diff options
| -rw-r--r-- | config/haproxy-devel/haproxy.inc | 16 | ||||
| -rw-r--r-- | config/haproxy-devel/haproxy.xml | 5 | ||||
| -rwxr-xr-x | config/haproxy-devel/haproxy_global.php | 56 | ||||
| -rw-r--r-- | config/haproxy-devel/haproxy_listeners_edit.php | 16 | ||||
| -rw-r--r-- | config/haproxy-devel/haproxy_stats.php | 5 | ||||
| -rw-r--r-- | config/xsl/package.xsl | 11 |
6 files changed, 80 insertions, 29 deletions
diff --git a/config/haproxy-devel/haproxy.inc b/config/haproxy-devel/haproxy.inc index 9b2b5838..bde2cace 100644 --- a/config/haproxy-devel/haproxy.inc +++ b/config/haproxy-devel/haproxy.inc @@ -189,7 +189,7 @@ function haproxy_custom_php_install_command() { name="haproxy" rcvar=`set_rcvar` -command="/usr/local/bin/haproxy" +command="/usr/pbi/haproxy-devel-`uname -m`/sbin/haproxy" haproxy_enable=\${haproxy-"YES"} start_cmd="haproxy_start" @@ -730,7 +730,8 @@ function haproxy_writeconf($configpath) { fwrite ($fd, "\tbind 127.0.0.1:$localstatsport\n"); fwrite ($fd, "\tmode http\n"); fwrite ($fd, "\tstats enable\n"); - fwrite ($fd, "\tstats refresh 10\n"); + if (is_numeric($a_global['localstats_refreshtime'])) + fwrite ($fd, "\tstats refresh {$a_global['localstats_refreshtime']}\n"); fwrite ($fd, "\tstats admin if TRUE\n"); fwrite ($fd, "\tstats uri /haproxy_stats.php?haproxystats=1\n"); fwrite ($fd, "\ttimeout client 5000\n"); @@ -1128,6 +1129,17 @@ function load_ipfw_rules() { mwexec("/sbin/ipfw -x $ipfw_zone_haproxy -q {$g['tmp_path']}/ipfw_{$ipfw_zone_haproxy}.haproxy.rules", true); } +function haproxy_plugin_carp($pluginparams) { + // called by pfSense when a CARP interface changes its state (called multiple times when multiple interfaces change state) + // $pluginparams['type'] always 'carp' + // $pluginparams['event'] either 'rc.carpmaster' or 'rc.carpbackup' + // $pluginparams['interface'] contains the affected interface + $type = $pluginparams['type']; + $event = $pluginparams['event']; + $interface = $pluginparams['interface']; + haproxy_check_run(0); +} + function haproxy_check_run($reload) { global $config, $g, $haproxy_run_message; diff --git a/config/haproxy-devel/haproxy.xml b/config/haproxy-devel/haproxy.xml index bbc32575..bf1430b8 100644 --- a/config/haproxy-devel/haproxy.xml +++ b/config/haproxy-devel/haproxy.xml @@ -58,6 +58,11 @@ <executable>haproxy</executable> <description>The Reliable, High Performance TCP/HTTP Load Balancer</description> </service> + <plugins> + <item> + <type>plugin_carp</type> + </item> + </plugins> <configpath>installedpackages->haproxy->config</configpath> <additional_files_needed> <prefix>/usr/local/pkg/</prefix> diff --git a/config/haproxy-devel/haproxy_global.php b/config/haproxy-devel/haproxy_global.php index 8264558f..4e8a5e40 100755 --- a/config/haproxy-devel/haproxy_global.php +++ b/config/haproxy-devel/haproxy_global.php @@ -36,6 +36,8 @@ require_once("haproxy_utils.inc"); require_once("globals.inc"); require_once("pkg_haproxy_tabs.inc"); +$simplefields = array('localstats_refreshtime','localstats_sticktable_refreshtime'); + if (!is_array($config['installedpackages']['haproxy'])) $config['installedpackages']['haproxy'] = array(); @@ -68,7 +70,13 @@ if ($_POST) { $input_errors[] = "The maximum number of connections should be numeric."; if ($_POST['localstatsport'] && (!is_numeric($_POST['localstatsport']))) - $input_errors[] = "The