=================================================================== RCS file: /cvsrepo/anoncvs/cvs/src/etc/Attic/relayd.conf,v retrieving revision 1.10 retrieving revision 1.11 diff -u -r1.10 -r1.11 --- src/etc/Attic/relayd.conf 2007/12/07 17:17:00 1.10 +++ src/etc/Attic/relayd.conf 2007/12/08 17:07:08 1.11 @@ -1,4 +1,4 @@ -# $OpenBSD: relayd.conf,v 1.10 2007/12/07 17:17:00 reyk Exp $ +# $OpenBSD: relayd.conf,v 1.11 2007/12/08 17:07:08 reyk Exp $ # # Macros # @@ -17,37 +17,26 @@ # # Each table will be mapped to a pf table. # -table webhosts { - real port http - check http "/" code 200 - host $webhost1 - host $webhost2 -} +table { $webhost1 $webhost2 } +table { 127.0.0.1 } -table fallback { - real port http - check icmp - host 127.0.0.1 -} - # # Services will be mapped to a rdr rule. # -service www { - virtual host $ext_addr port http interface trunk0 +redirect www { + listen on $ext_addr port http interface trunk0 # tag every packet that goes thru the rdr rule with RELAYD tag RELAYD - table webhosts - backup table fallback + forward to check http "/" code 200 + forward to check icmp } # # Relay and protocol for HTTP layer 7 loadbalancing and SSL acceleration # -protocol httpssl { - protocol http +http protocol httpssl { header append "$REMOTE_ADDR" to "X-Forwarded-For" header append "$SERVER_ADDR:$SERVER_PORT" to "X-Forwarded-By" header change "Connection" to "close" @@ -65,15 +54,14 @@ protocol httpssl # Forward to hosts in the webhosts table using a src/dst hash - table webhosts loadbalance + forward to port http mode loadbalance \ + check http "/" code 200 } # # Relay and protocol for simple TCP forwarding on layer 7 # -protocol sshtcp { - protocol tcp - +tcp protocol sshtcp { # The TCP_NODELAY option is required for "smooth" terminal sessions tcp nodelay } @@ -90,9 +78,7 @@ # # Relay and protocol for a transparent HTTP proxy # -protocol httpfilter { - protocol http - +http protocol httpfilter { # Return HTTP/HTML error pages to the client return error @@ -115,5 +101,5 @@ protocol httpfilter # Forward to the original target host - nat lookup + forward to nat lookup }