Bring in relayd to perform server load balancing

Move gateway load balancing code into gwlb.inc - still uses slbd

TODO: vs and pool status screens are currently broken...and wouldn't work
      with the gateway pools anyway, ultimately, the gateway pools need
      to move.

7 files changed, 225 insertions, 148 deletions

diff --git a/etc/inc/config.inc b/etc/inc/config.inc
index b4f4eab..6ac373c 100644
--- a/etc/inc/config.inc
+++ b/etc/inc/config.inc
@@ -1225,6 +1225,41 @@ function convert_config() {
                 $config['version'] = "4.5";
         }
 
+	/* Upgrade load balancer from slb to relayd */
+        /* Convert 4.5 -> 4.6 */
+        if ($config['version'] <= 4.5) {
+                if (is_array($config['load_balancer']['virtual_server']) && count($config['load_balancer']['virtual_server'])) {
+			$vs_a = &$config['load_balancer']['virtual_server'];
+			$pool_a = &$config['load_balancer']['lbpool'];
+			$pools = array();
+			/* Index pools by name */
+			if(is_array($pool_a)) {
+				for ($i = 0; isset($pool_a[$i]); $i++) {
+					if ($pool_a[$i]['type'] == "server") {
+						$pools[$pool_a[$i]['name']] = $pool_a[$i];
+					}
+				}
+			}
+			/* Convert sitedown entries to pools and re-attach */
+			for ($i = 0; isset($vs_a[$i]); $i++) {
+				if (isset($vs_a[$i]['sitedown'])) {
+					$pool = array();
+					$pool['type'] = 'server';
+					$pool['behaviour'] = 'balance';
+					$pool['name'] = "{$vs_a[$i]['name']}-sitedown";
+					$pool['desc'] = "Sitedown pool for VS: {$vs_a[$i]['name']}";
+					$pool['port'] = $pools[$vs_a[$i]['pool']]['port'];
+					$pool['servers'] = array();
+					$pool['servers'][] = $vs_a[$i]['sitedown'];
+					$pool['monitor'] = $pools[$vs_a[$i]['pool']]['monitor'];
+					$pool_a[] = $pool;
+					$vs_a[$i]['sitedown'] = $pool['name'];
+				}
+			}
+                }
+                $config['version'] = "4.6";
+        }
+
 	if ($prev_version != $config['version'])
 		write_config("Upgraded config version level from {$prev_version} to {$config['version']}");
 }
diff --git a/etc/inc/filter.inc b/etc/inc/filter.inc
index 0a7ee2b..7265ffb 100644
--- a/etc/inc/filter.inc
+++ b/etc/inc/filter.inc
@@ -987,6 +987,8 @@ function filter_nat_rules_generate() {
 	/* load balancer anchor */
 	$natrules .= "\n# Load balancing anchor - slbd updates\n";
 	$natrules .= "rdr-anchor \"slb\"\n";
+        $natrules .= "rdr-anchor \"relayd/*\"\n";
+
 
 	update_filter_reload_status("Setting up FTP helper");
 
@@ -2396,6 +2398,9 @@ function filter_rules_generate() {
 	/* ftp-sesame */
 	$ipfrules .= "anchor \"ftpsesame/*\" \n";
 
+	/* relayd */
+        $ipfrules .= "anchor \"relayd/*\"\n";
+
 	# BEGIN OF firewall rules
 	$ipfrules .= "anchor \"firewallrules\"\n";
 
diff --git a/etc/inc/functions.inc b/etc/inc/functions.inc
index ded7c77..8415def 100644
--- a/etc/inc/functions.inc
+++ b/etc/inc/functions.inc
@@ -81,6 +81,7 @@ require_once("pfsense-utils.inc");
 require_once("util.inc");
 require_once("vpn.inc");
 require_once("vslb.inc");
+require_once("gwlb.inc");
 require_once("notices.inc");
 