local stats port should be numeric."; + $input_errors[] = "The local stats port should be numeric or empty."; + + if ($_POST['localstats_refreshtime'] && (!is_numeric($_POST['localstats_refreshtime']))) + $input_errors[] = "The local stats refresh time should be numeric or empty."; + + if ($_POST['localstats_sticktable_refreshtime'] && (!is_numeric($_POST['localstats_sticktable_refreshtime']))) + $input_errors[] = "The local stats sticktable refresh time should be numeric or empty."; /*if($_POST['synchost1'] && !is_ipaddr($_POST['synchost1'])) $input_errors[] = "Synchost1 needs to be an IPAddress."; @@ -93,6 +101,8 @@ if ($_POST) { $config['installedpackages']['haproxy']['localstatsport'] = $_POST['localstatsport'] ? $_POST['localstatsport'] : false; $config['installedpackages']['haproxy']['advanced'] = $_POST['advanced'] ? base64_encode($_POST['advanced']) : false; $config['installedpackages']['haproxy']['nbproc'] = $_POST['nbproc'] ? $_POST['nbproc'] : false; + foreach($simplefields as $stat) + $config['installedpackages']['haproxy'][$stat] = $_POST[$stat]; touch($d_haproxyconfdirty_path); write_config(); } @@ -114,6 +124,8 @@ $pconfig['carpdev'] = $config['installedpackages']['haproxy']['carpdev']; $pconfig['localstatsport'] = $config['installedpackages']['haproxy']['localstatsport']; $pconfig['advanced'] = base64_decode($config['installedpackages']['haproxy']['advanced']); $pconfig['nbproc'] = $config['installedpackages']['haproxy']['nbproc']; +foreach($simplefields as $stat) + $pconfig[$stat] = $config['installedpackages']['haproxy'][$stat]; // defaults if (!$pconfig['logfacility']) @@ -199,11 +211,17 @@ function enable_change(enable_change) { </table> Sets the maximum per-process number of concurrent connections to X.<br/> <strong>NOTE:</strong> setting this value too high will result in HAProxy not being able to allocate enough memory.<br/> + <p> <?php $memusage = trim(`ps auxw | grep haproxy | grep -v grep | awk '{ print $5 }'`); if($memusage) - echo "<p>Current memory usage: {$memusage} K.</p>"; + echo "Current memory usage: <b>{$memusage} kB.</b><br/>"; ?> + Current <a href='/system_advanced_sysctl.php'>'System Tunables'</a> settings.<br/> + 'kern.maxfiles': <b><?=`sysctl kern.maxfiles | awk '{ print $2 }'`?></b><br/> + 'kern.maxfilesperproc': <b><?=`sysctl kern.maxfilesperproc | awk '{ print $2 }'`?></b><br/> + </p> + Full memory usage will only show after all connections have actually been used. </td><td> <table style="border: 1px solid #000;"> <tr> @@ -216,23 +234,29 @@ function enable_change(enable_change) { </td> </tr> <tr> - <td align="right"><font size=-1>999</font></td> - <td><font size=-1>1888K</font></td> + <td align="right"><font size=-1>1</font></td> + <td><font size=-1>50 kB</font></td> </tr> <tr> - <td align="right"><font size=-1>99999</font></td> - <td><font size=-1>8032K</font></td> + <td align="right"><font size=-1>1.000</font></td> + <td><font size=-1>48 MB</font></td> </tr> <tr> - <td align="right"><font size=-1>999999</font></td> - <td><font size=-1>50016K</font></td> + <td align="right"><font size=-1>10.000</font></td> + <td><font size=-1>488 MB</font></td> </tr> <tr> - <td align="right"><font size=-1>9999999</font></td> - <td><font size=-1>467M</font></td> + <td align="right"><font size=-1>100.000</font></td> + <td><font size=-1>4,8 GB</font></td> + </tr> + <tr> + <td colspan="2" style="white-space: nowrap"><font size=-2>Calculated for plain HTTP connections,<br/>using ssl offloading will increase this.