+56
|
* fix the tree comparison function. it turned out that it could failreyk2007-11-211-3/+6
| | | | with large trees of protocol actions.
* tweak previous;jmc2007-11-211-4/+4
|
* rename the "url" filter action to "query" to use the correct term.reyk2007-11-214-20/+36
| | | | | | | please update your hoststated.conf configurations. also add more examples to the manpage. alright pyr@
* allow the http digest type to be either SHA1 or MD5 determined by thereyk2007-11-214-12/+39
| | | | | | | digest string length; it is compatible to any existing SHA1-only configurations. ok pyr@ gilles@
* more work on the "filter" action: close the connection instantly whenreyk2007-11-211-4/+15
| | | | receiving a filtered entity, fix some remaining issues.
* document the fact that port can be specified in table statements insidepyr2007-11-211-3/+7
| | | | | service sections. ok reyk@
* make sure all hosts are checked when hoststatectl poll is issued, nowpyr2007-11-211-1/+3
| | | | | that check interval can differ from table to table. ok reyk@
* tweak previous;jmc2007-11-201-2/+2
|
* limit the number of displayed lines per node in relay_protodebug().reyk2007-11-201-2/+12
|
* allow to use the "include" directive in tables, services, relays, andreyk2007-11-201-1/+5
| | | | | | protocols. ok pyr@
* it may be desirable to send a HTTP error page with error code and areyk2007-11-206-20/+217
| | | | | | | | | | | | | meaningful message if a HTTP/HTTPS relay closes the connection for some reason. for example, a "403 Forbidden" if the request was rejected by a filter. this will be enabled with the "return error" option and is disabled by default, the standard behaviour is to silently drop the connection; the browser may display an empty page in this case. the look+feel of the HTTP error page can be customized with a CSS style sheet, but we do not intend to allow customization of the error page contents (hoststated is not a webserver!). ok pyr@
* Allow overriding the global interval in a table.pyr2007-11-204-5/+25
| | | | | Table specific intervals must be multiples of the global interval. help and ok reyk@
* another fix to handle "expect" and "filter" actions in the new stylereyk2007-11-201-9/+8
| | | | | | correctly. ok pyr@
* bump table name size.pyr2007-11-201-2/+2
| | | | ok reyk@
* spacingreyk2007-11-201-3/+1
|
* minor change to some relay log messagesreyk2007-11-201-6/+6
|
* spacingreyk2007-11-197-27/+28
|
* knf (replace some ';;' with a single ';')reyk2007-11-192-6/+6
|
* rework the internal handling of protocol actions a little bit:reyk2007-11-194-171/+247
| | | | | | | | | | | | - allow to use a key for multiple times by appending a queue of additional matches to the tree node. for example, this allows to specify multiple "expect" or "filter" actions to white-/black-list a list of HTTP-headers, URLs, .. - prevent specifing an HTTP header for multiple times when using the expect action. - minor code shuffling
* always enable "late connect" relay mode if an "expect" or "filter"reyk2007-11-191-1/+3
| | | | | | action has been specified for the protocol. late connect mode first reads the complete request (HTTP header) before opening the inbound connection instead of relaying it line-by-line.
* move repeated code to cleanup a protocol tree into a function.reyk2007-11-191-22/+19
|
* Do not insert proto_default inside the dynamically alloced protocol queue.pyr2007-11-153-10/+16
| | | | | Handle it as a special case in the one place where it actually matters instead.
* reset global variables everytime we enter parse_config.pyr2007-11-141-1/+7
|
* do go through relays when none exist.pyr2007-11-141-2/+7
|
* add some sanity, that will be useful later on.pyr2007-11-141-2/+6
|
* make protos dynamic toopyr2007-11-143-13/+15
|
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.