 ?>
\ No newline at end of file
diff --git a/etc/inc/globals.inc b/etc/inc/globals.inc
index 009ce9c..ec5733a 100644
--- a/etc/inc/globals.inc
+++ b/etc/inc/globals.inc
@@ -60,7 +60,7 @@ $g = array(
     "n_pppoe_units" => 16, /* this value can be overriden in pppoe->n_pppoe_units */
     "pppoe_subnet" => 28,  /* this value can be overriden in pppoe->pppoe_subnet  */
     "debug" => false,
-    "latest_config" => "4.5",
+    "latest_config" => "4.6",
     "nopkg_platforms" => array("cdrom"),
 	"minimum_ram_warning" => "115",
 	"minimum_ram_warning_text" => "128 megabytes",
diff --git a/etc/inc/gwlb.inc b/etc/inc/gwlb.inc
new file mode 100644
index 0000000..b0d4bd7
--- /dev/null
+++ b/etc/inc/gwlb.inc
@@ -0,0 +1,117 @@
+<?php
+/* $Id$ */
+/*
+  Copyright (C) 2008 Bill Marquette
+  All rights reserved.
+
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions are met:
+
+1. Redistributions of source code must retain the above copyright notice,
+  this list of conditions and the following disclaimer.
+
+  2. Redistributions in binary form must reproduce the above copyright
+  notice, this list of conditions and the following disclaimer in the
+  documentation and/or other materials provided with the distribution.
+
+  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+  INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+  AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+  AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+  OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+  POSSIBILITY OF SUCH DAMAGE.
+
+  */
+
+/* include all configuration functions */
+require_once("functions.inc");
+require_once("pkg-utils.inc");
+require_once("notices.inc");
+
+function slbd_configure() {
+  global $config, $g;
+
+  $a_vs = &$config['load_balancer']['virtual_server'];
+  $a_pool = &$config['load_balancer']['lbpool'];
+
+  $should_start=0;
+
+  $fd = fopen("{$g['varetc_path']}/slbd.conf", "w");
+
+  /* Gateway Pools */
+  if(is_array($a_pool)) {
+    foreach ($a_pool as $vspool) {
+      if ($vspool['type'] != "gateway")
+        continue;
+
+      if ($vspool['desc'] == "")
+        $slbdconf .= "{$vspool['name']}:\\\n";
+      else
+        $slbdconf .= "{$vspool['name']}|{$vspool['desc']}:\\\n";
+
+      /* pool name */
+      $slbdconf .= "\t:poolname={$vspool['name']}:\\\n";
+      /* remove pool status files so we don't end up with a mismatch */
+      if(file_exists("{$g['tmp_path']}/{$vspool['name']}.pool"))
+        unlink("{$g['tmp_path']}/{$vspool['name']}.pool");
+      /* virtual IP */
+      $slbdconf .= "\t:vip=127.0.0.1:\\\n";
+      $slbdconf .= "\t:vip-port=666:\\\n";
+      /* fallback IP */
+      $slbdconf .= "\t:sitedown=127.0.0.1:\\\n";
+      /* fallback port */
+      $slbdconf .= "\t:sitedown-port=666:\\\n";
+
+      $svrcnt = 0;
+      $svrtxt = "";
+      if($vspool['servers'])
+      foreach ($vspool['servers'] as $lbsvr) {
+        $lbsvr_split=split("\|", $lbsvr);
+        $svrtxt .= "\t:{$svrcnt}={$lbsvr_split[1]}:\\\n";
+        $svrcnt++;
+
+        /* Add static routes to the monitor IPs */
+        $int = convert_friendly_interface_to_real_interface_name($lbsvr_split[0]);
+        $gateway = get_interface_gateway($int);
+        $int_ip = find_interface_ip($int);
+        if($int_ip == "0.0.0.0") {
+          /*   DHCP Corner case.  If DHCP is down, we delete the route then
+            *   there is a chance the monitor ip gateway will go out the link
+            *   that is up.
+            */
+          mwexec("/sbin/route delete -host {$lbsvr_split[1]} 1>/dev/null 2>&1");
+          mwexec("/sbin/route add -host {$lbsvr_split[1]} 127.0.0.1 1> /dev/null 2>&1");
+        } else {
+          mwexec("/sbin/route delete -host {$lbsvr_split[1]} 1>/dev/null 2>&1");
+          mwexec("/sbin/route add -host {$lbsvr_split[1]} {$gateway} 1> /dev/null 2>&1");					
+        }
+      }
+      $slbdconf .= "\t:service-port=666:\\\n";
+      $slbdconf .= "\t:method=round-robin:\\\n";
+      $slbdconf .= "\t:services={$svrcnt}:\\\n";
+      $slbdconf .= $svrtxt;
+
+      $slbdconf .= "\t:ping:\n";
+
+      $should_start=1;
+    }
+  }
+
+  if($should_start == 1) {
+    fwrite($fd, $slbdconf);
+    fclose($fd);
+    mwexec("/usr/bin/killall -9 slbd");
+    sleep(2);
+    /* startup slbd pointing it's config at /var/etc/slbd.conf with a polling interval of 5 seconds */
+    mwexec("/usr/local/sbin/slbd -c{$g['varetc_path']}/slbd.conf -r5000");
+  } else {
+    mwexec("/usr/bin/killall -9 slbd");
+    fclose($fd);
+  }
+}
+
+?>
\ No newline at end of file
diff --git a/etc/inc/vslb.inc b/etc/inc/vslb.inc
index bd19244..cc7232b 100644
--- a/etc/inc/vslb.inc
+++ b/etc/inc/vslb.inc
@@ -1,165 +1,83 @@
 <?php
 /* $Id$ */
 /*
-	vslb.inc
-    Copyright (C) 2005 Bill Marquette
-	All rights reserved.
+  vslb.inc
+  Copyright (C) 2005-2008 Bill Marquette
+  All rights reserved.
 