</font></td> </tr> </table> </td></tr></table> + When setting a high amount of allowed simultaneous connections you will need to add and or increase the following two <b><a href='/system_advanced_sysctl.php'>'System Tunables'</a></b> kern.maxfiles and kern.maxfilesperproc. + For HAProxy alone set these to at least the number of allowed connections * 2 + 31. So for 100.000 connections these need to be 200.031 or more to avoid trouble, take into account that handles are also used by other processes when setting kern.maxfiles. + <br/> </td> </tr> <tr> @@ -352,6 +376,18 @@ function enable_change(enable_change) { </td> </tr> <tr> + <td width="22%" valign="top" class="vncell">Internal stats refresh rate</td> + <td class="vtable"> + <input name="localstats_refreshtime" type="text" <?if(isset($pconfig['localstats_refreshtime'])) echo "value=\"{$pconfig['localstats_refreshtime']}\"";?> size="10" maxlength="5" /> Seconds, Leave this setting empty to not refresh the page automatically. EXAMPLE: 10 + </td> + </tr> + <tr> + <td width="22%" valign="top" class="vncell">Sticktable page refresh rate</td> + <td class="vtable"> + <input name="localstats_sticktable_refreshtime" type="text" <?if(isset($pconfig['localstats_sticktable_refreshtime'])) echo "value=\"{$pconfig['localstats_sticktable_refreshtime']}\"";?> size="10" maxlength="5" /> Seconds, Leave this setting empty to not refresh the page automatically. EXAMPLE: 10 + </td> + </tr> + <tr> <td colspan="2" valign="top" class="listtopic">Global Advanced pass thru</td> </tr> <tr> diff --git a/config/haproxy-devel/haproxy_listeners_edit.php b/config/haproxy-devel/haproxy_listeners_edit.php index bd0f93d5..3ea72274 100644 --- a/config/haproxy-devel/haproxy_listeners_edit.php +++ b/config/haproxy-devel/haproxy_listeners_edit.php @@ -80,6 +80,12 @@ if (isset($_GET['dup'])) $id = get_frontend_id($id); +if (!is_numeric($id)) +{ + //default value for new items. + $pconfig['ssloffloadacl'] = "yes"; +} + $servercerts = get_certificates_server(); $fields_sslCertificates=array(); @@ -227,17 +233,13 @@ $pfSversion = str_replace("\n", "", file_get_contents("/etc/version")); if(strstr($pfSversion, "1.2")) $one_two = true; -if (!$id) -{ - //default value for new items. - $pconfig['ssloffloadacl'] = "yes"; -} - $closehead = false; $pgtitle = "HAProxy: Frontend: Edit"; include("head.inc"); -$primaryfrontends = get_haproxy_frontends($pconfig['name']); +if (!isset($_GET['dup'])) + $excludefrontend = $pconfig['name']; +$primaryfrontends = get_haproxy_frontends($excludefrontend); $interfaces = haproxy_get_bindable_interfaces(); ?> diff --git a/config/haproxy-devel/haproxy_stats.php b/config/haproxy-devel/haproxy_stats.php index 8ad04c92..752bd8d7 100644 --- a/config/haproxy-devel/haproxy_stats.php +++ b/config/haproxy-devel/haproxy_stats.php @@ -65,7 +65,8 @@ if (isset($_GET['haproxystats']) || isset($_GET['scope']) || (isset($_POST) && i } require_once("guiconfig.inc"); if (isset($_GET['showsticktablecontent'])){ - header("Refresh: 2"); + if (is_numeric($pconfig['localstats_sticktable_refreshtime'])) + header("Refresh: {$pconfig['localstats_sticktable_refreshtime']}"); } $shortcut_section = "haproxy"; require_once("haproxy.inc"); @@ -163,7 +164,7 @@ include("head.inc"); if (isset($_GET['showsticktablecontent'])){ $sticktablename = $_GET['showsticktablecontent']; echo "<td colspan='2'>"; - echo "TESTJe<br/>"; + echo "Contents of the sticktable: $sticktablename<br/>"; $res = haproxy_socket_command("show table $sticktablename"); foreach($res as $line){ echo "<br/>".print_r($line,true); diff --git a/config/xsl/package.xsl b/config/xsl/package.xsl index 933cc700..947a9324 100644 --- a/config/xsl/package.xsl +++ b/config/xsl/package.xsl @@ -4,7 +4,8 @@ /* ========================================================================== */ /* package.xsl - part of pfSense (http://www.pfSense.com) + part of pfSense (https://www.pfsense.org) + Copyright (C) 2004-2014 Electric Sheep Fencing, LLC Copyright (C) 2007 Daniel S. Haischt <me@daniel.stefan.haischt.name> All rights reserved. @@ -68,7 +69,6 @@ <meta name="DC.rights" content="All rights reserved" /> <meta http-equiv="Keywords" content="bsd license, altq, traffic shaping, packet, rule, Linux, OpenBSD, DragonFlyBSD, freebsd 5.3, vpn, stateful failover, carp, packet filter, m0n0wall, firewall" /> <style type="text/css"> - @import url('http://www.pfsense.com/assets/site/style.css'); </style> <script type="text/javascript" language="utf-8"> //<![CDATA[ @@ -148,16 +148,14 @@ <table style="width: 802px; text-align: left; margin-left: auto; margin-right: auto;" border="0" cellpadding="0" cellspacing="0"> <tbody> <tr> - <td style="background-image: url(http://www.pfsense.com/assets/images/header1.gif); width: 811px; text-align: left; vertical-align: bottom; background-color: transparent; height: 65px;"></td> </tr> <tr> - <td style="background-image: url(http://www.pfsense.com/assets/images/header2.gif); height: 25px; width: 802px;"> <font color="#ffffff"><span class="headers"></span></font> </td> </tr> <tr> <td> - <table style="background-image: url(http://www.pfsense.com/assets/images/horizontal.gif); text-align: left; width: 802px;" border="0" cellpadding="0" cellspacing="0"> + <table style="text-align: left; width: 802px;" border="0" cellpadding="0" cellspacing="0"> <tbody> <tr> <td style="width: 200px; text-align: center; vertical-align: top;"> @@ -168,7 +166,6 @@ </tr> <tr style="padding: 0px; margin: 0px;"> <td height="100%" align="left" valign="top" class="navigation" style="padding: 0px; margin: 0px;"> - <img src="http://www.pfsense.com/manager/media/images/_tx_.gif" alt="" height="4" /> <br /> <a href='#' id="infoa" onclick="toggleContentItem('info-div');">Info</a> <a href='#' id="licensea" onclick="toggleContentItem('license-div');">License</a> @@ -182,7 +179,6 @@ <a href='#' id="rsynca" onclick="toggleContentItem('rsync-div');">custom_php_resync_config_command</a> <a href='#' id="installa" onclick="toggleContentItem('install-div');">custom_php_install_command</a> <a href='#' id="deinstalla" onclick="toggleContentItem('deinstall-div');">custom_php_deinstall_command</a> - <img src="http://www.pfsense.com/manager/media/images/_tx_.gif" height="4" alt="" /> </td> </tr> </tbody> @@ -300,7 +296,6 @@ </td> </tr> <tr style="color: rgb(255, 255, 255);"> - <td style="background-image: url(http://www.pfsense.com/assets/images/footer.gif); width: 802px; height: 60px; text-align: center; vertical-align: middle;"> pfSense is Copyright 2004-2014 Electric Sheep Fencing LLC. All Rights Reserved. <br /> </td> |