diff --git a/src/etc/relayd.conf b/src/etc/relayd.conf index c70e08d4..e43c8acd 100644 --- a/src/etc/relayd.conf +++ b/src/etc/relayd.conf @@ -1,4 +1,4 @@ -# $OpenBSD: relayd.conf,v 1.10 2007/12/07 17:17:00 reyk Exp $ +# $OpenBSD: relayd.conf,v 1.11 2007/12/08 17:07:08 reyk Exp $ # # Macros # @@ -17,37 +17,26 @@ sshhost1="10.0.0.3" # # Each table will be mapped to a pf table. # -table webhosts { - real port http - check http "/" code 200 - host $webhost1 - host $webhost2 -} - -table fallback { - real port http - check icmp - host 127.0.0.1 -} +table { $webhost1 $webhost2 } +table { 127.0.0.1 } # # Services will be mapped to a rdr rule. # -service www { - virtual host $ext_addr port http interface trunk0 +redirect www { + listen on $ext_addr port http interface trunk0 # tag every packet that goes thru the rdr rule with RELAYD tag RELAYD - table webhosts - backup table fallback + forward to check http "/" code 200 + forward to check icmp } # # Relay and protocol for HTTP layer 7 loadbalancing and SSL acceleration # -protocol httpssl { - protocol http +http protocol httpssl { header append "$REMOTE_ADDR" to "X-Forwarded-For" header append "$SERVER_ADDR:$SERVER_PORT" to "X-Forwarded-By" header change "Connection" to "close" @@ -65,15 +54,14 @@ relay wwwssl { protocol httpssl # Forward to hosts in the webhosts table using a src/dst hash - table webhosts loadbalance + forward to port http mode loadbalance \ + check http "/" code 200 } # # Relay and protocol for simple TCP forwarding on layer 7 # -protocol sshtcp { - protocol tcp - +tcp protocol sshtcp { # The TCP_NODELAY option is required for "smooth" terminal sessions tcp nodelay } @@ -90,9 +78,7 @@ relay sshgw { # # Relay and protocol for a transparent HTTP proxy # -protocol httpfilter { - protocol http - +http protocol httpfilter { # Return HTTP/HTML error pages to the client return error @@ -115,5 +101,5 @@ relay httpproxy { protocol httpfilter # Forward to the original target host - nat lookup + forward to nat lookup }