-	Redistribution and use in source and binary forms, with or without
-	modification, are permitted provided that the following conditions are met:
+  Redistribution and use in source and binary forms, with or without
+  modification, are permitted provided that the following conditions are met:
 
-	1. Redistributions of source code must retain the above copyright notice,
-	   this list of conditions and the following disclaimer.
+  1. Redistributions of source code must retain the above copyright notice,
+  this list of conditions and the following disclaimer.
 
-	2. Redistributions in binary form must reproduce the above copyright
-	   notice, this list of conditions and the following disclaimer in the
-	   documentation and/or other materials provided with the distribution.
+  2. Redistributions in binary form must reproduce the above copyright
+  notice, this list of conditions and the following disclaimer in the
+  documentation and/or other materials provided with the distribution.
 
-	THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
-	INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
-	AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
-	AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
-	OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
-	SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-	INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
-	CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
-	ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
-	POSSIBILITY OF SUCH DAMAGE.
+  THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+  INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+  AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+  AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,
+  OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
+  SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
+  INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
+  CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+  ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+  POSSIBILITY OF SUCH DAMAGE.
 
-*/
+ */
 
 /* include all configuration functions */
 require_once("functions.inc");
 require_once("pkg-utils.inc");
 require_once("notices.inc");
 
-function slbd_configure() {
-	global $config, $g;
-	
-	$a_vs = &$config['load_balancer']['virtual_server'];
-	$a_pool = &$config['load_balancer']['lbpool'];
+function relayd_configure() {
+  global $config, $g;
+
+  $vs_a = &$config['load_balancer']['virtual_server'];
+  $pool_a = &$config['load_balancer']['lbpool'];
+
+  $fd = fopen("{$g['varetc_path']}/relayd.conf", "w");
+
+  /* reindex pools by name as we loop through the pools array */
+  $pools = array();
+  /* Virtual server pools */
+  if(is_array($pool_a)) {
+    for ($i = 0; isset($pool_a[$i]); $i++) {
+      /* Don't deal with gateway pools */
+      if ($pool_a[$i]['type'] == "gateway")
+        continue;
+      
+      if(is_array($pool_a[$i]['servers'])) {
+        $srvtxt = implode(", ", $pool_a[$i]['servers']);
+        $conf .= "table <{$pool_a[$i]['name']}> { $srvtxt }\n";
+        /* Index by name for easier fetching when we loop through the virtual servers */
+        $pools[$pool_a[$i]['name']] = $pool_a[$i];
+      }
+    }
+  }
+
+  if(is_array($vs_a)) {
+    for ($i = 0; isset($vs_a[$i]); $i++) {
+      $conf .= "redirect \"{$vs_a[$i]['name']}\" {\n";
+      $conf .= "  listen on {$vs_a[$i]['ipaddr']} port {$vs_a[$i]['port']}\n";
+      $conf .= "  forward to <{$vs_a[$i]['pool']}> port {$pools[$vs_a[$i]['pool']]['port']} check tcp\n";
+      /* XXX - this needs to use the backup pool aka sitedown - but that isn't converted yet */
+      if (isset($vs_a[$i]['sitedown']))
+        $conf .= "  forward to <{$vs_a[$i]['sitedown']}> port {$pools[$vs_a[$i]['pool']]['port']} check tcp\n";
+      $conf .= "}\n";
+    }
+  }
+  fwrite($fd, $conf);
+  fclose($fd);
+
+  if (is_process_running('/usr/local/sbin/relayd')) {
+    mwexec('/usr/local/bin/relayctl stop');
+  }
+  mwexec("/usr/local/sbin/relayd -f {$g['varetc_path']}/relayd.conf");
 
-	$should_start=0;
-
-	$fd = fopen("{$g['varetc_path']}/slbd.conf", "w");
-
-
-	/* Virtual server pools */
-	if(is_array($a_vs)) {
-		foreach ($a_vs as $vsent) {
-			if ($vsent['desc'] == "")
-				$slbdconf .= "{$vsent['name']}:\\\n";
-			else
-				$slbdconf .= "{$vsent['name']}|{$vsent['desc']}:\\\n";
-	
-			/* pool name */
-			$slbdconf .= "\t:poolname={$vsent['name']}:\\\n";
-			/* remove pool status files so we don't end up with a mismatch */
-			if(file_exists("{$g['tmp_path']}/{$vsent['name']}.pool"))
-				unlink("{$g['tmp_path']}/{$vsent['name']}.pool");
-			/* virtual IP */
-			$slbdconf .= "\t:vip={$vsent['ipaddr']}:\\\n";
-			/* virtual port */
-			$slbdconf .= "\t:vip-port={$vsent['port']}:\\\n";
-			if($vsent['port'] <> "" and $vsent['sitedown'] <> "") {
-				/* fallback IP */
-				$slbdconf .= "\t:sitedown={$vsent['sitedown']}:\\\n";
-				/* fallback port */
-				$slbdconf .= "\t:sitedown-port={$vsent['port']}:\\\n";
-			}
-			for ($i = 0; isset($config['load_balancer']['lbpool'][$i]); $i++) {
-				if ($config['load_balancer']['lbpool'][$i]['name'] == $vsent['pool']) {
-					$svrcnt = 0;
-					$svrtxt = "";
-					$svrtxt = "\t:service-port={$config['load_balancer']['lbpool'][$i]['port']}:\\\n";
-					if($config['load_balancer']['lbpool'])
-						if(is_array($config['load_balancer']['lbpool'][$i]['servers']))
-							foreach ($config['load_balancer']['lbpool'][$i]['servers'] as $lbsvr) {
-								$svrtxt .= "\t:{$svrcnt}={$lbsvr}:\\\n";
-								$svrcnt++;
-							}
-					$slbdconf .= "\t:method=round-robin:\\\n";
-					$slbdconf .= "\t:services={$svrcnt}:\\\n";
-					$slbdconf .= $svrtxt;
-				}
-			}
-			
-			$slbdconf .= "\t:tcppoll:send=:expect=:\n";
-			
-			$should_start=1;
-		}
-	}
-
-	/* Gateway Pools */
-	if(is_array($a_pool)) {
-		foreach ($a_pool as $vspool) {
-			if ($vspool['type'] != "gateway")
-				continue;
-
-			if ($vspool['desc'] == "")
-				$slbdconf .= "{$vspool['name']}:\\\n";
-			else
-				$slbdconf .= "{$vspool['name']}|{$vspool['desc']}:\\\n";
-	
-			/* pool name */
-			$slbdconf .= "\t:poolname={$vspool['name']}:\\\n";
-			/* remove pool status files so we don't end up with a mismatch */
-			if(file_exists("{$g['tmp_path']}/{$vspool['name']}.pool"))
-				unlink("{$g['tmp_path']}/{$vspool['name']}.pool");
-			/* virtual IP */
-			$slbdconf .= "\t:vip=127.0.0.1:\\\n";
-			$slbdconf .= "\t:vip-port=666:\\\n";
-			/* fallback IP */
-			$slbdconf .= "\t:sitedown=127.0.0.1:\\\n";
-			/* fallback port */
-			$slbdconf .= "\t:sitedown-port=666:\\\n";
-
-			$svrcnt = 0;
-			$svrtxt = "";
-			if($vspool['servers'])
-			foreach ($vspool['servers'] as $lbsvr) {
-				$lbsvr_split=split("\|", $lbsvr);
-				$svrtxt .= "\t:{$svrcnt}={$lbsvr_split[1]}:\\\n";
-				$svrcnt++;
-
-				/* Add static routes to the monitor IPs */
-				$int = convert_friendly_interface_to_real_interface_name($lbsvr_split[0]);
-				$gateway = get_interface_gateway($int);
-				$int_ip = find_interface_ip($int);
-				if($int_ip == "0.0.0.0") {
-					/*   DHCP Corner case.  If DHCP is down, we delete the route then
-					 *   there is a chance the monitor ip gateway will go out the link
-					 *   that is up.
-					 */
-					mwexec("/sbin/route delete -host {$lbsvr_split[1]} 1>/dev/null 2>&1");
-					mwexec("/sbin/route add -host {$lbsvr_split[1]} 127.0.0.1 1> /dev/null 2>&1");
-				} else {
-					mwexec("/sbin/route delete -host {$lbsvr_split[1]} 1>/dev/null 2>&1");
-					mwexec("/sbin/route add -host {$lbsvr_split[1]} {$gateway} 1> /dev/null 2>&1");					
-				}
-			}
-			$slbdconf .= "\t:service-port=666:\\\n";
-			$slbdconf .= "\t:method=round-robin:\\\n";
-			$slbdconf .= "\t:services={$svrcnt}:\\\n";
-			$slbdconf .= $svrtxt;
-			
-			$slbdconf .= "\t:ping:\n";
-			
-			$should_start=1;
-		}
-	}
-	
-	if($should_start == 1) {
-		fwrite($fd, $slbdconf);
-		fclose($fd);
-		mwexec("/usr/bin/killall -9 slbd");
-		sleep(2);
-		/* startup slbd pointing it's config at /var/etc/slbd.conf with a polling interval of 5 seconds */
-		mwexec("/usr/local/sbin/slbd -c{$g['varetc_path']}/slbd.conf -r5000");
-	} else {
-		mwexec("/usr/bin/killall -9 slbd");
-		fclose($fd);
-	}
 }
 
 ?>
\ No newline at end of file
diff --git a/etc/rc.bootup b/etc/rc.bootup
index 537f606..52a0d39 100755
--- a/etc/rc.bootup
+++ b/etc/rc.bootup
@@ -197,6 +197,7 @@
 	/* start load balancer daemon */
 	load_balancer_use_sticky();
 	slbd_configure();
+	relayd_configure();
 
 	/* start OpenVPN server & clients */
 	openvpn_resync_all();